2016-06-30
Excerpted from The Washington Monthly.

Judy Fischer was frustrated by how hard it can be to tell the good guys from the bad guys on the World Wide Web. So she decided to start an organization called the Web Assurance Bureau that would log consumer complaints and develop a seal of approval for ethical companies. After sketching her business plan, Fischer doled out $277 to a cheap online software dealer with a reputable-looking home page and a money-back guarantee.

The software soon arrived in the mail. But it didn't work. And the dealer that had sold it no longer existed. No web page, no address, no recourse for Fischer, and certainly no money back. She called the Federal Trade Commission (FTC), but no one knew where the company had gone, where it had come from, or, indeed, that it had ever existed. It had taken Fischer's money and vanished into cyberspace without leaving a footprint.

The driving logic of the Net has been to eliminate the middleman, like your doctor and the drugstore clerk. But informed, relatively disinterested middlemen are often central to consumer protection, and to eliminate them is to destroy an important safeguard. As one crafty scoundrel who had defrauded customers in an online auction wrote, "Ha Ha Ha Ha. All you people are really quite ridiculous. You make a deal via e-mail, never see the person, never speak with the person, and then get upset when you get ripped off. You must be a bunch of morons."

As one crafty scoundrel wrote, "Ha Ha Ha Ha. All you people are really quite ridiculous. You make a deal via e-mail, never see the person, never speak with the person, and then get upset when you get ripped off."

Although the Internet has made products cheaper and information more accessible, it can also extend society's lowest standards, from Matt Drudge's unsubstantiated mudslinging to fly-by-night software companies. Moreover, as the Net has become increasingly unruly and inscrutable, Congress and the Clinton administration have made little effort to protect consumers. After writing the report that shapes the central organizing principles for the Clinton administration on Internet issues, special adviser Ira Magaziner emphatically declared, "The Internet doesn't need government."

But it does. The Internet under Magaziner and Clinton's genial permissiveness would be like New York City without stoplights.

Perhaps the clearest way to see the threat that flat-out unregulated commerce poses to consumers is to log on to one of the nearly 400 drugstores that have appeared on the Internet in the past few years. Visiting many of these sites is like going to Tijuana, except better: You can get almost anything you want without having to worry about paying for the gas to drive to the border. Is your doctor reluctant to prescribe a pill that you just know you need? Log on, order, pop it in your mouth, and rock 'n' roll.

The Food, Drug and Cosmetic Act of 1938 requires that a patient consult a licensed doctor before getting a prescription filled, but, as with most laws, Internet companies can dodge it. Customers fill out a generic form online that some staff doctor looking for a little extra dough just has to rubber stamp: no physical exam, no waiting rooms, no blood tests.

Ideally, there would be a way to make these online drugstores follow the same rules in letter and in spirit as bricks-and-mortar stores. But trying to wrap current laws around the Internet is often like trying to put a gorilla into loafers. Laws are always tricky and somewhat subjective, and they get trickier when companies can relocate overseas with one click of the mouse. As became clear during congressional hearings last July, state governments and the FDA are often unable even to figure out the drug companies' e-mail addresses or location information.

And as it stands now, without any government regulation, even if the law could catch up to the drugstore cowboys, the culprits no doubt have maps to the virtual roads heading out of town. A devious Internet company doesn't have warehouses to pack up if the authorities start sniffing around. A simple command at a Unix prompt "rm -r www" can wipe out all evidence that it ever existed.

Cookie Monster

The Net has the ability to do more than sell us products that are harmful or make us buy things that we don't need. It can also take away our last shreds of privacy.

Many companies send out packets of information known as cookies when you visit their pages. These cookies attach themselves to your browser and then trigger information within the companies' databases on your next visit to their sites. There are advantages to this: If a page (like The New York Times site) requires a password for you to access its information, cookies are what allow you to visit again and again without having to retype your password each time.

A devious Internet company doesn't have warehouses to pack up if the authorities start sniffing around. A simple command at a Unix prompt can wipe out all evidence that it ever existed.

But cookies are also how, in the not-very-distant future, web pages will be able to cough up your shopping history, along with your astrological sign, hair color, and phone number. A company called DoubleClick has already compiled a database of 50 million people and is currently working to integrate these data with other companies (like L.L. Bean) that have long-running and extensive data series on specific customers.

According to privacy expert Jason Catlett, companies like DoubleClick will soon be "able to do some really scary things. For instance, say you're browsing a favorite web newspaper site, and you spend time reading an article on financial planning. Two minutes later, the telephone rings, and it's a guy trying to sell you life insurance. Companies will pay a lot of money for getting someone at the time when they might be receptive to their pitch."

Less sinister, but still thoroughly irritating, is the ease with which companies can get e-mail addresses and pummel recipients with untraceable, unwanted e-mail known as spam. But the government has done basically nothing at all--perhaps because congressional aides serve as middlemen, filtering out the junk e-mail flooding upon congressmen before it can irritate them. Ralph Nader's Consumer Project on Technology has advocated that all e-mail be tagged so that senders of spam can be identified. But, like all other consumer protection regulation for the Net, this bill is buried in a file on some congressman's desk, next to a coffee mug that hasn't been cleaned in three months. It wasn't put in the "urgent" folder, where so many of the bills to help large Internet companies (like the one protecting them from Y2K liabilities) have gone.

Let Them All Run Free

Elliott Maxwell, a senior adviser for the digital economy at the Department of Commerce, has felicitously said that he wants the Net to become "a clean, well-lighted place." The concept is a good one, but the administration's approach of complete private self-regulation is not.

The first principle of Magaziner's grand report of 1997, "A Framework for Global Electronic Commerce," begins: "The Internet should develop as a market-driven arena, not a regulated industry," and the report plunges on from there. The Internet is "changing classic business and economic paradigms." The administration "will encourage the creation of private forces to take the lead in areas requiring self-regulation such as privacy, content ratings, and consumer protection."

The first justification for this paean is the classic laissez faire mantra that private industry will self-regulate because it has a vested interest in doing so. Nothing would destroy Amazon.com faster than a large-scale onslaught of fraud on the Net. If people can't trust their credit card numbers, people won't buy books online. If enough people die from sub- (or non-) standard drugs from online drugstores, the customers left on their feet are going to race straight back to their neighborhood corner shops.

But as President Clinton's attempts at health care, environmental protection, and tobacco regulation have shown, self-interest has not been repealed, and freedom for the wolves is still death for the sheep. Private companies are not always going to serve the public interest; they're going to serve their private interest. Sometimes the two will overlap, sometimes not. As even the famous free marketer Adam Smith wrote in 1776, when people of "the same trade" meet together, inevitably "the conversation ends in a conspiracy against the public, or in some contrivance to raise prices."

Regulation

There are two primary ways for the government to regulate the Net. The first way is to try to restrict activity. Examples include a law mandating that every business disclose its full address and location information in large type on its home page or a law making it illegal to sell or exchange private credit information. The second way is to offer support for people online. Examples include publishing consumer tips online or offering subsidies to people like Judy Fischer who are trying to limit Net fraud.

Magaziner and Clinton reject both types of regulation. With regard to restrictions, they're mostly right. With regard to supporting consumers, they're dead wrong. Clinton and Magaziner's legitimate trouble with restriction is that the Net moves too fast to be pinned down. Try to set restrictions on content and, by the time a bill is halfway through its first House committee meeting, every company possibly in violation will have moved its servers to Djibouti. Draft a law restricting the use of cookies and the whole technology will be obsolete two years before the bill reaches the president's desk.

Moreover, this country's lax approach to restriction has certainly allowed the U.S. online industry to leap ahead of other nations that have taken a plodding, institutional approach to the Internet. France, for example, is still slogging through negotiations over cultural content. Unsurprisingly, we're wired and they're not. Seventy percent of all electronic commerce is now transacted in the United States.

Everyone "knows" that the Net shouldn't be regulated, but few people can offer a serious rationale.

But there's still a great deal that the government can and should do to ensure that consumers come out winners in the new bacchanal. A good place to start would be to develop a system through the Department of Commerce that certifies Web sites that comply with privacy rules and consumer-protection statutes. If a web page is completely based in the United States, follows binding U.S. rules, and practices full disclosure, give it the Department of Commerce stamp. If it doesn't, don't. If a program like this were sufficiently publicized, companies like drugstores would fall over themselves to make sure they could qualify, and no one would have to worry about seedy companies vanishing into thin air after picking their customers' pockets. Already, a few organizations, like TRUSTe, offer this service.

Another step would be to develop a consumer protection code that would activate when first-time users start their browsers. The Department of Commerce has developed a page that explains what to be wary of on the Net, how to navigate, and how to make sure that you don't get duped. It's a great page, but it's buried deep. To bring information like this to the mainstream, the government would have to lean on Netscape and Microsoft (perhaps in the same way that tobacco companies were forced to put the Surgeon General's warning on their products) to get them to post an informational notice like this as their browsers' original starting point. Net fraud threatens new users far more than it does experienced ones, and a page explaining the potential dangers of the Net could be an important first line of defense.

But most importantly, the government needs to get the glaze out of its eyes and start thinking through its basic responsibilities. The more something is repeated, the more it becomes an unexamined truth--and this is starting to happen with the Net. Everyone "knows" that the Net shouldn't be regulated, but few people can offer a serious rationale. It's a shibboleth, sleepily repeated over and over with only timid voices trying to shout it down.

The more time that passes before the government starts to build a regulatory and supportive infrastructure, the more damage will have already been done and the harder the task of regulation will be.

The Net does need to become a "clean, well-lighted place." And it should be the government's job to start sweeping the streets and building the lampposts as soon as possible.

Research assistance provided by Yvonne Kalawur.