As we all marinate in the difficulties of Mr. Zuckerberg, who, at the end of the day, can certainly salve any wounds with a net worth measured in the tens of billions of dollars, I was struck by the continued drumbeat for “REGULATION.”  Now, perhaps I am ill equipped to discuss Facebook, not being a participant and therefore never having clicked through a lengthy agreement on privacy (or the lack thereof), but I have some thoughts.  I’ll largely leave the ethics of the privacy contretemps to others, but I was struck by the parallels between the current kerfuffle over Facebook and privacy and the Dodd-Frank mess, lo these ten years past.

Let’s start with this dictum:  Beware the politician bearing new and comprehensive regulatory gifts for the American people.

I’ve been listening to the Facebook chatter for several weeks now and I suspect this will go on for as long as our political class concludes there is some benefit in yammering on about it in front of a camera.  What I find interesting, no make that disturbing, is the homogeneity of the calls for regulation (a seemingly content free word based on how our chattering class is blithely throwing it around) without much concern that apparently no one knows what “regulation” might entail. I’ve been listening carefully and as far as I can tell, if someone has thoughtfully addressed what the regulatory fix for our privacy concerns might be, I’ve missed it.  Oh, there’s a couple of bills that have been introduced by sundry members of the House and Senate hoping to duct tape onto their otherwise undistinguished careers and little reptilian intellect some gravitas, but there’s really not much out there beyond the assertion that, “The American people demand regulation!”

Ontogeny recapitulates phylogeny” they say and the nattering inside and around government and academia suggests that the technocracy is intent on replicating the regulatory nightmare following the Great Recession with an eruption of new regulatory excreta around privacy and the internet.  Is there no learning from our mistakes?  “Act in haste, repent at leisure” is not just an hoary old dodge, but a fundamental truth.

Back in 2008, it was “skin in the game,” “too big to fail,” “gambling banks” misusing the public’s money, etc.; phrases redolent of certainty, clarity and perhaps even wisdom… Except what they led to was the embrace of faux solutions, air freshener wafting over the midden heap of a deeply damaged banking and capital formation sector.

At the time, I argued that the finance and banking industry made a near to existential error in not fighting back on those memes before they became permanently embedded in a national narrative that banks and bankers were bad and needed to be beaten regularly, made to disgorge billions of dollars for alleged bad conduct (and thereby damaging capital while at the same time we were trying to increase it) and needed to henceforth conform to an exhaustive and elaborate skein of rules and regulations that, in some chalkboard exercise we were assured, would make banking safer and perhaps even end the business cycle.  Didn’t happen.

And, of course, the financial sectors had to hire legions of staff, lawyers and accountants to make sure all the foregoing happened (or, as the case may be, didn’t).  Our Dodd-Frank regulatory torrent was ill-advised then and I am certain that the current cri de coeur for regulating the internet without further delay is ill-advised today.

First of all, what exactly does everyone mean by regulating the internet?  Does it mean some form of strict, HIPAA-type lockdown on privacy based on the apparently obvious assumption (to them) that the American public is too stupid to give informed consent?  (Maybe we shouldn’t let them vote either.  Wouldn’t that be easier?)  Presumably it means that data cannot be traded or otherwise monetized without some sort of super-informed consent?  Does it mean that contacts can’t be shared or connectivity delivered without something affirmative and informed?  What would that look like?  What’s to be kept private and what’s not?  If you shout your net worth in a crowded room are you entitled to privacy?  Do we criminalize misuse of personal data?  What’s the standard of care?  What if it’s inadvertent?  Who has the burden of proof that data was private and misused?  When does data that might have originally been private become not private, and hence outside of the restrictions from this regulatory regime?  How do we deal with the extra territoriality consequences of a global data sphere and US regulation?  I don’t know the answer to any of these questions and I am sure they are only a small cross-section of the issues that we are dealing with here, but we should take our time and sort it all out.

And unintended consequences?  What happens if the business model of many, if not most, of our internet services, which are generally about providing connectivity in exchange for access to big data, is fatally wounded?  Is everyone prepared to pay for the service?  Can you get enough advertising online to make up for the loss of the ability to compile and use data?  Are we okay with trading more privacy for a woefully diminished online experience?  I don’t know, but someone should probably think this through before imposing a set of new, elaborate and intrusive rules.

After the Great Recession, look what happened and what’s finally being done to fix it now.  After larding capital charge on top of capital charge on top of capital charge, we started to wonder whether we have impaired the efficiency of global finance and that’s not good.  The inanity of the Step-In Rule and Liquidity Coverage Ratio might be permanently sidelined but what’s shocking is that the technocracy thought those were really good ideas!  We finally figured out that all those lawyers, accountants and consultants mentioned above can choke a bank to death.  Allegedly there have been something like 70,000 pages of regulations promulgated in the wake of Dodd-Frank.  How can that possibly be good?

How about the Volcker Rule and its impact on markets and trading.  What’s a proprietary trade?  We still don’t know, so the liquidity of all securities in the capital markets has been meaningfully diminished.  That was clearly not part of the plan.  And following all this burst of regulation, the weaponization of regulations turned our banking sector into a giant piggybank for the government which unabashedly sued Bank A for selling dodgy residential securities to Bank B while suing Bank B for selling the self-same securities to Bank A.  Have we no shame?

I’m not saying that privacy is not important, I certainly don’t want my information spread across the web without reflecting on what I’m doing.  Indeed, maybe there is a materially broader role for the government here.  But let’s stop for a second and give it some thought.  Let’s not replicate the mess that is Dodd-Frank and then spend the next eight years trying to undo the negative externalities and unintended consequences of a burst of feel-good, faux intellectualized, politically motivated regulation.  Someone said we become insane collectively and regain our sanity one by one.  Seems right.  The internet is too important.  Connectivity is too important.  We can’t afford to embrace insanity and then wait for regrets.