Privacy and Regulatory Innovation: Moving Beyond Voluntary Codes

Privacy and Security

Article Snapshot


Ira Rubinstein


I/S: A Journal of Law and Policy for the Information Society, Vol. 63, pp. 356, 2011


This article argues that a co-regulatory approach to privacy provides an effective and flexible policy instrument.

Policy Relevance

Both government regulation and industry self-regulation suffer from various shortcomings when it comes to online privacy. A co-regulatory approach implementing elements of both government and industry self-regulation is needed.

Main Points

  • Co-regulation allows the government to retain oversight authority while providing industry considerable flexibility in shaping self-regulatory guidelines.
  • A normative framework for evaluating the effectiveness of co-regulatory programs consists of six elements:
    • efficiency,
    • openness and transparency,
    • completeness,
    • strategies to address free rider problems,
    • oversight, and
    • use of second-generation design features.
  • Co-regulation tends to be cooperative, rely on firms or other intermediaries to perform government functions, produce less rigid guidelines, generate more commitment to the regulation by the regulated firms, and shift the role of government from enforcement to providing incentives.
  • Recommendations to Congress as it considers privacy legislation include:
    • Establishing safe harbor programs in which government and industry would collaborate on the drafting of regulatory rules.
    • Authorizing the FTC to negotiate agreements with firms modifying or relaxing Fair Information Practices in exchange for enforceable promises to achieve better results in one or more areas covered by the legislation.
    • Encouraging the FTC to support non-governmental efforts to develop appropriate measures of privacy performance.

Get The Article

Find the full article online

Search for Full Article