“There’s No Such Thing as a Free Lunch”: Can the Internet Strike a Long-Term Balance Between Generating Revenue and Protecting User Data?

How much is information about you worth? Companies that collect data about individuals as part of their model—such as Google, Facebook, Instagram, and Twitter—have found there is value enough in data to provide users free access and still realize a profit. Selling personal data, for instance, allows Internet-based companies to sell targeted advertising or promotional space, which is more likely to drive purchases. Thus, while it is well-known that these companies generate billions in digital advertising revenue, a significant portion of their value comes from selling information about its users.

Such is the ubiquity of personal data being used as an asset, that in order to help Internet users determine the worth of their data, the Financial Times has developed a calculator to help assess their value.

The FT calculator was created in 2013, but in the past five years, social media companies have brought the potential to exploit personal data to new levels. In June 2017, Facebook obtained US Patent 9,681,166 (Techniques for Emotion Detection and Content Delivery), which claims a method of detecting an individual’s emotions and curating content, such as advertisements, based on a person’s machine-observed reaction to content. While Facebook does not currently practice this patented technology, it shows the depth to which certain companies might go to maximize profit.

Users, to some extent, have created their own monster. Many social media applications, video games, software, and web services offer a “free” component, and billions of users take advantage of this “free use” business model. However, applications that at face value appear to be free, nevertheless have an underlying, hidden cost to the user. They gather and sell access to user data. As the old adage—popularized by economist Milton Friedman among others—goes, “There’s no such thing as a free lunch.” The digital data and advertising economy is based on implicitly co-opting an understanding with users that in exchange for a free service or product, users themselves agree to be the payment, their information bought, traded, and sold to the highest bidder.

As an understanding about the amount of profit companies are realizing from user data enters the mainstream, policy questions arise about the implications of these implied agreements: Are there alternatives that are more transparent? Are most users aware of the value of the information about them that is being sold? and Are users comfortable with the utility they obtain in the exchange? Perhaps most important is the question: Is regulation of the personal, digital, and financial information necessary?

In recent months, the relationship between Facebook and data-mining firm Cambridge Analytica intensified many people’s fears about how their information can be exploited. As part of its work during the 2016 US presidential election, Cambridge Analytica accessed millions of individuals’ data from their Facebook profiles. This data included personal information, such as birth dates, and user information, such as page likes, as well as, in certain circumstances, access to a user’s location, news feed, timeline, and messages. This data was used to create “psychographic profiles” that enabled political campaigns to persuade voters through targeted advertising.

Many countries have adopted regulations to ensure individuals using computer applications do not have their data used in a manner they would not consent to. The European Union (“EU”) enhanced its data protection rules with its General Data Protection Regulation (“GDPR”). Unfortunately, while positive regulation reform occurred, the effect will likely remain the same. The regulation added new fine print in every company’s “term[s] of use/privacy” agreement, which people tend to click through to without reading. While many people are now more aware of their digital footprint, most are likely to remain unaware of the risks.

So, what should a US data privacy policy be? Sen. Mark Warner presented a policy paper with 20 different ways to address the “Big Tech platforms.” Warner focuses on three goals: (1) combating disinformation; (2) protecting user privacy; and (3) promoting competition in the tech space. Warner emphasizes not only access to data but also educating the public on its importance, as data is useless without efficient analysis. In addition, he proposes ideas similar to the regulations enacted by the EU. He stresses the need for transparency in data and usage by companies, and he recommends “free” platform companies be required to provide users with an annual estimate of what their data is worth to the platform, thereby providing significant “price” transparency. Access to quantifiable data showing the value of their data might better enable a user to determine whether a service they access is worth using. In addition, it may force companies to offer additional services to balance out the hidden costs of a free-at-the-point-of-access model to the user.

There are additional models. Not all web services and computer applications exploit data without a user’s explicit consent. Companies such as Epic Games—owners of the battle royale-style game Fortnite—web content management system WordPress, and web and graphic services giant Adobe use the “freemium” business model. The freemium model offers a basic service for free, with the opportunity to purchase enhanced premium services for a cost. Another Internet revenue model adopted by companies such as Netflix, Apple Music, and LexisNexis is to offer subscription services. While Facebook exploits users’ data for third parties’ benefit, companies that use freemium or subscription models can shelter user data. This system gives companies a market advantage because they can keep the data in-house and use it to tailor their products and services to retain and gain users.

Only time will tell whether a long-term balance between data-use transparency and privacy can be struck between data-users and corporations. In the meantime, users should be vigilant and educated, especially when interacting with companies offering “free” (but with hidden costs) products and services.  Ultimately, companies able to successfully address the Internet’s ongoing data and revenue issues with savvy privacy and business savvy platforms and transparency may find their loyal and grateful consumer base growing, at the expense of companies that are losing trust.