Government Transparency & Smarter Regulation through Standardized Data Use

I've complained mightily (here and here) about the agonizing technological awfulness that was, at least until recently the website of the FCC (you know, one of the two federal agencies--besides the FTC--that thinks it has the expertise necessary to regulate the Internet). My point wasn't just that the FCC's website made it very difficult to find and access data, but that this was a serious problem for transparency in government. I have to give the agency credit for improving many aspects of its site, though much work still remains to be done.

But then there are all the other agencies of our sprawling regulatory Leviathan! And in particular, the Securities and Exchange Commission (SEC), which processes--crudely--huge amounts of financial data. A new report from House Oversight and Government Reform Committee Ranking Member Darrell Issa released today describes just how severe the SEC's problems are:

The Commission's securities disclosure processes are technologically backward. It reviews corporate filings manually, using printouts, pencils, and calculators. It has never developed the ability to perform large-scale quantitative analysis to find fraud. Commission staff use Google Finance, Yahoo! Finance, and other commercially-available resources to analyze corporate filings. If the Commission had a robust database of the financial information filed by its registrants, it could automatically prioritize the thousands of tips and complaints it receives. But no such database has ever been constructed.

Hence the biting title of the report: The SEC: Designed for Failure. Ouch! It's really amazing how, when regulators fail to protect consumers, the default response by most in Congress is to assume that only sweeping new powers will fix the problem (which is what "financial reform" legislation would do) instead of, say, bringing the agency into the 21st century.

Similarly, there's a move afoot to give the FTC vast new powers across the board or to protect our privacy online (from evil companies that don't respect the privacy promises they made to consumers) with little thought given to data-driven technological through user empowerment.

The beauty of P3p (standardized, machine-readable disclosures about online operators' privacy practices embedded in metadata attached to web cookies and other data collection tools is two-fold:

1. It gives users "actionable transparency" by allowing them to implement their own own privacy preferences through tools in their browser, plug-ins or OS (which "parse" the P3P disclosures and decide which entities can collect data based on whether their privacy practices meet the user's pre-configured standards); and


2. It allows regulators to enhance enforcement of existing laws against unfair & deceptive trade practices by automatically "reading" each company's disclosures and looking for internal contradictions (two statements that can't both be true) or inconsistencies with other, known practices.

In both cases, smarter use of data can help to protect consumers without the need for giving governments sweeping new regulatory powers, which comes at a real cost to innovation and for consumers--just as with the SEC, as Issa's report explains.