Richard Warner and Robert H. Sloan, Behavioral Advertising: From One-Sided Chicken to Informational Norms

Richard Warner and Robert H. Sloan, Behavioral Advertising:  From One-Sided Chicken to Informational Norms

Comment by: Aaron Massey

PLSC 2012

Published version available here:

Workshop draft abstract:

When you download the free audio recording software from Audacity, your transaction is like any traditional provision of a product for free or for a fee—with one difference:  you agree that Audacity may collect your information and use it to send you advertising.  Billions of such “data commercialization” (DC) exchanges occur daily.  They feed data to a massive advertising ecosystem that constructs individual profiles in order to tailor web site advertising as closely as possible to individual interests.  The vast majority of us object.  We want considerably more control over our information than websites that participate in the advertising ecosystem allow.  Our misgivings are evidently idle, however.  We routinely enter DC exchanges when we visit, use Gmail, or visit any of a vast number of other websites.  Why?  And, what, if anything, should we do about it?

We answer both questions by describing DC exchanges as a game of Chicken that we play over and over with sellers under conditions that guarantee we will always lose.  Chicken is traditionally played with cars.  Two drivers at opposite ends of a road drive toward each other at high speed.  The first to swerve loses.  We play a similar game with sellers—with one crucial difference:  we know in advance that the sellers will never “swerve.”

In classic Chicken with cars, the players’ preferences are mirror images of each other.  Imagine, for example, Phil and Phoebe face each other in their cars.  Phil’s first choice is that Phoebe swerve first.  His second choice is that they swerve simultaneously.  Mutual cowardice is better than a collision.  Unilateral cowardice is too, so third place goes to his swerving before Phoebe does.  Collision ranks last.  Phoebe’s preferences are the same except that she is in Phil’s place and Phil in hers.  Now change the preferences a bit, and we have the game we play in DC exchanges.  Phil’s preferences are the same, but Phoebe’s differ.  She still prefers that Phil swerve first, but collision is in second place. Suppose Phoebe was recently jilted by her lover; as a result, her first choice is to make her male opponent reveal his cowardice by swerving first, but her second choice is a collision that will kill him and her broken-hearted self.  Given these preferences, Phoebe will never swerve.  Phil knows Phoebe has these preferences, so he knows he has only two options:  he swerves, and she does not; and, neither swerves.  Since he prefers the first, he will swerve.  Call this One-Sided Chicken.

We play One-Sided Chicken when in our website visits we enter DC exchanges.  We argue that buyers’ preferences parallel Phil’s while the sellers’ parallel heart-broken, “collision second” Phoebe’s. We name the players’ choices in this DC game “Give In,” (the “swerve” equivalent) and “Demand” (the “don’t swerve” equivalent). For buyers, “Demand” means refusing to use the website unless the seller’s data collection practices conform to the buyer’s informational privacy preferences.  “Give in” means permitting the seller to collect and process information accord with whatever information processing policy it pursues.  For sellers, “Demand” means refusing to alter its information processing practices even when they conflict with a buyer’s preferences.  “Give in” means conforming information processing to a buyer’s preferences.  We contend that sellers’ first preference to demand while buyers to give in and that their second is the collision equivalent in which both sides demand.  Demanding sellers leave buyers only two options:  give in and use the site, or demand and do not.  Since buyers prefer the first option, they always give in.

It would be better if we were not locked into One-Sided Chicken.  Ideally, informational norms should regulate the flow of personal information.  Informational norms are norms that constrain the collection, use, and distribution of personal information.  In doing so, they implement tradeoffs between protecting privacy and realizing the benefits of processing information.  Unfortunately, DC exchanges are one of a number of situations in which rapid advances in information processing technology have outrun the slow evolution of norms.

How do we escape from One-Sided Chicken to appropriate informational norms?  Chicken with cars contains a clue.  In the late 1950s B-grade Hollywood youth movie, Phil would introduce broken-hearted Phoebe to just-moved-to-town Tony.  They would fall in love, and, in a key dramatic turning point, Phil and Phoebe would play Chicken.  Phoebe would see that Tony is also in the car and be the first to swerve.  We need a “Tony” to change businesses’ preferences.  We contend that we would all become the DC exchange equivalent Tony if we had close to perfect tracking prevention technologies.  Tracking prevention technologies are perfect when they are 100% effective in blocking information processing for advertising purposes, completely transparent their effect, effortless to use, and permit the full use of the site.  Phoebe swerves because she does not want to lose her beloved Tony.  Sellers are “in love with” advertising revenue.  We argue that they will “swerve” to avoid losing the revenue they would lose if buyers prevented data collection for advertising purposes.  The result will be that, in a sufficiently competitive market, appropriate informational norms arise.  We conclude by considering the prospects for approximating perfect tracking prevention technologies.

Richard Warner & Robert H. Sloan, Informational Privacy: Norms, Coordination, Hockey Helmets, and a Role for Legislation

Richard Warner & Robert H. Sloan, Informational Privacy: Norms, Coordination, Hockey Helmets, and a Role for Legislation

Comment by: Anita Allen-Castellitto

PLSC 2011

Workshop draft abstract:

Informational privacy consists in the ability to control what personal information others collect and what they do with it.  We value the control, as over twenty years of studies attest; but, other studies show that we readily trade very personal information for very small rewards.  We offer a solution to this puzzle—a limited solution since we restrict our inquiry to private-sector, commercial contexts.  Our solution provides a general perspective on informational privacy and suggests ways of ensuring sufficient control over personal information. The solution is that the seemingly contradictory attitudes are characteristic of conformity to suboptimal informational norms. This raises three questions.  What is a norm?  What is an informational norm?  And, what is it for a norm to be “suboptimal”?  We take our answers from a general theory of norms and market interactions in our forthcoming (Fall 2011) book, Unauthorized Access: the Crisis in Online Privacy and Security.  Setting informational privacy concerns in this general context reveals important commonalities with other current problems.

We focus on coordination norms.  A coordination norm is a behavioral regularity in a group, where the regularity exists at least in part because almost everyone thinks that he or she ought to conform to the regularity, as long as everyone else does.  Driving on the right is a classic example.  In mass markets, coordination norms promote buyers’ interests by unifying their demands.  A mass-market buyer cannot unilaterally ensure that sellers will conform to his or her requirements; coordination norms create collective demands to which profit-motive driven sellers respond.

The problem on which we focus is that rapid technological change has rendered existing norms “suboptimal.”  There are many optimality notions (Pareto optimality being perhaps the best known); the optimality notion we use is value-optimality.  A norm is value-optimal when (and only when) in light of the values of all (or almost all) members of the group in which the norm obtains, the norm is at least as well justified as any alternative.  We will use “suboptimal” for norms that are not value-optimal.  A classic example of a suboptimal coordination norm is the “no helmet” norm among pre-1979 National Hockey League players.  Not wearing a helmet was a behavioral regularity that existed in part because each player thought he ought to conform, as long as all the others did.  However, because of the value they placed on avoiding head injury, virtually all the players regarded the alternative in which they all wore helmets as better justified.  The players nonetheless remained trapped in the suboptimal “no helmet” norm until the league mandated the wearing of helmets in 1979.  Like the hockey players, we “play without a helmet” when we enter certain types of market transactions:  we are, that is, trapped in what are—now—suboptimal coordination norms.

Informational privacy is a case in point.  As Helen Nissenbaum and others have emphasized, informational norms regulate the flow of personal information in wide variety of interactions, including market transactions.  Informational norms are norms that constrain the collection, use, and distribution of personal information.  In a range of important cases, such norms are coordination norms that unify buyers’ privacy demands.  The norms are instances of the following pattern: consumers demand that businesses process—collect, use, and distribute—information only in role-appropriate ways.  The problem is that technological advances have so greatly increased the power and breadth of role-appropriate information processing that many norms are no longer value-optimal:  alternatives in which consumers have more control are better justified.  The consequence is an unacceptable loss of control over personal information.

Conformity to suboptimal norms explains the otherwise puzzling fact that consumers value control over personal information while they also surrender control for small rewards.  This is precisely the sort of behavior one sees when groups are trapped in suboptimal norms.  Recall the hockey players.  They did not wear helmets even though their values made “all players wear helmets” a far better justified alternative.  Similarly, consumers conform to suboptimal informational norms even though their values make “consumers have more control” a far better justified alternative.  Trading privacy for small rewards is just norm-conforming behavior; however, when asked about their values, consumers indicate that they value control.  Their problem is that, like hockey players, consumers cannot break free of the suboptimal norm.

The solution to the hockey players’ problem was “legislative”:  the league mandated that every player wear a helmet.  We offer a similar solution:  a model in which appropriate legislation gives rise to value-optimal informational norms.  The model applies in a wide variety of cases in which rapid change has outstripped the evolution of norms and thus underscores the fact that issues about informational privacy share important similarities with other types of suboptimal norms that currently govern various market transactions.