Over the next ten years, the online population is going to shift dramatically. The new players in electronic commerce will include a lot of vulnerable populations--newbies, the elderly, the young. The new markets will be international.

What does this mean for communications with consumers and the larger issue of trust? Here I address some key points about the deep institutional structures that underlie trust and how those structures are perceived. Two key institutional structures are law enforcement and, of course, the Invisible Hand, the way the market works in response to consumer demand. Demographic changes will make law enforcement much harder. The Invisible Hand, however, will still be going strong with the aid of technology.

First Trust phenomena: Law enforcement is stretched ever thinner; the private sector steps in.

Market failure is the monster in the closet--very, very rare and often self-correcting.[1] But government failure is the alcoholic step-father down the hall--real and not at all self-correcting. As the number of online transactions involving the elderly, the young, and the foolish ramps up and goes international, consumer protection authorities will find themselves overwhelmed. Oh, they will be able to bring some high-profile cases involving large values. But study after study of deterrence in every context, from tax compliance to drunk driving to drug offenses, shows that there will be little deterrence if the likelihood of getting caught falls below a certain threshold.[2]

Should we worry? No. The private sector is already stepping in with product ratings like those on Amazon.com, insurance like that offered by PayPal, and other feedback mechanisms, from eBay's formal ratings to information-sharing on bulletin boards.

Second Trust phenomena: The strongest protection for consumers is the Invisible Hand, the way the market works in response to demand.

Why is the Invisible Hand so often overlooked? Why is it invisible? It is invisible to consumers because they disproportionately notice instances when a problem has actually arisen, not the hundreds of transactions that proceed just fine. Technology that helps consumers register their views through feedback mechanisms will begin to change that perception. But even without such changes, in every transaction, consumers have the ultimate power to walk away. And there are millions, billions of them.

This power of consumer demand is truly awesome. It has grown eBay; it is shaping digital rights management, shipping and return policies, everything. Especially in a fast-moving tech world, demand is a far more powerful force than regulation. One interesting data point is a recent study of web sites, which showed that less-regulated web sites in the United States did as well or better with privacy than more heavily regulated sites in the United Kingdom.[3] The less-regulated sites must respond--and have the flexibility to respond--to demand. Another interesting data point is what happens to such safeguards when the "consumer" isn't really the public. Peer-to-peer software sites are often funded by advertising rather than by sales. That is, their "consumers" are the advertisers, not the public that uses their product. The primary demand that these sites respond to is advertisers, not the public. This is why by and large these programs score very, very badly on security. The Patent and Trademark Office is expected to release a study of this, showing that in spite of denials by the P2P community, these programs are still very likely to result in people's sharing Excel spreadsheets and other data that they really do not want to share.

Learning About Consumer Preferences.

Another aspect of the Invisible Hand is its invisibility to regulators. They inevitably see the worst cases. And they also, for some reason, when gathering data on consumer needs, place an astounding reliance on self-reported data--notoriously much more unreliable than monitoring actions. They ask "is privacy important," and unsurprisingly, often, get back a "yes." But if you were working for a presidential candidate and were asked to find out what issues people were concerned about, would you discover much by asking, "is fighting terrorism important?" Emphatically, no. One must ask, "What issues are important to you?" and wait for the voter to answer. Even then, there may be a gap between stated and actual preferences. Do we choose Presidents by poll? Emphatically, no. We actually have to hold the election, because true preferences are revealed by people's action (in elections, by voting), not by their off-hand remarks.

Back to e-commerce. What do people's actions show there? Again and again, people's actions reveal that they are not shopping online for some meta-meta value like privacy or for legalese. Predictions in the late 1990's that e-commerce would lag because of lack of privacy rules proved drastically wrong.[4] E-commerce grew at rates far faster than projected. Bottom line: People want stuff--carpets and out-of-print books, toys and clothes and software, medical information and a sympathetic ear. Hopefully, at discount prices. They don't want to be ripped off, either by having their credit card abused or by not getting their stuff. But they are willing to take some risks if it saves them time and money overall.

A well-designed survey to reveal consumer preferences would involve telling a lot of people that you are studying fonts, or keyboard or mouse design. Then watch what they do online. Don't tell them you are studying privacy or trust or security or prices. Guess who does that sort of experiment all the time? Every company engaged in e-commerce. They are in a much better position than regulators or academics to know what consumers want. And with or without explicit technological mechanisms of communications (ratings or billboards or what have you) every consumer action online communicates potentially communicates helpful information about preferences to entrepreneurs.

There are several key aspects of communication with consumer. Some of the most important are pre-transaction--the targeted fundraising letter, a marketing pitch. Those are going to get a lot more targeted. A lot of new organizations grow this way, and should not be discouraged by "privacy uber alles," that is, top-down opt-in. Other communications will happen during the transaction and after, and technology here will multiply the options. One would expect to see difference between market sectors emerge-tools and gourmet treats and books and medical care and toys are not all the same. But perhaps the most important communications mechanisms of all will not involve any explicit mechanism at all--just the continuous process of learning what consumers want by trying to give it to them and succeeding or failing. Consumers communicate by buying, and coming back to buy again, or not.

Conclusion

The new demographics will test regulatory limits even more severely than they have already been tested. The best policy is to keep the market free so that sites can respond to demand. There will be demand for "consumer protection" goods like feedback, and insurance, and that will be provided. There will be demand more generally for security, for good products, and sometimes (not always) for return policies and warrantees and all that stuff. The FTC might play an important role in addressing large-value fraud, or in educating vulnerable populations. But by and large it is--and should be--out of regulatory hands.

* Solveig Singleton is a senior adjunct fellow at The Progress & Freedom Foundation. This was prepared for the panel "Changing Trusted Sources-What Does it Mean for Consumer Outreach," at the Federal Trade Commission's Workshop Protecting Consumer in the Next Tech-ade-The Impact of Demographics and Shifting Consumer Attitudes, Washington, D.C., November 8 2006. The views expressed here are her own, and are not necessarily the views of the PFF board, fellows or staff.

1. For a collection of articles demonstrating problems with the theory of "market failure," see Tyler Cowan, Ed., Public Goods and Market Failures: A Critical Examination (Transaction Publishers: 1992).
2. See Criminal Law And Its Processes 117 (Sanford H. Kalish & Stephen J. Schulhofer, eds., 6th ed. 1995); Anne D. Witte, "Economic Theories," 1983 (in S. H. Kalish (ed.) Encyclopedia of crime and Justice, New York Free Press); Dick J. Hessing et al., "Does Deterrence Deter? Measuring the Effect of Deterrence on Tax Compliance in Field Studies and Experimental Studies," in Why People Pay Taxes: Tax Compliance and Enforcement 291-92 (Joel Slemrod ed., 1992); see also Brian Erard, "The Influence of Tax Audits on Reporting Behavior," in Why People Pay Taxes, at 95, 113-14.
3. Karim Jamal, Michael S. Maier, and Shyam Sunder, "Enforced Standars versus Evolution by General Acceptance: A Comparative Study of E-Commerce Privacy Disclosure and Pratice in the U.S. and The U.K., Yale ICF Working Paper No. 04-38, August, 2004, pp. 22-23 ("Our comparative study of the U.K. and the U.S. reveals that privacy has fared no better in the U.K. than in the unregulated U.S. environment. While the EU law may have helped reduce the use of first and third part cookies, it also appear [sic] to have reduced the availability and quality of disclosure. Also, unlike [sic] U.S., a U.K. market for web seals barely exists. U.K. consumers appear to continue to be just as vulnerable to misbehavior by a few outliers as their U.S. counterparts. In the absence of mandated standards, U.S. web sites tend to view the disclosure of privacy policies as an instrument of their marketing strategy to attract consumers. Accordingly they make it easy to find their statements of policy, and adhere to these policies reasonably closely. U.K. websites, on the other hand, appear to view privacy disclosure as a mere compliance matter, and are largely indifferent to consumer concerns about their privacy policies. On average they make it more difficult for their customer to find their statements of policy as compared to U.S. websites.")
4. Jim Harper and Solveig Singleton, "With a Grain of Salt: What Consumer Privacy Surveys Don't Tell Us," Competitive Enterprise Institute, June 2001, p. 8 (See graph showing low projected growth of e-commerce based on privacy concerns, compared to actual growth).