FC: Dan Klein responds to criticisms, defends credit bureaus

[Declan McCullagh <declan () well com>]

*********

Date: Wed, 13 Sep 2000 15:02:38 -0700
From: "Daniel Klein" <dklein () scu edu>
To: <declan () well com>
Subject: Dan Klein's Reply

The comments on my "Credit Information Reporting" paper are provocative (my 
paper can be accessed on my website http://lsb.scu.edu/~dklein -- go to 
"Papers").  I have reproduced the comments below and interspersed my 
comments on the comments in CAPS.

Daniel Klein, Associate Professor of Economics, Santa Clara University 
(dklein () scu edu)
_______________

COMMENTS BY Bonnie:
[QUOTING MY PAPER:]
> engage in a very similar activity. Consumer Reports "gossips" at great
> length about manufacturers and their products -- basing their
> statements to a great extent upon unverified "hearsay" from their
> subscribers -- and often with flare and a touch of invective. God

Consumers Union, the publisher of CR, have extensive labs
and actually submit products to physical testing.  Not sure
where this person got their info. [I CALLED THE YONKERS OFFICE TODAY AND 
THEY CONFIRMED MY IMPRESSION THAT CU DOES UTILIZE THE RESULTS OF THE ANNUAL 
MEMBER SURVEY IN THEIR CR ARTICLES.  AND GOD BLESS THEM FOR DOING SO!]

Bonnie
_______________________________

COMMENTS BY Paul Sholtz:


wow - this is wrong, so wrong..

I have nothing against using personal information as an accountability
mechanism. Trust is that which is essential to a communications channel but
which cannot be transferred from a source to a destination using that
channel. This is why we have open-source review of cryptography software. It
is why employers check references on prospective employers.. and, it is why
lenders will check the credit history of prospective borrowers -

nothing wrong w/ that..

what I have a problem w/, though, is using personal information for economic
gain, via marketing, etc, w/o the notice or consent of consumers (and, as
Mr. Klein observes, the credit bureaus do precisely this -- in fact, I would
wager they get MOST of their profits in this manner). [PAUL, WHAT DO YOU 
THINK OF THE CHILD-MOLESTING BABY-SITTER EXAMPLE IN MY PAPER?  SHOULD HE 
"OWN" INFORMATION ABOUT HIM?  SHOULD WE HAVE TO NOTIFY HIM OR REQUEST HIS 
PERMISSION BEFORE WARNING OTHERS OF HIS ACTIONS?  SURE THIS EXAMPLE IS 
EXTREME, BUT IT MAKES AN IMPORTANT POINT.]
I'm not alone - many consumers have a problem with this. They would prefer
that their personal information not be used in this manner; [WHAT MANY 
CONSUMERS PREFER IN ECONOMIC POLICY REALLY ISN'T VERY RELEVANT.  HOW MUCH 
ECONOMIC INSIGHT AND INFORMATION DOES THE AVERAGE CONSUMER HAVE?  DOES THE 
AVERAGE CONSUMER UNDERSTAND THE WOULD-BE CONSEQUENCES OF THE POLICY REFORM 
YOU SUGGEST HERE?  I DON'T THINK SO.  MANY CONSUMERS WANT RENT-CONTROL AND 
THE FDA STRANGLEHOLD ON PHARMACEUTICALS, BUT VIRTUALLY ALL ECONOMISTS WHO 
ACTUALLY STUDY THESE ISSUES KNOW THAT CONSUMERS SHOULDN'T WANT THESE 
POLICIES, YET DO.] or at least if
it IS used in that manner, than they should receive some form of
compensation for it...  Corporations, in turn, would prefer that personal
information be put to profitable, financial use.. so we have a conflict
between two parties over their preferences in the use of information..

For resolution of this conflict, I would turn to Dr. Ronald Coase, an
economist with the University of Chicago -- Mr. Coase won the 1991 Nobel
Prize in Economics for his observations and discovers on the significance of
transaction costs and property rights for institutional structures, and the
economy at large.

Coase argues that in a conflict between the preferences of two parties (like
we have between credit bureaus and consumers), the final outcome will be
determined by an economic calculus and (assuming reasonably low transaction
costs) will result in the same outcome regardless of the allocation of
property rights.. So in this case, who should have rights to the property
(i.e., personal information?) Coase argues that property rights should
belong to party that can resolve the conflict at the lowest possible cost. 
[PAUL, YOU SET UP THE PROBLEM AS THOUGH WE HAVE TO DECIDE WHETHER THE 
INFORMATION IS THE PROPERTY OF THE CONSUMER OR THE PROPERTY OF THE CREDIT 
BUREAU.  I OBJECT TO THIS WAY OF SETTING UP THE ISSUE.  INFORMATION OUGHT 
NOT BE REGARDED AS PROPERTY AT ALL.  THE ISSUES OF HOW INFORMATION IS 
UTILIZED (PRIVACY, JUNK MAIL, SPAM) OUGHT TO BE THOUGHT OF AS MATTERS FOR 
CONTRACT AND AGREEMENT (SUCH AS CONFIDENTIALITY AGREEMENT).  IF CONSUMERS 
DON'T LIKE THE TERMS OF AGREEMENT, THEY MIGHT ELECT NOT TO TRANSACT WITH 
THE SELLER.  MANY COMPANIES RECOGNIZE THE CONCERN OF CONSUMERS AND ADOPT 
PRIVACY POLICIES, TO WIN THEIR PATRONAGE.   IF YOU REALLY THINK ABOUT WHAT 
INFORMATION IS, YOU SEE THAT IT IS NONSENSICAL TO REGARD IT AS 
PROPERTY.  INFORMATION IS A PRODUCT OF THE INTERACTION OF PEOPLE'S MINDS 
WITH SYMBOLS AND SIGNS.  HOW CAN THAT BE PROPERTY?  THE NOTION OF 
INFORMATION AS PROPERTY (AND OF A "RIGHT TO PRIVACY") ARE WITHOUT COHERENT 
LEGAL OR MORAL PRINCIPLE.  AN EXCELLENT ANALYSIS OF THESE MATTERS IS Eugene 
Volokh. 2000. "Freedom of Speech and Information Privacy: The Troubling 
Implications of a Right to Stop People From Speaking About You," 52 
Stanford L. Rev. 1049-1124.]

What is critically important to understand about electronic networks (like
the Internet) is that w/ the advent of electronic commerce, a reversal has
occurred in which parties are in the position to act as the least cost
avoider in the context of personal information. Before the Internet, you
could plausibly argue that the transaction costs involved for consumers
setting prefernces over the use of thier personal information was high, and
that therefore corporate organizations (such as credit bureaus) should keep
the property rights to this information.. w/ the Internet, it's no longer
economically feasible to maintain this argument...

I would also argue that the price of personal information is being held at
an artificially low value due to the existence of a monopoly equilibrium in
the privacy market, held in check by organizations such as credit bureaus,
that have a strangehold on the flow of personal information - that's a story
for another time..

I would also like to comment on Mr. Klein's observation that the personally
identifying information collected by credit bureaus isn't that "bad", i.e.,
name, address, SSN, etc, and that it doesn't contain medical histories, or
other "sensitive" things, and so that it's OK for credit bureaus to be
trading this information..

In general, privacy concerns, and the conflicts in interests over
preferneces of its use, will arise whenever ANY personally identifying
information is collected and used.. doesn't matter if it's a name or a
medical history. Finally, that credit bureaus collect SSNs in the first
place is wrong - SSNs are crappy numbers (an estimated 4-12 million are
false, invalid or ambiguously assigned) for many reasons, including that the
number has no checksum. [I WOULD THINK THAT CREDIT BUREAU ENTREPRENEURS ARE 
IN A BETTER POSITION THAN WE ARE TO JUDGE WHETHER UTILIZING SSNS IS A 
USEFUL PRACTICE.  IF UTILIZING THEM DID PRODUCE CRAPPY RESULTS, THEY WOULD 
BE LIKELY TO REFORM THEIR PRACTICE TO MITIGATE THE CRAPPINESS. AFTER ALL, 
CRAPPINESS USUALLY IS NOT PROFITABLE.]

I wonder which credit bureau "funded" this research??

Paul Sholtz
PrivacyRight, Inc. - www.privacyright.com
Chief Technology Officer



COMMENTS BY J.D. Abolins:
Declan, thank you for providing the URL to this interesting paper.

In some ways, the paper reminds me of Stephen Nock's Cost of Privacy where
Nock traces the development of credentials including credit cards over the
past century or so.

First, a quick mention of Nock's main concept for the book: Modern concept
of privacy is dependent upon being in a society of strangers. The
difficulty is establishing reputations (or trust) in a society of
strangers. So teh "cost of privacy" is surveillance in the form of
credentials (such as credit cards, credit ratings, degrees, licenses, etc.)
and ordeals (such as urinalysis drug tests, polygraphs, etc.).

In an early chapter of the book, Nock traces the ancestry of modern credit
system to the credential of full membership in some US religious
denominations. Unlike most modern religious affiliation, earlier practices
in various churches was to require extensive examination and screening of
prospective members. The full membership attested to the current
trustworthiness of the person and the value of the status coupled with the
difficulties in regaining it should it be lost made the person a relatively
safe risk even though a clerk of a tavern owner did not know the person
directly. [MAX WEBER NOTICED JUST SUCH PRACTICES WHEN HE VISITED THE U.S., 
AND REMARKED ON IT IN HIS SCHOLARSHIP, AGREEING COMPLETELY WITH WHAT IS 
SAID HERE.]

To hook a little bit into Mr. Klein's paper, the person lost a good measure
of privacy being investigated by the church (and these examinations were
far more intrusive than most people today would ever put up with) and in
return the person carried a credential of trustworthiness allowed strangers
to extend a measure of financial and other trust. [A STORY FROM EARLY 
AMERICA MAKES THE POINT: A FARMER COMES TO MARKET STREET IN PHILADELPHIA IN 
THE HOPE OF OBTAINING A LOAN OF 100 DOLLARS TO PLANT HIS CROP FOR THE 
COMING SEASON.  HE NOTICES A MAN DRESSED IN THE TRADITIONAL GARB OF THE 
QUAKERS, WHO WERE KNOWN FOR KEEPING THE STRICTEST PROBITY, AND APPROACHES 
HIM FOR A SIX-MONTH LOAN, BUT THE QUAKER DECLINES.  THE FARMER REJOINS, "IF 
YOU WILL NOT LEND ME 100 DOLLARS FOR SIX MONTHS, WILL YOU LEND ME YOUR HAT 
AND COAT FOR FIFTEEN MINUTES?"]

To eliminate the initial loss of privacy, a person would either forgo the
credit and easier avenues of establishing trust or the person would have to
spend time to be know by others in order to establish a reputation. That,
too, entails, some loss of privacy. [HEAR, HEAR.  LIFE'S A BITCH.]


Spinning off to a different view of this subject, a year or so ago, a
private investigator on one of the surveillance tech lists I'm on posted an
essay on why he "invades" people's financial privacy. His basic point was
that the subject of the investigation initiated the process that lead to
the "invasion" by seeking another person to provide money or goods on
credit. If that trust was abused by not paying for the debt nor making
reasonable provisions, then it is fitting for the PI to use all kinds of
means to find the person and his assets.

On still angle tangent, I might have missed it in the paper but I find the
non-directly-financial uses of credit info to establish reputation an
interesting borderline topic. Some employers for example use credit and
other financial information in hiring decisions. There is an obvious
connection with positions involving handling of finances. But there are
many other job situations where an employer may consider the info valuable.
In intelligence and similar fields, the potential for comprise of the
employee via financial inducements is important. Elsewhere, the financial
info might point to some questions about the person's character and
decision-making abilities. Then there is the stress factor. Can an employee
who is fending off creditors concentrate upon the job? Or did the financial
blemish come out of a problem such as gambling?

In such considerations, the use of credit info can indeed seem like the
common notion of gossip. Yes, it can be painful for the person who has
difficulty getting a job because of bad credit and finds further financial
difficulties. Some people at this point would seek the government to do
something via regulations. This is a bad solution. First, there is the
freedom of the employer and others regarding speech. Second, the government
interventions short circuits some viable options for difficulties that come
out of stigmatized credit. For example,  the job hunter can work on ways to
compensate for the bad credit by presenting skills and assets valued enough
to offset the credit; by seeking job positions that are less concerned with
the credit info; by working to repair the credit problem. [HEAR, HEAR.] One 
good thing
about modern credit records compared to some older forms of reputations is
the limit of so many years for most blemishes. One is not ruined for life.

There are some things about credit info handling that I don't like (such as
the overuse of the SSNs) but the government regulation in the name of
privacy is going to cause more problems. One jumbled situation is Ron
Paul's bill to restrict the use and collection of SSNs. I hope it really
get applied to the government, one of the major overusers of the SSNs. From
the credit reporting agencies, this bill is considered a problem because
the SSN is considered an very useful identifier. As much as the SSNs are
problematic, the restriction on the sharing of the SSNs by private entities
once they have them is contrary to freedom of speech. A better solution is
to deal with the info on the collection end allow people to refuse to give
the SSNs and use other options for info verification, etc. Thus people are
free to speak and they free to select what is disclosed.  The tricky part
is that to maintain freedoms, private parties retain the option of not
providing services. [RIGHT ON, THE SO-CALLED CONSUMER/PRIVACY ADVOCATES ARE 
ACTUALLY WORKING TO DESTROY OPPORTUNITY FOR CONSUMERS, THOUGH THEY HONESTLY 
THINK THEY ARE DOING THE REVERSE.] Here, the customer demands for options 
can work by
encouraging some vendors to provide optional identifier modes. [HEAR, HEAR.]

Again, thank you.

J.D. Abolins
Meyda Online Infosecurity & Privacy Studies
http://www.meydabbs.com


COMMENTS BY Ed Mierzwinski:
>Date: Mon, 11 Sep 2000 19:20:40 -0400
>To: declan () well com
>From: Ed Mierzwinski <ed () pirg org>
>Subject: klein posting
>
>Declan-- Several people have forwarded to me your politech () politechbot com
>post on "Why credit bureaus protect privacy, help society, by D.Klein." I
>debated Dan Klein back in the early 90s at the Cato Institute. I have a
>copy of an article somewhere from back then -- a libertarian journal
>reprint I think -- that I am sure this chapter is based on. [THERE IS 
THEMATIC OVERLAP BUT THE NEW PAPER IS NEW.  THE CITE FOR THE OLD IS: Klein, 
Daniel B. and Jason Richner. 1992.  "In Defense of the Credit 
Bureau."  Cato Journal 12: 393-412.]  He is certainly
>entitled to his opinions, which I disagree with pretty much 100%! [ED, 
YOU DISAGREE WITH 100 PERCENT BUT YOU DON'T IDENTIFY A SINGLE SPECIFIC 
POINT.  THAT SHOULD BE EASY IF I GOT IT 100 PERCENT WRONG.]
>
>Of course, after the Klein article came out, Congress saw fit to agree with
>PIRG and Consumers Union to make major changes to the Fair Credit Reporting
>Act in an attempt to improve credit bureau accuracy and privacy protections
>(although we lost ground in a few areas and admitted it at the time). 
[ARE YOU SUGGESTING THAT CONGRESS IS AN WISE ARBITER OF IDEAS AND 
POLICIES?  WE (I.E., ECONOMISTS) HAVE THEORIES THAT SUGGEST THE OPPOSITE 
CONCLUSION, BASED PRINCIPALLY ON THE FACT THAT THE VOTERS, WHO COLLECTIVELY 
HOLD THE WHIP, HAVE NO INCENTIVE TO KNOW BETTER ABOUT POLICY (SINCE THE 
INDIVIDUAL VOTER CAN'T AFFECT WHAT HAPPENS ANYWAY), AND THEREFORE THE 
CONGRESSMAN DANCES TO AN IGNORANT MASTER.  HAVEN'T YOU EVER NOTICED THAT 
POLITICIANS ARE WIND BAGS?]
>
>I actually think, as far as it goes, that the FCRA comes closest of any US
>laws to implement MOST of the Fair Information Practices or FIPs. Where it
>falls short is mostly in circumstances where exceptions have been carved
>out by powerful special interests and where technology has made the law
>obsolete. As an example, credit and underwriting decisions are or will
>increasingly be made by massive financial conglomerates -- relying only on
>information generated from their own virtually unregulated in-house
>databases, not based on info from the highly regulated third party credit
>bureaus. These decisions will not be subject to the FCRA. This is one
>reason we need to enact an overarching privacy law that applies FIPs to all
>uses of sensitive consumer information. [ED, ON ALL THE ISSUES YOU'VE 
WORKED ON, HAVE YOU EVER TAKEN THE SIDE OF FREEDOM?  OR DO YOU ALWAYS FAVOR 
MORE GOVERNMENT INTERVENTION?  THERE ARE SO MANY ENORMOUS OPPORTUNITIES FOR 
A REAL CONSUMER ADVOCATE TO HELP CONSUMERS BY TAKING THE FREE ENTERPRISE 
SIDE.  HAVE YOU EVER?  HAVE YOUR PIRG COLLEAGUES?  SOME NICE EXAMPLES OF 
WHERE YOU GUYS COULD REALLY HELP: THE BATTLE AGAINST THE SOCIALIST SCHOOL 
SYSTEM, THE BATTLE AGAINST THE POSTAL MONOPOLY, THE BATTLE AGAINST THE FDA 
STRANGLEHOLD ON OUR DRUG OPPORTUNITIES, THE BATTLE AGAINST OCCUPATIONAL 
LICENSING . . .   OR ARE YOU REALLY JUST PROMOTING THE LEFTIST AGENDA?]
>
>Anyway, I now wonder what the other chapters are like. Hope they've got
>some by people like Rotenberg!
>Ed Mierzwinski
________________________________
COMMENTS BY Jonathan Rowe:

>Date: Mon, 11 Sep 2000 19:00:22 -0400 (EDT)
>From: Jonathan Rowe <rowe () essential org>
>To: Declan McCullagh <declan () well com>
>Subject: Re: FC: Why credit bureaus protect privacy, help society, by D.Klein
>
>
>
>         Is this guy equating a magazine article which is open to all and
>to which subject can respond, to a credit report which the subject may
>never see?  jr [WHEN IT IS OPEN, PEOPLE CRY PRIVACY INVASION.  WHEN IT IS 
DISCREET, THEY CRY LACK OF ACCOUNTABILITY!  CREDIT RECORDS ARE OF COURSE 
OPEN TO THE INDIVIDUAL WHOM THE RECORDS ARE ABOUT.]



COMMENTS BY Peter A. Tower:

>Date: Mon, 11 Sep 2000 14:04 -0500
>From: "Tower, Peter A." <Peter.Tower () fiserv com>
>Subject: Re: FC: Why credit bureaus protect privacy, help society, by
>  D.Klein
>To: declan () well com
>
>I went looking in vain for the signpost that would tell me when the author of
>this conclusion was done with his tongue-in-cheek statements.  Let's see,
>where
>should I start.  Perhaps my credentials would help.
>I spent 11 years in the collection industry, 8 of those managing disparate
>data
>retrieval, data reporting and skip tracing tools for the 9th largest
>collection
>agency in the country.  I lectured at seminars at Drexel University on
>information retrieval and how it affects indivudual privacy.  I invented and
>shopped an information retrieval tool for use in hospitals.
>On average, it is reliably estimated that 40% of the data reposited in the
>databanks of the 3 remaining national credit bureaus is either incomplete,
>incorrect or out-of-date. [I DON'T BELIEVE THIS IS TRUE.  I REMEMBER IN 
THE EARLY 1990S MIERZWINSKI CLAIMING THAT 33% PERCENT OF REPORTS HAD MAJOR 
ERRORS, BUT HIS METHOD WAS ANALOGOUS TO SURVEYING THE HEALTH OF AMERICANS 
BY INTERVIEWING PEOPLE WHO ARE GOING INTO THE HOSPITAL(SEE THE 1992 KLEIN 
AND RICHNER PAPER).  IT IS ACTUALLY A VERY TOUGH PROBLEM TO MEASURE 
ACCURACY RATES, BECAUSE NO ONE (ASIDE FROM GOD) KNOWS THE TRUTH AGAINST 
WHICH WE WOULD MEASURE THE ACCURACY OF THE INFORMATION IN REPORTS.]  To 
their credit, the bureaus spend a lot of
>time and
>money to try to maintain the integrity of their databases, but concurrency is
>based on what various companies report to them and when they do so.  It costs
>man hours to assure that the data about your consumer is current and correct,
>and these days that emphasis has slipped.  There are various means of redress
>that a consumer can utilize to request correction or deletion of the data on
>their CBR (Credit Bureau Report).  If that fails, a note can be added
>explaining, briefly, their side.  Too bad that the companies requesting
>the CBR
>never see it these days.  Most transmissions of this data are now electronic
>and utilize sophisticated rating algorithms that provide income to the
>bureaus.  The few people who actually will look at either a paper printout
>of a
>CBR or have it on screen, are collection agencies and the like.  A bank loan
>officer will have most of the research done for them by their sophisticated
>data links in advance, thereby negating any possibility of any human judgment
>interfering in the loan qualification process.
>As far as the professor's conclusion that a stranger may gain assurance of
>trustworthyness via credit reporting references, they couldn't care
>less.  Most
>of the time, the institution interested in your financial profile is
>utilizing
>rating algorithms and electronically assessing risk, and an individual
>doesn't
>have the means or the access to pull your CBR.
>In reference to the ratings promulgated by consumer magazines.  I would
>rather
>learn from a user in the real world how a product functions than use a
>computer
>model.  I wonder if a computer model would have had the information that
>Firestone tires were allegedly (have to be careful here!) underinflated to
>26lbs in order to improve the lateral stability of the SUV being tested.  A
>programmers assumption would have been to utilize the standard norms for the
>industry (29+lbs) instead of  the variance that may have caused the
>results we
>now have.
>Obviously the professor needs to take a stroll down reality lane and breathe
>the air there.  Perhaps his perspective will change, along with his
>conclusions.

[I'D LIKE TO REITERATE THE CENTRAL POINT OF MY PAPER: THE RESTRICTIONS ON 
FREEDOM OF SPEECH AND CONTRACT PROMULGATED BY THE SO-CALLED 
CONSUMER/PRIVACY ADVOCATES WEAKENS THE ACCOUNTABILITY MECHANISMS, REDUCES 
THE CONFIDENCE OF THE CREDITOR/EMPLOYER/INSURER/LANDLORD, MAKES IT LESS 
LIKE THAT THE SAME WILL TRUST THE CONSUMER, AND THEREBY REDUCES THE 
OPPORTUNITY AND ATTRACTIVENESS OF OPPORTUNITIES FOR THE CONSUMER.]




-------------------------------------------------------------------------
POLITECH -- the moderated mailing list of politics and technology
You may redistribute this message freely if it remains intact.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------