retail news in context, analysis with attitude

I liked this email about the Facebook situation from MNB reader David Tuchler:

So here’s the thing: any normal business that screwed up or compromised its customers’ privacy or violated any other customer rights would be compelled to offer some sort of make-good (morally if not legally). If the laundry scorches your shirt, they cover the cost of the shirt or give you a credit. Even Equifax offered a identity protection service, even if it was sort of a ‘honestly, you can trust me again’ thing. The point is that the injured party is somehow compensated.

Facebook is different - it does not collect revenue from its consumer users. So even with millions of its users' confidential data breached and a market cap of $464 Billion (that’s over $200 per user or $6000 per affected user), does Facebook have a responsibility to somehow make things right? And how would that even happen? In-kind gestures (we’ll extend your subscription another 3 months) doesn’t necessarily work here - - not only because FB is free already, but I don’t want any more FB - - I actually want less.

This is one of those areas where the law hasn’t kept up with the fast-moving nature of online activity (sort of analogous to the online sales avoid sales tax loophole). To the extent these social media companies have no avenue to make things right, I would have to agree with the European direction of requiring more strict and obvious safeguards and opt-in mechanisms so that risks are made clear and users can make a more rational judgment on whether to join or not.

KC's View: