The Cost of Privacy: Netflix – Three Years & Three-Quarters of a Million Dollars

Netflix

I’ve written before about how well-intentioned privacy laws and regulations can come at the expense of innovation and harm consumers (see here, here, and here), but there is not a lot of data available to show the exact impact. However, a new feature on Netflix provides a good case study of the impact on innovation of at least one of these privacy rules.

First, some background. Today, Netflix announced a new feature—“Netflix Social”—which lets users share the TV shows and movies they watch on Netflix with their friends on Facebook. As Cameron Johnson, the director of product innovation, at Netflix explains on the official Netflix blog:

By default, sharing will only happen on Netflix. You’ll see what titles your friends have watched in a new “Watched by your friends” row and what they have rated four or five stars in a new “Friends’ Favorites” row. Your friends will also be able to see what you watch and rate highly… You are in control of what gets shared. You can choose not to share a specific title by clicking the “Don’t Share This” button in the player. You can also visit your “Social Settings” in “Your Account” on Netflix.com to turn on additional sharing to Facebook or stop sharing altogether.

The feature itself is fairly simple—integrating a social network into a popular website so that users can get a personalized experience based on what their friends like. Many popular websites, such as Yahoo News, The Washington Post, and The Huffington Post have already integrated these types of features for news and other audio and video content. (ITIF’s The Innovation Files also recommends popular content on our blog based on what Facebook users like.)

But this particular feature on Netflix is interesting because it is a prime example of how privacy laws and regulations can stall innovation. Specifically, Netflix did not release this feature until now for U.S. consumers because this type of automated sharing had been prohibited under the 1988 Video Privacy Protection Act (VPPA). Even though privacy fundamentalists, such as EPIC, opposed these updates and argued that the law should be expanded to include even more severe penalties for violations, Congress passed an update to the VPPA at the end of last year and this feature is now permitted.

So what was the cost of privacy to Netflix users from the VPPA? There are at least two ways we can measure the cost of the original VPPA—in time and in money.

The time cost is the delay for consumers in benefitting from a particular innovation. One measure of the delay in innovation is the time between when Netflix launched this feature for non-U.S. users and when it made this feature available to U.S. users. Netflix first launched Facebook integrating for Canada and Latin America in September 2011, so this delay has been about a year and a half. Another measure of delay in innovation can be seen in the time between when U.S.-based non-video service providers integrated Facebook sharing features and when Netflix did so. (This might be a better measure since it is comparing the same user base.) If we use this as a measure, then Netflix’s announcement comes almost three years after the Washington Post first integrated Facebook into its website and approximately a year and a half after Spotify integrated Facebook into its music streaming service.  Given these figures, it’s reasonable to say that in this case privacy laws delayed innovation by between one and a half to three years.

One financial cost is the outlays by a company for privacy regulations that cannot then be spent on product development (or lower prices for users). This cost is difficult to pin down exactly, but it is possible to get a rough estimate. Using financial disclosure forms, we can see that Netflix spent approximately $1 million in 2012 and $500,000 in 2011 lobbying the federal government. While updating the VPPA certainly wasn’t the only legislative priority for the company, it is safe to say that it was high on the list. Still, even if we take a conservative estimate that Netflix spent between one-third to one-half of this amount lobbying for the VPPA that still comes out to a total cost of $500K to $750K.

So the cost of the VPPA is approximately three years and three-quarters of a million dollars. This might not sound like much, but remember that this is only the cost for Netflix (and its users) and only for this particular feature (Hulu, for example, is facing a class action lawsuit for sharing video watching histories of its users with its web analytics providers). Consumers are fortunate that in this case Congress put their interests ahead of the privacy zealots, but that may not always be the case and not all companies have the resources to get bad privacy laws changed. As policymakers in the United States and Europe contemplate additional privacy laws and regulations that may lock down future innovation, it is worth keeping the Netflix case in mind as an example of the unintentional impact of privacy on innovation.

Print Friendly

About the author

Daniel Castro is a Senior Analyst with ITIF specializing in information technology (IT) policy. His research interests include health IT, data privacy, e-commerce, e-government, electronic voting, information security and accessibility. Before joining ITIF, Mr. Castro worked as an IT analyst at the Government Accountability Office (GAO) where he audited IT security and management controls at various government agencies. He contributed to GAO reports on the state of information security at a variety of federal agencies. He has a B.S. in Foreign Service from Georgetown University and an M.S. in Information Security Technology and Management from Carnegie Mellon University.