Andrew F. Tuch is Professor of Law at Washington University School of Law. This post is based on his recent paper.
Countless high-profile abuses of user data have put Facebook, Google, and other digital companies within the sights of lawmakers. Across the political spectrum, legislators condemn these firms’ conduct, accusing them of undermining user privacy and data security. Scholars and other commentators seek greater oversight of digital enterprises. In this environment, one especially influential reform proposal has emerged: making digital companies “information fiduciaries” of their users. The information fiduciary model, most prominently proposed by Jack Balkin, enjoys bipartisan support and is being considered in proposed privacy laws at the federal and state levels.
But while there is enthusiasm behind the information fiduciary model, it also faces powerful opposition from critics who regard it as incompatible with Delaware corporate law and at odds with firms’ powerful self-interests. The most forceful criticism comes from David Pozen and Lina Khan, who argue in the Harvard Law Review that the information fiduciary model “could cure at most a small fraction of the problems associated with online platforms—and to the extent it does, only by undercutting directors’ duties to shareholders, undermining foundational principles of fiduciary law, or both.” Summarizing their critique, Professor Pozen describes Balkin’s information fiduciary model as “flawed—likely beyond repair—on conceptual, legal and normative grounds.”
In A General Defense of Information Fiduciaries, I argue that neither criticism of the information fiduciary model holds water. The first criticism rests on a mischaracterization of corporate law, while the second fails to account for the adaptability fiduciary law has shown in other settings, such as the asset management industry. These criticisms warrant close attention because they have proved influential among commentators and industry participants and because, if accepted, they undermine commonly used regulatory techniques in other industries, especially financial services.