Facebook fulfilled an old promise last month in the most Facebook way possible: by sounding nice on paper and glossing over the details. Their new privacy tools are a laughably inefficient and insufficient set of measures, because fundamentally, they’re not trying to actually solve the stated problem: Facebook’s surveillance-based business model. It’s more proof that forcing individuals to protect themselves from the abuses of giant corporations is a cruel fantasy. This collective problem will require a collective solution. It’s about time regulators stepped in to do something about it. 

This week the social media titan began rolling out a new slate of features to let users manage their “Off-Facebook Activity,” an awkward euphemism for all of the ways the company tracks its users’ browsing habits when they’re not actually on Facebook. Despite CEO Mark Zuckerberg’s promise that the new feature would let you “flush your history whenever you want,” “Off-Facebook Activity” offers no tools for deleting the data Facebook has gathered about you. Nor will it let users fully opt out of having their browsing activity tracked. No matter what, if you have a Facebook account, the company is watching what you do online.

So what does “Off-Facebook Activity” do? It lets users see much more of what Facebook knows about them. Even if users cannot take meaningful action to stop it collecting the information. Instead users can “anonymize” their data — but the anonymous data will still be reported to advertisers and, as a former Federal Trade Commission official noted, it’s pretty easy to re-identify an individual.

Oh, and lest we forget merely because it is laughably impractical, Facebook now allows users to sift laboriously through every website which sends data back to Facebook (nearly a third of the web) and request one by one that these websites not use any of their obvious or subtle tools to send information to Menlo Park.

What few protections the system offers are very complicated and ultimately unrewarding for privacy-minded Facebook users. Essentially, anyone who wants to keep prying eyes off of their sensitive information needs to first spend hours figuring out the technicalities of how online advertising programs even work. If users can parse out the information they need, the tools at their disposal only (slightly) protect them. Meanwhile, everyone with less patience or sophistication is left open to corporate espionage. 

If, as a society, we want to prevent Facebook users from feeling spied on, there is a much simpler and more efficient way to do that: force Facebook to stop spying on them. Of course, doing so challenges the company’s business model. Thus, the mere suggestion that regulators might move in that direction has inspired Facebook to begin a counterattack, one that deploys a tactic first pioneered by Wall Street and predatory lenders: shift responsibility to consumers while furiously resisting the structural changes that could actually help them. 

Rachel Cohen documented this tactic’s history for The American Prospect in June: as bankruptcy rates skyrocketed in the 1990s, Ford Motor Credit CEO Robert Odom fretted about young people failing to learn “financial literacy,” or the ability to recognize exploitative terms in auto loans. Never mind that Odom’s fellow auto-lenders were the ones offering these exploitative terms in the first place. Over the next two decades, states and the federal government rolled out a slew of educational counter-measures, in hopes of teaching students how to navigate the financial marketplace. Teach young people how to be smarter customers, the thinking went, and this whole predatory lending problem will sort itself out.

Except, as anyone who’s tried to read their mortgage or credit card paperwork knows, it’s not that simple. Financial contracts have mountains of legal jargon, and bury crucial details in  subsections of subsections. All of the information one needs for an informed decision is technically there, but in practice, it’s almost impossible for the average person to parse out what matters — and often, they’re under heavy emotional pressure to sign immediately. In other words, unless financial literacy workshops are training almost everyone as a consumer protection attorney, they are woefully insufficient for the problem at hand.  

Luckily, financial literacy or universal law degrees are not the only two options available to lawmakers who wanted to fight predatory lending. Indeed they could choose the far more straightforward path of simply banning predatory loans. As Lauren Willis, an academic and leading critic of financial literacy, told Cohen, “People aren’t dumb, they’re just busy, and we should regulate around those things, with the assumption that there are certain things a consumer can do and other things they can’t, and that it would be silly to ask them to do.”

Congress did eventually move toward ending the “financial literacy” regime by establishing the Consumer Financial Protection Bureau, a powerful watchdog designed to spot and stop bad behavior in consumer finance markets. Here was a bureau of actual consumer protection attorneys working in the public interest who had the rule-making power to box out any new, exploitative weapons which predatory lenders might develop. 

Unfortunately, the Trump administration reversed many of these gains. Since taking power, Trump officials have systematically defanged the agency. In a twist of tragic irony, its new director announced in April that one of her major focuses would be promoting financial literacy.

Substituting consumer choice for active regulation is tremendously profitable. That is why predatory lenders and technology companies alike want to rig the rules of their respective markets such that consumers must try to avoid getting ripped off, instead of the companies accepting rules that would stop them from ripping people off in the first place.  

Indeed, fellow tech titan Google seems to be signalling that it’s taking a similar approach to quelling its own privacy concerns among users. Last Thursday, the company said it would create a “Privacy Sandbox” for its Chrome browser, which would set new standards in order to “build a more private web.” It’s unclear right now what that means in concrete terms, but it definitely doesn’t mean that Google will change any part of its core website — and Facebook’s shift from promising to “flush your history whenever you want” to the meager Off-Facebook Activity options should leave onlookers skeptical about other tech giants taking the high road. 

Plus, avoiding exploitation is getting much harder thanks to market consolidation. “Consumer choice” regimes presume that markets are competitive, which simply isn’t true for much of the modern American economy. Take Facebook. Even if a consumer does all of the leg-work, and isn’t satisfied with their privacy options, they’re still almost forced to use a product owned by this social media titan. As Rep. Joe Neguse pointed out at a Congressional hearing last month, the company owns four of the top six social networks. Flee to Twitter or the Google-owned YouTube, and one finds the same, gross business model. There’s no escape from the surveillance.

Critics might respond that social media is a non-essential product, and if one doesn’t like corporate surveillance, they should just delete their accounts. Try telling that to a journalist, musician, entrepreneur, or activist — anyone who needs others’ attention. These forums are just too powerful, and the companies holding the keys are just too big and unaccountable, for market-based fairy dust to work.

Given these big, structural obstacles, the solution cannot rest on individual action. We don’t prevent pandemics just by teaching people to avoid rats. The government convenes the forces necessary for creating vaccines and medicines to eradicate diseases in the first place. Preventative treatments work. Likewise, if an industry is preying on the public, it’s insufficient to simply inform and educate its would-be targets. 

In this case, our “vaccines” must come from specialized regulators like the CFPB, Federal Communications Commission, and Food and Drug Administration. Society recognizes that it’s unfair and dangerous to expect every individual to be their own, and only, advocate in every transaction with complex and powerful industries. The staff at these agencies are (or could and should be) trained experts who follow these fields for a living, and they can set rules in order to stop new forms of exploitation that profit-hungry bad actors invent.

The agencies need to rediscover the powers they already have. They need to push back against the failed market-driven policies of the last four decades. But as the CFPB example demonstrates, that can only happen with strong leadership from the top. Unless agency heads actually understand and believe in the missions of their agencies, nothing is going to change. Properly staffing and leading the executive branch agencies will be one of the most important ways any new president can actually improve Americans’ lives. 

Yet Democratic leadership has continued to neglect these appointments, and the opportunities to wield power that they represent. Until that changes, we can all expect a lot more scoldings from billionaires over their own deceptions and theft. In a world of “Buyer Beware,” it’s always the little guy who suffers.