The Future of Self-Regulation is Co-Regulation

The Cambridge Handbook of Consumer Privacy, From Cambridge University Press (Forthcoming)

23 Pages Posted: 11 Oct 2016

See all articles by Ira Rubinstein

Ira Rubinstein

New York University (NYU) - Information Law Institute

Date Written: October 5, 2016


Modern regulatory theory has long treated voluntary self-regulation and direct government regulation as opposing ends of a regulatory continuum, with most self-regulatory schemes falling somewhere in the middle. This chapter explores the middle ground by examining co-regulatory approaches to privacy, in which industry enjoys considerable flexibility in shaping self-regulatory guidelines, consumer advocacy groups have a seat at the table, and government sets default requirements and retains general oversight authority to approve and enforce these guidelines. Privacy co-regulation is generally understood as a collaborative, flexible, and performance-based approach to privacy regulation that draws on the theoretical insights of collaborative governance theory.

This chapter argues that privacy self-regulation in the form of voluntary codes has had a sufficiently long run to prove its worth but has failed. Now is the time to make the transition to co-regulation, especially in the U.S. It is organized into three sections. The first considers in greater detail the differences between self-regulation and co-regulation. The second looks at the failure and stubborn persistence of voluntary codes of conduct. The third shifts the discussion to three case studies of privacy codes and practices that have benefited from a co-regulatory approach. In the past few years, there have been some notable developments in co-regulatory schemes as well some important empirical studies. These new materials provide an opportunity to understand the conditions for the success (and failure) of co-regulatory solutions in the privacy field and what this implies for the future of regulatory innovation. The chapter concludes by offering a few recommendations on how the U.S. Congress can implement co-regulatory approaches in any future legislation to optimally protect online consumer privacy while preserving innovation and economic growth.

Keywords: Privacy, self-regulation, co-regulation, codes of conduct, multistakeholder process, NTIA, corporate privacy programs

Suggested Citation

Rubinstein, Ira, The Future of Self-Regulation is Co-Regulation (October 5, 2016). The Cambridge Handbook of Consumer Privacy, From Cambridge University Press (Forthcoming), Available at SSRN:

Ira Rubinstein (Contact Author)

New York University (NYU) - Information Law Institute ( email )

40 Washington Square South
New York, NY 10012-1301
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Abstract Views
PlumX Metrics