'Consumer Education' Least Effective Way to Protect People

This statement helps explain the drastic plunge in CFPB enforcement actions since 2016. The stated goal of the Bureau now is to move away from punishing corporate wrongdoers and towards more “consumer education” so that people can protect themselves from predatory practices.

Sounds reasonable, doesn’t it?

It isn’t.

Not too long ago I worked for one of the world’s pre-eminent tech support companies. In that capacity I learned a lot about how consumers behave. I spoke about my findings at innumerable industry conferences, including the Consumer Electronics Show. One of the things I tried to preach was this:

Consumer education is far and away the least effective approach to protecting consumers. From anything.

While my focus was on the exploding field of home automation, whose practitioners are acutely aware of the dangers in their products but not yet accepting of the futility of “consumer education,” the lessons are universal. Depending on consumers to take adequate measures to protect themselves, and then blaming them when they don’t, is not only inherently doomed to failure, it’s actually a scam. It’s a subtle one, and the perpetrators often don’t even realize themselves what a smokescreen they’re throwing up, but it’s a scam nonetheless.

A few years ago, hundreds of thousands of personal computers in the U.S. were infected by viruses of unknown origin. It took teams of experts to figure out that they were introduced through vulnerabilities created by inexpensive home security cameras from a company in China, all of which were shipped with the same, easy-to-guess default password.

Buried somewhere deep in the user manual was a note to change the factory-supplied password, about fifteen paragraphs of small print below the blaring headline, “Easy to install! Takes only a minute!”

Try to picture some beleaguered apartment dweller in a bad neighborhood, who bought the thing to protect her kids, poring through dense text that was never really written to be read so she could find out that she’s supposed to change a password she didn’t even suspect existed. Then imagine her accessing the camera’s control panel by entering a series of numbers and dots into a web browser and ticking down a cascading menu of arcane, incomprehensible commands and codes.

And that’s only one of a hundred things she’s supposed to take the time to worry about. Consumers (i.e., people who buy stuff, i.e., everybody), who are far too busy to start with, are constantly bombarded with “consumer education” intended to get them to do things to shield them from a variety of ills. They’re told to have long, complex passwords for every single online account, to never use the same password for more than one account, and to change them periodically. They’re told to “stay up on” the latest information on every product or service they own or use. They’re told to “carefully research” every vendor they’re considering doing business with, to periodically ping a dozen different consumer protection sites, to read hundreds of “Eight simple ways to protect yourself” tip sheets, to be skeptical of telemarketers, to be aware of deepfake videos and fraudulent websites, to “be careful” when responding to online offers, not to use credit cards in “suspicious” places, to check the background of every doctor and dentist they’re contemplating visiting, to thoroughly familiarize themselves with the “Fifty most common telephone/email/junk mail/television scams,” to study their rights in detail before dealing with banks, loan companies, landlords, car dealers, debt collectors, contractors, immigration consultants, credit services, cruise lines and vacation sellers, to load their PCs up with protective software…

You get the picture. For all but a handful of tech professionals who are also consumers, it’s flat-out impossible for people to adequately safeguard themselves and their families.

Did we really expect people to know that by signing up for a Facebook account they were selling their digital souls? Is the average Joe supposed to understand that, by doing Google searches, Google winds up knowing more about him than his mother does? (As a matter of fact, they end up knowing more about him than he does. They can use artificial intelligence to draw up profiles of political suggestibility, sexual preferences, and a host of eerily accurate psychological insights exploitable by a wide variety of third parties, not all of whom are completely scrupulous. Don’t believe it? It’s already happening. Read my Newsmax.com column about the Facebook-Cambridge Analytical role in the 2016 election.)

Let me be clear: I’m generally not an advocate of more government regulation. I believe that the competitiveness of American businesses has been compromised by overzealous regulations and a failure to consider the real-world consequences of ill-considered restrictions.

But “consumer education” is not the right alternative. It’s all too often a broad brush, reasonable-sounding abrogation of responsibility, music to the ears of corrupt or inattentive corporations and cybercriminals, shorthand for, “We don’t have the time or the money or the inclination to protect you, so here’s a handful of brochures we printed to make everybody think we’re doing something, and you’re on your own.”

That’s why we need independent regulators with the mandate, resources, and commitment to help our citizens in ways in which they can’t help themselves.

Americans pay over $3.5 trillion in taxes each year. Is it too much to ask that some of that be spent on regulation and strict enforcement to protect consumers from very real threats that they can’t possibly be expected to even understand, let alone deal with?

Whenever you hear, “We’re going to rely on consumer education to get the word out and [I love this one] raise awareness,” someone isn’t doing his job and consumers are about to get hosed.

Lee Gruenfeld is a managing partner of Cholawsky and Gruenfeld Advisory, as well as a principal with the TechPar Group in New York, a boutique consulting firm consisting exclusively of former C-level executives and "Big Four" partners. He was vice president of strategic initiatives for Support.com, senior vice president and general manager of a SaaS division he created for a technology company in Las Vegas, national head of professional services for computing pioneer Tymshare, and a partner in the management consulting practice of Deloitte in New York and Los Angeles. Lee is also the award-winning author of fourteen critically-acclaimed, best-selling works of fiction and non-fiction. For more of his reports — Click Here Now.