In their book Phishing for Phools, Robert Shiller and George Akerlof introduce the idea of a “phish.” They argue that there are legitimate wants/needs and then there are things people don’t actually want but can’t help themselves around (i.e., addiction, present bias, etc.). Phishing is when companies tailor their products/advertising to the latter. Unfortunately, this definition is somewhat vague, being much broader than other definitions of phishing. Cases of fraud seem to be included in the phishing category. Product differentiation via low quality inputs too. As a rule, Shiller and Akerlof conceptualize phishing as a transaction that always benefits the seller, not the buyer.
A primary point of the book is that phishing is an inherent issue of the profit motive. Even in a perfect Pareto equilibrium, phishing can still occur. As economic growth rises and production expands, phishing too may find a larger market. Accordingly, the authors believe phishing is inherent to, and encouraged by, a capitalist system. Phishing is even suggested as an important source of asset price volatility and bubbles. This predictably evolves into a discussion of the role of government in combating phishing.
How do companies phish? Reputation mining for one. Once companies have established a positive brand, they may use their reputation to push subpar products on their consumers. While certainly possible, this marks another point of contention. A brand itself is neither good nor bad. When a brand is associated with a high level of quality or reliability, a loyal consumer base will follow. However, a brand can just as easily be associated with poor quality or reprehensible standards, leading to a consumer base equally committed to avoidance. Why would a company with a good brand, which may take years/decades to establish, purposely soil its reputation with a phish?
This leads naturally to the question: How can one tell the difference between a phish and a legitimate purchase? The reader is left to induce a generalization of phishing from a series of examples. However, many of the seemingly clear-cut cases provided could easily fall under the category of fraud, and the authors make no distinction between paternalism and fraud. As a result, what is considered a nonfraud phish is seemingly defined in line with the authors’ preferences. There is little discussion of scale or use case.
Loosely speaking, anything can be a phish if used in an abusive way or at an inappropriate dosage. The vices of some may be enjoyed in moderation by others. A clean separation of legitimate and illegitimate production is not obvious, and not explicitly addressed by the authors.
Therein lies the vague definition. Everyone defines a phish differently. And since snake oil salesmen are pervasive, consumers become keen to phishing attributes, meaning everyone has developed a unique set of heuristics to avoid them. As the authors acknowledge, consumers are often aware of having been phished. Repetitive purchases, competitive marketing, boycotting, and lawsuits help weed out phishes. So again, will companies really ruin a positive brand for a quick, short-lived buck? Some might, but to say that phishing is an inherent problem with capitalism without acknowledging the plethora of ways the system deals with it is at least one sided.
Not that people never make suboptimal decisions (as with, say, addiction), but the proposal that leaders can dynamically determine what’s ideal for heterogeneous subgroups and enact locally optimal paternalistic solutions, is optimistic. By the authors’ own admission, legislation has failed to eliminate phishes even in highly regulated industries, and it may even be the source of phishes in cases of regulatory capture or incompetence. I could be convinced that there are special cases that are more clear cut, but as a universal problem I find phishing trivial.
