FTC’s Brill pushes Congress on privacy laws

A Democrat on the Federal Trade Commission (FTC) is pushing Congress to pass data privacy laws.

Speaking at Princeton’s Woodrow Wilson School on Thursday, FTC Commissioner Julie Brill called on Congress to pass three privacy laws, including one that would require transparency for “data brokers,” or the companies that track consumers for marketing purposes.

ADVERTISEMENT
Consumers should be able to view and correct data broker profiles about themselves and opt-out of marketing based on those profiles, Brill said, according to prepared remarks.

“I believe we should be concerned about the damage that is done to our sense of privacy and autonomy in a society in which information about some of the most sensitive aspects of our lives is available for analysts to examine without our knowledge or consent, and for anyone to buy if they are willing to pay the going price,” she said.

Specifically, Brill pointed to a data broker transparency bill recently introduced by Senate Commerce Committee Chairman Jay Rockefeller (D-W.Va.) and Sen. Ed Markey (D-Mass.).

Brill also called on Congress to pass a baseline privacy bill to “close the gaps in consumer privacy protections and help level the playing field among businesses.”

While there are currently laws in place to protect sensitive data — such as financial data, health data or data about children — there should be a “baseline privacy legislation for the commercial arena,” she said.

Finally, Brill echoed the calls made by FTC Chairwoman Edith Ramirez by pushing for a federal data security law.

“I think it is increasingly clear that the United States needs data security legislation,” she said.

After the recent high-profile data breaches — including of major retailer Target, which affected the financial and personal information of tens of millions of consumers — the FTC has increasingly pushed for a federal statute that would set requirements for how a company must respond to data breaches and would give the agency the ability to bring civil penalties against companies that fail to protect their users’ data.