Hopefully FTC gets to do what it does best: Regulate privacy

Getty Images

Six in 10 Americans cite consumer privacy among their top concerns in our society. As technology has progressed, privacy has moved from the fringe to the top of the public policy agenda. In Washington alone, the subject matter supports a cottage industry of conferences, publications and organizations. Although 50 bills and resolutions have been introduced on privacy in the first three months of the 115th Congress, a comprehensive federal law remains unwritten.

In the era of big data and the “Internet of Things,” privacy is at the epicenter of the technology equation. From Silicon Valley to Capitol Hill, business and political leaders have struggled to balance two sets of competing interests: the reasonable expectations of consumers for the protection of their private information on one hand, and the well-settled rights of companies to collect, use, sell, store and trade consumer data for commercial purposes on the other.

It has proven to be a difficult balancing act, primarily because privacy does not fit neatly into a business versus consumer folder. It is an issue that touches our most intimate core from family to faith to finances.

CNBC reported that online privacy would reach a tipping point in 2016, and a Forrester Research study found that “businesses that collect, store and use people’s data are most at risk of attracting hackers and regulatory oversight. They also stand to suffer the most when consumers decide to prioritize privacy over convenience, something that is already beginning to shape behavior.”

{mosads}Today’s digitally conscious consumers expect and demand more control over their own data. They want to determine when, where and how they interact with banks, stores, and advertisers. Although collected data helps to inform innovation and improve services, transparency, choice and consent are the consumer mandates of the day. These have been bolstered by massive data breaches and the standoff between Apple and the FBI over cellphone data.


After each incident, corporations vow to do more to protect our privacy. Marketers have banded together to self-regulate online advertising and data collection practices, and consumers are empowered to search the web anonymously. Beyond legal and regulatory compliance, companies spend billions on privacy and data protection measures.

In Washington, the privacy debate has taken on new dimensions. The latest twist involves the broadband privacy order adopted by the Federal Communications Commission (FCC) in the waning days of the Obama administration. The rule subjects broadband internet access service (BIAS) providers to different standards than edge providers, web browsers, operating systems, keyboard applications and the rest of the internet ecosystem.

Under the Obama rules, companies that provide broadband internet service, like AT&T, Comcast and Verizon, are regulated by a different, harsher, set of rules than companies like Facebook, Google and Netflix that tap into the internet (edge providers) for entertainment, data or informational services.

The FCC justified the harsher privacy rules for BIAS providers based on what it called their “unique position in the Internet ecosystem” and their pervasive access to consumer data. Edge providers, in contrast, fall under the more lenient privacy enforcement rules of the Federal Trade Commission (FTC).

In simple terms, broadband internet access service providers want the Obama broadband order to be reconsidered. Technology and consumer groups want the order to remain in place. The policy divergence has the makings of a classic Beltway battle, with dueling data, studies and experts, and big dollars spent on messaging.

Of course, the new FCC chairman, Ajit Pai, has a fundamentally different worldview than his predecessor. It is a view that eschews the FCC’s role in broadband privacy enforcement altogether, embraces the FTC’s primary role and questions why broadband internet service providers are treated more harshly than technology companies operating on the edge.

Leading privacy experts at Tech Freedom and the Competitive Enterprise Institute, among others, believe the FCC should not be regulating broadband privacy, citing a flimsy statutory foundation under Title II of the Communications Act.

While this may seem to be an arcane or de minimis distinction, there are major implications in the multibillion dollar market for broadband services. In January 2017, nearly a dozen corporations and trade associations filed a petition for reconsideration of the Obama-era privacy rules with the new FCC.

To date, the commission has received 290,000 comments, with nearly 13,000 filed in the last 30 days alone. The comments span the policy spectrum and reflect a diverse range of interested parties, including academic, advertising, cable, software, technology and telecom organizations, as well as a who’s who of consumer and public interest groups.

On Thursday, the Senate voted to roll back the FCC’s privacy order, invoking the Congressional Review Act. The House is expected to follow.

For decades, the FTC has shaped the privacy landscape through its balance of consumer and commercial rights, law enforcement and policy advocacy. It has embraced effective self-regulation in numerous industries, and has encouraged the adoption of strong privacy programs with independent monitors.

When warranted, it has brought enforcement actions, requiring companies to obtain consumers’ express consent before materially changing their data practices. It has prosecuted online advertising networks that failed to honor opt-outs, and made sure that a consumer’s choice not to be tracked by advertisers is respected. It has challenged applications that set default privacy settings in a way that cause consumers to unwittingly share their personal data, and sued companies for failing to maintain reasonable data security.

When it comes to enlightened policy and consumer education, the FTC has convened scores of surveys, workshops, conferences and reports on privacy and data security issues. It has set global standards and proven itself fair, nonpartisan and business agnostic. It has testified before Congress and added thought leadership and practical guidance to other governmental agencies, including the FCC and the European Union.

Consumers and businesses have come to rely on the FTC website and its popular plain-language reports. It is home to the federal government’s largest roster of legal, economic and privacy experts. As far as privacy goes, no other agency even comes close.

As this debate unfolds, the fundamental facts of privacy, personal information and technology remain. Scores of invisible intermediaries access and collate high volumes of data through tools and techniques unseen and unknown to most of us.

Analytic technology allows Google, Yahoo and Facebook, for example, to track our searches, scan our email, cross-reference our contacts, and mine our data to deliver ads and make lots of money based on what we do online. The breadth and depth of information amassed by Google, alone, for example, surpasses everything collected by all retail, financial, media, healthcare, telecommunications, communications, utility, entertainment and nonprofit firms combined.

Oh, and that goes for the U.S. government, too.

In the evolving exchange of free services for data, consumers are at a clear disadvantage. They will always be outpaced — but not protected — by technology. Legislation tends to resolve what is behind us, not what is before us. And heavyhanded enforcement without a semblance of equity does little to effect progress.

But there remains hope in the regulation of broadband privacy under the FTC rules, which have adroitly balanced both consumer and business mandates for decades.

As policymakers seek new measures on privacy enforcement, they should not overlook the questions surrounding the FCC, or the faith placed in the FTC over the years by consumer, government and industry leaders to regulate fairly, evenly and responsibly.

Adonis Hoffman is chairman of Business in the Public Interest. He is an adjunct professor at Georgetown University and former chief of staff and senior legal advisor to FCC Commissioner Mignon Clyburn.

The views of contributors are their own and not the views of The Hill.

See all Hill.TV See all Video