Facebook does it.  Google does it.  It’s everywhere in the mobile ad ecosystem.  And your smartphone does it often than you know, according to a study released on Monday by Carnegie Mellon.

Now, Federal authorities have turned their attention to cross-device and cross-service tracking of consumers over the last several days and weeks. Speaking at a Federal Communications Bar Association and American Bar Association joint event on March 25, Federal Communications Commission Enforcement Bureau Chief Travis LeBlanc expressed his privacy concerns with Triple-Play providers of Internet, video, and voice services aggregating customer data collected from across all three services. This came just a day after reports that Google would be testing a new model for television advertising in markets where it sells both Google Fiber Internet and television service. Also on March 24, the House Commerce, Manufacturing and Trade Subcommittee held a hearing on the Internet of Things that included questions about how personal information could be protected when collected and shared by connected devices.

Earlier in 2015, the Federal Trade Commission (“FTC”) started the ball rolling with a report on the Internet of Things, which the FTC discussed the benefits of connected devices, but also the security and privacy risks associated with devices and sensors – other than personal computers, smartphones, and tablets – communicating over the Internet. Then last week, the FTC announced it is following that up with an investigation into cross-device tracking, including a workshop to be held on November 16, 2015.

Seeing that consumers no longer rely primarily on web browsers to access the Internet, but instead rely “on a variety of different connected devices to navigate their daily lives,” the FTC plans to discuss how consumers are tracked across devices – from apps to wearables to browsers – for marketing and advertising purposes, and the privacy and security implications of such tracking. The FTC highlights the challenge for advertisers as the trend away from Internet access through web browsers has made cookies less effective at tracking consumers online. Instead, the FTC notes that industry has been experimenting with a variety of approaches to tracking consumers across devices, but that these approaches may be hidden from users. To prepare for the workshop, the FTC is asking for comments from the public on the following questions:

What are the different types of cross-device tracking, how do they work, and what are they used for?

  • What types of information and benefits do companies gain from using these technologies?
  • What benefits do consumers derive from the use of these technologies?
  • What are the privacy and security risks associated with the use of these technologies?
  • How can companies make their tracking more transparent and give consumers greater control over it?
  • Do current industry self-regulatory programs apply to different cross device tracking techniques?

The FTC will accept comments on these issues until October 16, 2015.