Federal Trade Commission Chairwoman Edith Ramirez and Commissioner Julie Brill both spoke out recently about the issue of “big data.”
Referencing the revelations about the extent to which the National Security Agency collected information about citizens, Brill authored an op-ed in The Washington Post in which she noted that consumers have called on the government to increase transparency. Similar calls, she said, should be made on data brokers. “All day long, as we surf the Web, tap at apps or power up our smartphones, we send digital information out into cyberspace,” she wrote. “As we live our wired lives, we constantly add to the veins from which data miners pull pure gold.”
But the use of such collected information ranges from the benign – an ad for suede boots, for example – to illegal, when data dossiers are used to determine “what rates we pay, even what jobs we get.”
Therefore, Brill reiterated her call for a “Reclaim Your Name” program to be adopted by the data broker industry.
As envisioned by Brill, the self-regulatory program would “empower people to find out how brokers are collecting and using their data; give people access to information that data brokers have amassed about them; allow people to opt out if they learn that a data broker is selling their information for marketing purposes; and provide consumers the opportunity to correct errors in information used for decisions about substantive benefits.”
Brill’s piece concluded on a positive note. She suggested that data brokers and consumers can coexist peacefully “with a system that empowers consumers to make real choices about how our privacy information is used. Such a system would go a long way toward restoring consumer trust in the online and mobile ecosystems, allowing us to continue to enjoy all the convenience, entertainment and wonder that cyberspace has to offer.”
FTC Chairwoman Edith Ramirez also recently discussed data collection practices in her keynote speech at the Technology Policy Institute’s annual conference, where she cautioned that the agency plans to target companies with large quantities of data.
“Big data” poses a threat to privacy and enhances the need for data security, she said, and the agency intends to use its powers “like a lifeguard at the beach” to investigate and take action against companies that falsely state how they use consumers’ data or harm consumers with inadequate data security practices.
“Like a vigilant lifeguard, the FTC’s job is not to spoil anyone’s fun but to make sure that no one gets hurt,” Ramirez said. “With big data, the FTC’s job is to get out of the way of innovation while making sure that consumer privacy is respected.”
To that end, Ramirez – who noted that the agency has brought over 40 data security cases, including some against “very large data companies” like LexisNexis and ChoicePoint – made some suggestions to companies collecting consumer data.
Dangers like the indiscriminate collection of data, the lack of meaningful consumer choice, and the threat of a data breach could be minimized or avoided by the use of privacy by design, greater transparency, and meaningful consumer choice.
She also said the agency intends to release a report on data brokers by the end of the year and reiterated her support for the (currently stalled) Do Not Track initiative.
To read Brill’s op-ed, click here.
To read Woolley’s letter in response, click here.
To read the text of Ramirez’s speech, click here.
Why it matters: Linda A. Woolley, president and CEO of the Direct Marketing Association, issued an open letter in response to Brill’s “alarmist” editorial. “Asserting that consumers need to ‘reclaim their names’ focuses on speculative harms and ignores the consumer protection derived from customization and personalization of Internet experiences through the commercial use of data,” she wrote. “Suggesting that marketing data is used to ‘determine what offers we receive, what rates we pay, even what jobs we get’ is factually inaccurate and misleading, given that the use of any data – including marketing data – for eligibility determinations is already illegal under the Fair Credit Reporting Act. The op-ed wrongly suggests that this is not the case for some data. In fact, a ‘reclaim your name’ campaign would lead to more fraud and limit the efficacy of companies and data discussed in the op-ed.” Rachel Thomas, vice president of government affairs for the DMA, told MediaPost that Brill’s move doesn’t help the ongoing talks between her group and the agency. “These kinds of attacks do not help having that kind of productive conversation that we were involved in,” Thomas said. “The conflation of what the NSA does in terms of data practices, and what responsible marketers do, is irresponsible and inaccurate.” Companies compiling data should also note that Ramirez cautioned about the agency’s continuing focus on “big data” and its willingness to implement enforcement actions as needed. Or, as she put it, paraphrasing a well-known superhero adage: “With big data comes big responsibility.”