FTC warns tech industry about crackdown on ‘data abuses’
The Federal Trade Commission staked out an aggressive position on consumer data protection during the agency’s online annual PrivacyCon event Tuesday, warning the tech industry to expect a crackdown on “data abuses.”
“Data abuse reflects the fact that rampant corporate data collection and sharing and exploitation harms consumers, workers, and competition in ways that go beyond libertarian privacy concerns,” Democratic FTC Commissioner Rebecca Kelly Slaughter said during her opening remarks. The agency would be examining a wide range of questions about fairness related to where data and security intersect with racial bias, civil rights, and economic exclusion, she added. The event’s agenda reflected this approach, including talks on algorithmic bias as well as consent models related to advertising technologies and connected devices.
FTC Chief Technologist Erie Meyer laid out some specific changes consumers and industry can expect, including making sure companies “cannot and will not benefit from ill-gotten data,” and that people hurt by these business practices “are able to understand what happened to them and get help, actual help.”
In practice, Meyer said, this may mean restructuring business incentives or corporate structures, but also forcing companies that break the law to not just be forced to give up money and data, “but the algorithms that were juiced by ill-gotten data.”
The FTC has long been the federal government’s de facto privacy enforcer, relying on the agency’s statutory mandate to protect consumers from unfair or deceptive practices in lieu of a federal privacy law. But in most cases, the FTC is unable to impose financial penalties in data or privacy cases until after a company has already had a security incident that led to a settlement order requiring agency oversight of corporate data practices. And even then some, including Slaughter, have argued that financial penalties against tech giants don’t do enough to prevent bad behavior.
The largest dollar penalty to date levied by the FTC was a $5 billion fine against Facebook as part of a settlement related to data practices that was announced in 2019 and received court approval in 2020, enabled due to a 2012 settlement agreement over past privacy and data security concerns. In her dissent statement on that settlement, Slaughter argued that the settlement did not go far enough to protect consumers and noted that the fine amounted to a month of the company’s revenue at the time.
Current FTC Chairperson Lina Khan is a longtime critic of the power wielded by large technology firms and her nomination by President Joe Biden was viewed by many as a signal of the growing divide between Democrats and the industry. However, the agency recently saw a major setback in its efforts to limit the power of big tech firms last month when Judge James E. Boasberg of the U.S. District Court for the District of Columbia dismissed antitrust suits against Facebook brought by the FTC and more than 40 states. The agency recently received an extension to submit an amended version of its antitrust complaint, which it now must file by August 19.
Andrea Peterson
(they/them) is a longtime cybersecurity journalist who cut their teeth covering technology policy at ThinkProgress (RIP) and The Washington Post before doing deep-dive public records investigations at the Project on Government Oversight and American Oversight.