CDD Filings

  • On 3 December 2014 a coalition of privacy and consumer groups sent a Joint Submission to APEC asking for significant changes to the APEC Cross Border Privacy Rules system (CBPRs). The submission is available here. (link is external) This joint submission follows a long period of opposition by civil society representatives to the first implementation of the CBPRs, which has now been operating in the US for 18 months. The submission raises concerns at the growing number of false claims of APEC certification and the absence of an official accurate list of members. One key aspect of the submission is that the signatories oppose the appointment of TRUSTe (link is external) as an Accreditation Agent for the CBPRs in the US, citing weaknesses in their program criteria, conflicts of interest, and the unacceptable use of fine print exclusions in TRUSTe certified privacy policies. The group calls on APEC to reform its CBPRs or close it down. The coalition includes: the Australian Privacy Foundation; the Canadian Internet Policy & Public Interest Clinic; the US Center for Digital Democracy; and the Electronic Privacy Information Center.
  • U.S. PIRG Education Fund and the Center for Digital Democracy (CDD) respectfully submit these additional comments to the Federal Trade Commission (FTC). A set of regulatory and other safeguards is urgently required to ensure that contemporary “Big Data”-driven financial services are used in an equitable, transparent, and responsible manner. All Americans, especially those who confront daily challenges to their economic security, should be assured that their lives will be enhanced—not undermined—by the new digital-data financial services marketplace. A closer critical examination of the commercial information infrastructure in the U.S. reveals a set of well-developed and interconnected data collection and use practices that few consumers are aware of—let alone have consented to. While the commission’s September 2014 workshop explored some of the key issues, it did not sufficiently examine the implications of current “Big Data” business practices. U.S. PIRG Education Fund and CDD urge the commission to issue a final report that addresses the issues we identify [see attached file].
  • Today was the deadline (link is external) for Comments to be filed in the President's Big Data and privacy proceeding. CDD filed the attached comments, and also joined with a NGO coalition on thie issue representing the civil rights, consumer and privacy communities. CDD's filing urged the following:The Obama Administration should offer legislation that ensures its Consumer Privacy Bill of Rights framework actually provides individuals with the control over how their personal information is collected and used. Individuals should have the ability to make meaningful decisions about their information, regardless of whether it is collected by a social network, mobile operator, app network, financial institution, etc.Legislation should provide regulatory rulemaking authority to the Federal Trade Commission (FTC) on consumer privacy issues to develop these new rights. Legislation should require the FTC to conduct the necessary proceedings leading to a rulemaking within one year from the enactment of legislation. The same legislation should also call on agencies that currently have rulemaking authority, including the Consumer Financial Protection Bureau (CFPB), the Federal Communications Commission (FCC) and the Food and Drug Administration (FDA), to immediately initiate proceedings on consumer financial, telecommunications, and digital health privacy, respectively. Other agencies with sectorial authority on privacy issues not covered by the FTC and others should also be mandated to develop regulations.The current “multistakeholder” process convened by the NTIA should be replaced by the relevant agency rulemakings. The legislation should acknowledge the threats that much of Big Data-related collection pose to Americans today, and strongly state that it is in the best interests of the nation that businesses refrain from their current practice of ubiquitous data collection and profiling. It should accept that self-regulation has failed.The FTC, CFPB, FCC, and FDA should be mandated to report to the Nation, within six months after legislation is enacted, on how commercial Big Data practices are currently being used in ways that may be harmful to the public and not in the national interest. These reports should identify how current practices can discriminate against Americans, based on their race/ethnicity, sexual orientation, income status, age, residence, and other key variables.Based on these reports, the agencies will propose special regulatory safeguards as required to address sensitive data concerns.
  • Today is the deadline for Comments to be filed for the White House's forthcoming report on "Big Data." NGOs pressed the Administration to include public comments during its 90-day inquiry that is led by Senior WH Counselor John Podesta. Our comments are attached. Here's an excerpt: The inability to implement basic privacy rules in the United States to address Internet data collection practices has resulted in the ubiquitous commercial surveillance landscape that today threatens the privacy of Americans—as well as those in the European Union and other countries where U.S. companies collect and transport their information...CDD believes the Big Data report must address the realties of today’s commercial data gathering and analysis landscape. While we acknowledge the many positive uses of Big Data, and its potential, the Administration should not gloss over the threats as well. We fear that missing for the most part in the White House’s review will be a fact-based assessment of actual commercial data practices conducted by Google, Facebook, Yahoo, data brokers, and many others. Such a review would reveal an out-of-control commercial data collection apparatus, with no restraints, and which is leading to a commercial surveillance complex that should be antithetical in a democratic society. The report should show the consequences of such information gathering on Americans, where the data can be immediately made “actionable.” It should address the consequences when predictive analysis and other “insight” identification applications trigger real-time and future decisions about the products and services we are offered, the content we may receive, and even the online “experiences” with which we interact. The report should make clear how its Consumer Privacy Bill of Rights Principles should be interpreted when data collected from Americans are used to unfairly target them—and their families—for products and services that can be harmful to their well-being (such as the delivery of high-interest payday loans, promotion of questionable medical treatments, and the targeting of junk food ads to children, which contributes to the nation’s obesity epidemic). The filing covers 6 key issues: The Growth of Ubiquitous Cross-Platform and Across-Application Tracking of Individuals Online: The Emergence of Big-Data-derived Comprehensive Data Profiles on Individuals (Data Management Platforms): The Digital Data Collection Apparatus, Including the Use of Multiple Data Sources and the Real-time Buying and Selling of American Internet Users: The Growth of Commercial Digital Surveillance at the Community, Hyper-local Level: The Delivery of Financial, Health, and Other Products Linked to Sensitive Data and Uses that Raise Consumer Protection Concerns: The Failure of Industry Self-regulation and the Limits of the Multi-stakeholder Process:
  • Center for Digital Democracy Leads Coalition of Children’s, Health, and Consumer Advocates in Challenging District Court Decision Friend-of-the-Court Brief Urges Stronger Privacy Protections for Teen Facebook UsersWashington, DC: The Center for Digital Democracy, joined by a coalition of public health, children’s advocacy, and media justice groups, today filed an amicus curiae (“friend of the court”) brief in a case concerning teen privacy online. In Fraley v. Facebook, the social networking company was sued for violating the privacy of users of all ages, and the company settled with class-action attorneys before going to litigation. Facebook’s proposed settlement, which was eventually approved by the U.S. District Court, does not protect teen users from appearing in sponsored advertisements on Facebook, even though seven states forbid this kind of appropriation without parental consent. Although numerous parties have objected to the settlement, CDD’s brief specifically supports the objection of six families represented by Public Citizen, a leading consumer protection organization.CDD’s brief covers the many strong policy arguments in favor of having enhanced privacy protections online for teens. The settlement, and Facebook’s current policy, does nothing to account for teen development, or for the differences in how teens use and understand social media. The broad coalition of groups joining in the brief shows what an important case this is for the work of public health, digital-consumer rights, and childhood-obesity experts. Joining the brief are the American Academy of Child and Adolescent Psychiatry, American Academy of Pediatrics, Berkeley Media Studies Group, Center for Global Policy Solutions, Center for Science in the Public Interest, Children Now, Consumer Watchdog, First Star, Media Alliance, Media Literacy Project, Pediatrics Now, Public Health Advocacy Institute, Praxis Project, and Yale Rudd Center for Food Policy and Obesity.The proposed settlement was deemed so inimical to the privacy rights of teens that another nonprofit organization, Campaign for a Commercial-Free Childhood, rejected nearly $300,000 in compensation in order to come out against it and to support Public Citizen’s objection. “All of our organizations hope that the Ninth Circuit will see through a deal that was bad for teens and that tramples states’ legal protections of minors. The court has a great opportunity to respect states’ laws and the parents’ role simply by throwing the settlement out,” said Hudson Kingston, CDD’s legal director.A copy of the coalition’s brief is attached. See too the Appeal by our friends at the Children's Advovacy Institute.
  • Today, CDD filed Comments (link is external) in the FTC's forthcoming (link is external)"Mobile Device Tracking" workshop (link is external) (Feb. 19) on mobile and retail tracking. As we explain (excerpt): While it is important to examine the individual components of what is an increasingly pervasive and unregulated source of commercial surveillance in the “Big Data” era, such as in-store tracking of consumers, the Federal Trade Commission (FTC) must place this one use of mobile tracking in a larger context. Such tracking is but one part of a more elaborate and increasingly seamless “always-on” collection apparatus that operates across devices and user experiences. This surveillance is invisible to most consumers and connected to a range of other practices such as “hyper-local” targeting, multi-screen tracking, and data broker-driven offline and online “connected recognition” and data on-boarding services. Current self-regulatory approaches are ineffective and do a disservice to consumers by falsely claiming to provide privacy protection and user control. The FTC should issue a set of recommendations to govern cross-platform marketing that includes mobile devices. This is urgently required as intrusive geo-locational data-gathering practices, some of which raise concerns about the potential for new forms of “digital redlining” and other discriminatory practices, dramatically expand during the next few years. We believe it is especially important for the FTC to examine how geo-location tracking is being used to identify people by race, ethnicity, economic class, and by their age (such as young people and seniors). The FTC should also reiterate its call for Congress to enact meaningful omnibus privacy legislation.... Today, consumer profiles are developed that include so-called first-, second-, and third-party data, linking our online and offline selves. This filing will not address the purposeful and disingenuous claim that such data profiles of individuals are “anonymous.” It is not the case, and the commission should reject such absurd claims. Companies say much of what they now do is “privacy compliant,” hiding behind the falsehood that cookies and all the other ways they collect and analyze data aren’t linked to an actual person. Such distortions should not be tolerated. Real people are being tracked and targeted.... The growth of hyper-local targeting is spurring new forms of segmentation of individuals and their distinct communities. The country is being broken up into highly discrete areas that are mapped to identify unique characteristics—beyond actual location. The use of these so-called “tiles” raises profound concerns. For example, PlaceIQ explains that “What we do is map data from multiple sources onto a grid of tiles that cover every square foot of the US. Each tile is 100 meters by 100 meters, and we inject third-party demographic information about that area into the tile, as well as data on what’s physically located there—points of interest like parks and airports, tourist attractions, retailers, stadiums, and so forth. Then, we connect that data with where a mobile device is in real time, or where it has recently been, to build unique audience segments for brands to target.”... The use of geo-fencing, “geobehavioral targeting,” “geo-cookies” and the role of location analytics, especially when integrated into broader data gathering, requires action by the FTC. As we will document for the forthcoming “Alternative Scoring Products” workshop, geo-location data are being made actionable at real-time events as well as used to make a range of critical decisions about an individual (whether they are credit worthy, seeking some product or service linked to sensitive concerns, etc.). These privacy and consumer-protection concerns extend beyond the individual to their communities and neighborhoods as well. The commission should examine the impact location-driven data gathering has on the financial health and consumer well-being of distinct communities, especially those in which its residents may suffer economically or due to other factors (such as age). CDD will soon be filing on Alternative Scoring Products (e-scores, lifetime value predictaors, etc) for the FTC's March 19th workshop. Today's Comments are attached.
  • June 1 is the deadline for filing Comments in the FTC Internet of Things inquiry. (link is external) Today's contemporary mobile device (link is external), geo-location (link is external) aware, (link is external)offline/online data (link is external), advanced marketing applications like facial recognition (link is external), mobile real-time ad exchanges (link is external), geo-fences (link is external), cross-platform tracking (link is external)and paradigmatic approaches such as Google's Zero Moment of Truth (link is external) and shopper marketing (link is external)based path-to-purchase methodologies make the Internet of Things (link is external) a consumer and privacy concern today--not in some pending future. We call on the FTC to address how the Internet of Things is already a reality, and to do a better job on sensitive data--especially involving finances, health, racial/ethnic information and youth.
  • Project

    FTC Complaint on Digital Pharma & Health Marketing

    Complaint, Request for Investigation, Public Disclosure, Injunction, and Other Relief: Google, Microsoft, QualityHealth, WebMD, Yahoo, AOL, HealthCentral, Healthline, Everyday Health, and Others Named Below

    November 23, 2010 - Washington, DC: In a complaint filed today with the Federal Trade Commission, the Center for Digital Democracy, U.S. PIRG, Consumer Watchdog, and the World Privacy Forum called on the commission to investigate unfair and deceptive advertising practices that consumers face as they seek health information and services online. Consumers now confront a sophisticated and largely stealth interactive medical marketing apparatus that has unleashed an arsenal of techniques designed to promote the use of specific brand drugs and influence consumers about treatments for health conditions. Much of the online health marketing system has been deliberately structured to collect personal information and other data on consumers, including through the use of free e-newsletters on specific medical concerns; discounts for prescription drugs and services; and via the growing number of other online data profiling techniques. Nearly $1 billion dollars will be spent this year by online health and medical marketers targeting the growing number of U.S. consumers who increasingly rely on the Internet for information about medical problems, treatments, and prescription drugs. The online marketing health industry has presented to the FDA and the public a fairytale version of digital marketing, where all consumers become empowered “e- patients,” able to form powerful helping communities. But while the online medium provides medical information to those seeking access to resources and support, it has been structured to engage in aggressive tactics that threaten privacy, raise questions about the fair presentation of independent information, and advance the sales of prescription drugs and over-the-counter products. Pharma and other health online marketers are pressing the FDA for new rules that would allow them to expand digital and social media advertising. Before the FDA acts, it should await an investigation and a report by the FTC. The complaint to the Federal Trade Commission is attached.
  • Project

    CDD Asks FDA to Revise Its Proposed Research on the Digital Marketing of Drugs and Health Products

    CDD Asks Food and Drug Administration to Revise Its Proposed Research on the Digital Marketing of Drugs and Health Products Urges FDA to Gain Better Understanding of Impact of Digital Marketing on Patients and Health Consumers in order to Protect Public Health

    Washington, DC: The Center for Digital Democracy, in comments filed today with the Food and Drug Administration (FDA), urged the agency to significantly revise its proposed studies on the “Examination of Online Direct-to-Consumer Prescription Drug Promotion.” Citing the wide variety of techniques that pharmaceutical and health marketers use to target consumers online, CDD called for a more informed analysis that reflects how U.S. health consumers are actually marketed to on social networks, mobile phones, and via the Web. Among the marketing techniques that CDD cited that must be part of any FDA research are “the tracking and managing of the ‘patient journey’ online”; data collection; the use of social media analytics and related viral marketing; the role of eye tracking, multivariate testing and other Web page optimization techniques to influence perception and behavior; and the impact of immersive multimedia content and neuromarketing designed to stealthily foster consumer decision-making through non-conscious means. Today is the deadline for comments in FDA’s proposed new research “designed to test different ways of presenting prescription drug risk and benefit information on branded drug Web sites” (Docket No. 2011-N-0230). “While the FDA is to be commended for undertaking additional research before it issues further rules on digital and social media pharmaceutical marketing, we are concerned that the agency—responsible for protecting our health—still has a naïve view of how pharmaceutical digital marketing actually influences consumers,” explained CDD’s Executive Director Jeff Chester. “Online marketing is already an extensive, 360-degree juggernaut that features a wide range of techniques far beyond the scrolling text and banner ads the FDA seems to regard as state of the art. The agency should be in the forefront of ensuring U.S. health consumers have the safeguards they require as they increasingly rely on the Internet and social networks to make decisions about medications and medical treatments.” In its detailed 45-page filing, CDD called on the FDA “to re-conceptualize and update its understanding of digital DTC pharmaceutical marketing,” and pledged its support to assist the agency in expanding its inquiry. CDD urged the FDA to consult with leading independent academic experts and consumer organizations knowledgeable of digital marketing in order to revise its research efforts. CDD’s filing asked the FDA to investigate and develop consumer safeguards for practices used by pharmaceutical and health marketers, including data mining technologies; personalized and behavioral advertising; social media marketing; search engine optimization; rich media and online video applications; mobile and location marketing; unbranded websites; minority and youth marketing; and the use of neuromarketing and other immersive tactics designed to deliberately bypass the rational decision-making process of consumers.