Newsroom

June 1 is the deadline for filing Comments in the FTC Internet of Things inquiry. (link is external) Today's contemporary mobile device (link is external), geo-location (link is external) aware, (link is external)offline/online data (link is external), advanced marketing applications like facial recognition (link is external), mobile real-time ad exchanges (link is external), geo-fences (link is external), cross-platform tracking (link is external)and paradigmatic approaches such as Google's Zero Moment of Truth (link is external) and shopper marketing (link is external)based path-to-purchase methodologies make the Internet of Things (link is external) a consumer and privacy concern today--not in some pending future. We call on the FTC to address how the Internet of Things is already a reality, and to do a better job on sensitive data--especially involving finances, health, racial/ethnic information and youth.

Today, the United States Trade Representatives convenes two days of hearings (see attached agenda) to help it formulate a negotiating policy for the forthcoming EU/U.S. trade pact--known as the Transatalantic Trade and Investment Partnership (TTIP). CDD is one of the consumer groups that has been asked to brief its Policy Staff Committee.A number of U.S. industry groups, including the "Digital Trade Coalition" (Sidley & Austin) and the Coaltion for Privacy & Free Trade (Hogan Lovells)--in what illustrates how healthy fiction writing is at some law firms--paint a picture of a robust system protecting privacy here (we've attached their comments to USTR as well because they are worth reviewing to illustrate what the online data lobby agenda is). These coalitions want the U.S. to seek a trade deal that would allow our ineffective privacy regime to be considered "interoperable" with the EU's human rights and civil liberties robust approach. As we will explain later today, the U.S. is just at the very beginning in its efforts to protect consumer privacy in the digital era--hampered by many of the very forces these business coalitions represent. A number of U.S. online data companies, for example, are even unwilling to support even a modest Do Not Track standard, or stronger rules to protect youth, let alone serious privacy legislation.Consumer and privacy groups which are also members of the Transatantlic Consumer Dialogue will also speak on the TTIP, including on its impact on health, food safety, IP and other issues.

Today, the United States Trade Representatives convenes two days of hearings (see attached agenda) to help it formulate a negotiating policy for the forthcoming EU/U.S. trade pact--known as the Transatalantic Trade and Investment Partnership (TTIP). CDD is one of the consumer groups that has been asked to brief its Policy Staff Committee. A number of U.S. industry groups, including the "Digital Trade Coalition" (Sidley & Austin) and the Coaltion for Privacy & Free Trade (Hogan Lovells)--in what illustrates how healthy fiction writing is at some law firms--paint a picture of a robust system protecting privacy here (we've attached those comments to USTR as well because they are worth reviewing to illustrate what the online data lobby agenda is). These coalitions want the U.S. to seek a trade deal that would allow our ineffective privacy regime to be considered "interoperable" with the EU's human rights and civil liberties robust approach. As we will explain later today, the U.S. is just at the very beginning in its efforts to protect consumer privacy in the digital era--hampered by many of the very forces these business coalitions represent. A number of U.S. online data companies, for example, are even unwilling to support even a modest Do Not Track standard, or stronger rules to protect youth, let alone serious privacy legislation. Consumer and privacy groups which are also members of the Transatantlic Consumer Dialogue will also speak on the TTIP, including on its impact on health, food safety, IP and other issues.

Hispanics embrace of digital technologies, such as mobile phones, and their growing economic clout is attracting intense interest from marketers. This report highlights some of the recent recent research and activities aimed at the U.S. Hispanic market. We will be updating this report, including adding links which provide more information on the marketplace (and which raise privacy and consumer protection issues). 6/2/2013 Update: http://www.pulpomedia.com/the-ihispanic-opportunity.html; (link is external) http://www.pulpomedia.com/iHispanic-media.html (link is external) Big Data Hispanic Targeting: http://luminarinsights.com/solutions/customer-decision-engine/ (link is external)

In a 4-0 decision, the FTC agreed with CDD and a coalition of consumer, public health, and child advocay groups to reject calls from the online marketing lobby to delay the implementation of the new COPPA rules. The decision can be read here. (link is external)Our coalition's oppostion to the industry request played an important role in the commission's decision. It can be reviewed here. (link is external)The commission's action sent an important message that protecting the privacy of children and empowering parents/caregivers is a core value which must be respected.

This EU-commissioned report--"Assessment of Young people's exposure to alcohol marketing in audiovisual and online media" analyzes the role of Facebook and other social media. It was written by Rand Europe (and CDD is cited, among many others).

The leading U.S. consumer groups and many others filed this today at the Federal Trade Commission asking for the new children's safeguards to go into effect as planned this July. It's in response to requests made last week by the trade groups Interactive Advertising Bureau (see attached) and Application Developers Alliance (link is external). The filing well-documents why the new rules better protecting children online and empowering parents are needed now. It also serves as a counter-point to the Direct Marketing Association (link is external) and media business lobby FTC filing also seeking a delay of the rules.

Second in a series from leading U.S. privacy and consumer NGOs on the failure of U.S. law and regulation to protect privacy.

A series of the failure of U.S. privacy policies to protect consumers. The first paper was written by CDD on the failure of self-regulation. The second was written by the ACLU and Friends of Privacy, USA.

CDD and U.S. PIRG Education Fund filed comments yesterday with the FFIEC (link is external), the federal body which develops policies for the Consumer Financial Protection Bureau, Federal Reserve, FDIC, etc. We called for a set of strong safeguards to protect consumers from largely opaque and unfair social media marketing practices used in the financial marketplace. It especially called for regulation with the growing use of predictive "scoring (link is external)" products that evaluate how a financial service can view the creditworthiness of a consumer. The filing also called for an investigation into how Facebook's marketing appartus is used in the consumer financial marketplace, and the need to closely scrutinize the growing role of mobile devices.

This letter was sent today to new FTC Chairwoman Edith Ramirez by three-dozen NGOs--including the national leaders in the consumer and privacy fields.

As part of the comprehensive system of commercial surveillance tracking us 24/7 wherever we go and do, more companies are integrating offline and purchasing data with online information. But when the largest commercial database of individuals around the world marries (link is external)its user data with the ton of consumer records held by Acxiom, Epsilon, (link is external) Bluekai (link is external) and Datalogix, (link is external) major privacy and consumer protection issues are raised. Acxiom--whose President just told (link is external) the annual meeting of online marketing hotshots that “Data can make you rich,” offers new ways to track and target a user. It just unveiled what it calls its "AbiliTag" system (which will presumably be used by Facebook). Here's how Ad Age describes (link is external) what it can do: "The tag system extends the technology Acxiom uses internally to match its clients' direct mail, email, online cookies and other data sets, now enabling it for ad targeting online and in mobile. The system will eventually be used for digital TV ads also. The approach is not entirely different from offline-to-online database matching that connects an advertiser's data to large sites with registration data such as Yahoo or AOL. However, Acxiom argues that its system goes beyond that approach by allowing sites that don't have registration information to connect advertisers to their customers in digital channels. The idea is to use the Acxiom tag to identify a customer who visits an Acxiom client site, then a publisher partner site." Acxion describes (link is external) AbilTag's benefits to publishers (excerpt): "With AbiliTag publishers can access a growing range of benefits from Acxiom: Provide advertisers access to the richest possible audience information - their audience data along with advertisers’ CRM data (the best targeting data available) and Acxiom’s rich demographic and interest data. Assure the highest quality of integration through Acxiom’s patented real-time audience matching and recognition solution AbiliTag. ... Offer more precise online audience targeting, measurement and attribution to advertisers. Provide Fortune 500 advertisers audience targeting capabilities with data they are already know and understand. Offer secure, scalable and compliant access to 45M+ consumers per month on 60M+ devices. Offer audience portraits utilizing the combined audience data that demonstrate greater insight and added value to advertisers. ... Allow advertisers to leverage insights from offline multivariate consumer prediction models where propensity to purchase, shopper preferences, and LTV are already known." Meanwhile, Facebook is acquiring from its partner Microsoft the online ad analytics and attribution company Atlas (link is external). Here's what Atlas does with Facebook data: "Advertisers create and designate an ad to an engineered audience in Facebook, comprised of various parameters, including demographic and interest-based criteria. The resonance of the message within each audience can then be measured with precision and reported within Atlas. From this, a compelling story can be told. For example, advertisers can gain true insights into the traction their messaging holds in driving acquisition. In addition, by merit of supported impression and view through metrics, latent branding effects can be examined, identifying correlations with consumer behavior weeks to months following exposure to Facebook advertising. Audiences and creative messaging can be constantly refined until the advertiser sees the optimal results they are striving for. Additionally through statistical aggregation the overall performance of social display can be evaluated and pitted against other channels that are competing for credit. Viewing Facebook tracked data through Atlas’s Engagement Mapping (link is external), advertisers can ascertain where Facebook falls within the purchase funnel and make the most informed decisions as a result. The implications of Facebook tracking within Atlas, however, reach far beyond linear performance measurement and standard reporting. The FTC, Senate Commerce Committee, GAO and others examining the impact of Big Data Brokers on privacy and consumer protection should make Facebook's new set of data gethering and targeting alliances a key focus.

Statement on Appointment of Edith Ramirez at Chair of the FTC by Jeff Chester, CDD Edith Ramirez cares deeply about consumers and the issues that effect their everyday lives. She is always willing to listen and works hard to find out the facts before making a decision. We have found her to display unique insights on issues critical to consumer welfare and competition. Ms. Ramirez will be a thoughtful and effective leader of an agency that has been strengthened over the last several years to better meet the consumer protection challenges of the 21st Century. Under her leadership, we expect the FTC to blaze new ground on privacy—especially involving mobile devices, digital data brokers and Do Not Track.

CDD has obtained a Yahoo! (link is external)lobbying document being given to EU policymakers. Yahoo! is working to undermine pending legislative proposals that would significantly strengthen the rights EU citizens have regarding the collection and use of their information. Entiled "Yahoo! Rationale for Amendments to Draft Data Protection Regulation as Relate to Pseudonymous Data," the document attempts to persaude EU policymakers that the kind of information on users the company (and most others (link is external)) collect to fuel their extensive data profiling and targeting services should--guess--be exempt from the proposed new privacy safeguards. Yahoo! (link is external)is one of the US companies lobbying hard to weaken the EU proposal, which would set a new global standard for Internet privacy protection. Yahoo! (link is external) and others are trying to argue that the vast amounts of data (link is external)used to create targeting profiles on individuals--but which does not contain our name, address or other information that identified us in the pre-Internet era--should be exempt from the proposed safeguards on explicit consent and profiling, for example. Yahoo! (link is external) and other US companies should not be undermining the principled and civil liberties based privacy proposals of the EU. Short-term profits placed before building democratic safeguards for the 21st Century is a shamefully misplaced business model--especially from companies like Google, Facebook, etc. which try and cloak what they do as digital beacons of freedom.

Digital marketing, including data collection, profiling, tracking and targeting, pervades the Internet experience. One of the less-discussed areas is the targeting of individuals because of their race or ethnicity. As CDD's new report discusses, multicultural groups are "In the Digital Bullseye," with online advertisers and others focused on reaching African Americans, Hispanics, Asian Americans and others. Data collected on each of us can include our financial status, health concerns, location, spending habits--and also ethnicity and race. Multicultural groups are seen as vitally important markets for advertisers, bringining in new revenues and influencing overall cultural attitudes. But we believe there is a price--including the loss of privacy--with the incorporation of ethnicity and race in the digital marketing paradigm. The juxtaposition of sensitive information linking income, location, and race, for example, can lead to new forms of redlining or discrimination (as our report mentions, during the mortgage subprime boom, people of color were often sold harmful financial products regardless of their actual financial status). That's why's CDD believes that race and ethnicity should be classified as "sensitive" information by policymakers, requiring prior affirmative consent for its use. It should be part of the list of sensitive data categories, which usually includes information about one's finances, health or collected from a child. Let a individual decide whether they want their ethnicity or race to be part of their digital profile--not a Google, Facebook or some other marketer. We acknowledge that there is a positive side to identifying multicultural online users: it helps support a more robust and diverse digital publishing system. However, safeguards for privacy and consumer protection are also required. This is the first in a series of new reports CDD will release in 2013 on digital-consumer protection issues, including on multicultural digital target marketing. PS: See also our latest reporting on targeting Latinos online (link is external).

This letter was sent today to top Obama Administration officials.

In the European Union, privacy is a fundamental Human Right. So it’s no surprise that leading EU officials are supporting (link is external) a proposal that place citizens and consumers in better control of their information (or, as its called in the EU, ensuring “data protection”). Many in the EU understand the stakes, as today’s digital tracking and profiling technologies enable far-reaching surveillance and influence on individuals. Online marketers, for example, have—in their own words—created a “360 degree” system to gather information on our actions, behaviors, location, relationships, etc. This information is placed in “profiles” which are built using a bevy of personal data and various mathematical algorithms that can be used to make predictions about us (whether, for example, we may be someone economically successful or not). Today, our privacy is further at risk, with marketers and others able to gather our geo-location data (where we are and where we go via our mobile devices); who are friends are and what they are doing (via Facebook and other social media); and where and what we spend (about to be made even more accessible with the growth of “digital wallets” and location-based payment services). The European Commission has proposed, and EU Member of Parliament Jan Philipp Albrecht (link is external)has amended, legislation that creates the global standard for privacy protection. (Albrecht is on the key Civil Liberties, Justice and Home Affairs –LIBE (link is external)--committee). The law would allow an individual to control “profiling” and surveillance done by others on them. This is the kind of safeguard that must threaten the US data collection industry (Google, Facebook, Yahoo and others). For example, the Commission’s draft explains that “…it should be ascertained whether individuals are tracked on the internet with data processing techniques which consist of applying a ‘profile’ to an individual, particularly in order to take decisions concerning her or him or for analysing or predicting her or his personal preferences, behaviours and attitudes.” Albrecht’s amended version ensures that individuals actually control whether information can be collected at all (“In order for processing to be lawful, personal data should be processed on the basis of the specific, informed and explicit consent of the person concerned.”). No wonder the US business lobby, with help from the Obama Administration, is engaged in a campaign to scuttle the EU proposal (Albrecht is quoted as saying the lobbying (link is external) campaign agains (link is external)t the EU privacy proposed law is very extensive). A delegation of leading US NGOs representing consumer, privacy and civil liberties went to Brussels this week to meet with Members of the European Parliament. The US group included the ACLU, Consumer Federation of America, Friends of Privacy USA, CDD and others. Here are the materials we distributed; a Obama Administration document given to EDRI (link is external), the EU digital rights group, as part of the campaign to undermine support for the proposed stronger EU data protection proposals; and the EU privacy proposal and amendments. US Administration and industry attempts to undermine the privacy rights of EU citizens also threaten online users throughout the world. What is needed is a meaningful standard for privacy protection that places people in charge of their information--not massive data brokers or governments. We plan to press the Obama Administration to stand up for privacy over the narrow interests of the digital data collection lobby.

The report (link is external)released today by the Federal Trade Commission analyzing expenditures by food and beverage marketers to target both children and teens shows a dramatic increase in the use of digital marketing. According to the report, "spending on new media, such as online, mobile, and viral marketing, increased by 50%." The report also underscored how young people are the target of "integrated" campaigns, pursued across the "4 Screens (link is external)" which marketers now regulary use. Kids are being prompted to "pester" their parents to buy these products, according to industry research uncovered by the Commission. Digital marketing is a powerful medium which utilizes far-reaching tactics designed to promote brands and sell products. The "360 degree" marketing apparatus ensures that even young consumers can be tracked and reached wherever they are--at home, in school, on the street and in stores. Online ads can be bought cheaply--and deliver bigger results than other forms of advertising (think social media viral campaigns where you get so-called friends to promote products to friends). The nation's youth obesity epidemic illustrates that more is needed than just a report. The FTC should convene stakeholders to develop a set of Fair Digital Marketing Practices for Children and Teens. Many of the techniques used by food and beverage marketers and media companies--such as neuromarketing (link is external), peer to peer viral campaigns, and location-based targeting--are not appropriate for youth. Industry will need to take more responsibility. Policymakers, especially the FTC, will need to dig further into how food marketers use digital techniques on America's young people. Regulation is required. Jeff Chester, CDD

Leaders of the Effort to Pass COPPA in 1998 Say Parents Should Now Have Greater Control of their Children’s Information Online Digital Media Companies Must Implement New Policies to Protect Children’s Privacy Online Washington, DC: The team of privacy advocates and lawyers responsible for passage of the Children’s Online Privacy Protection Act (COPPA) in the late 1990s expressed strong support for the Federal Trade Commission’s long-awaited release of its updated children’s privacy rules, announced today, while urging regulators to keep a watchful eye on continuing developments in the mobile app and social media industries. “We are at a critical moment in the growth of the children’s digital marketplace,” said Kathryn Montgomery, Professor of Communication at American University, “as social networks, mobile phones and gaming platforms become an increasingly powerful presence in the lives of young people. The new rules should help ensure that companies targeting children throughout the rapidly expanding digital media landscape will be required to engage in fair marketing and data collection practices. We applaud the FTC for its rigorous and comprehensive review of the COPPA rules and for bringing them up to date with industry changes. However, the Commission will need to engage in ongoing monitoring efforts, as well as strong enforcement actions, if the implementation of these rules is to be effective in the long run. The FTC’s recent report on the children’s app market indicates that, even in the midst of an intense public debate over privacy policy, too many companies in this industry have operated with little regard for their legal obligations to children.” “The Commission’s decision today is a major step forward,” said Jeff Chester, Executive Director of the Center for Digital Democracy. “We are especially gratified that this decision puts to rest the longstanding and disingenuous claims by the digital marketing industry that cookies and other persistent identifiers are not personally identifiable information. The revised rules also address the increasingly pervasive use of geolocation, behavioral targeting, and social media data collection. But we are concerned about possible loopholes that could undermine the intent of the rules. CDD plans to continue closely analyzing the emerging marketing and data practices targeted at children--with a sharp focus on app developers and social marketers like Facebook--and will file complaints against any company that violates the new rules.” “I am pleased that the FTC has updated its rules implementing the Children’s Online Privacy Protection Act, as Congress intended, to specifically account for new technologies and marketing practices,” observed Angela Campbell, Director of the Institute for Public Representation at Georgetown University Law Center. “While the revised rules provide significantly greater protections for children, we will monitor industry compliance with the new regulations. Where we find that companies fall short, as we did recently with the Mobbles and SpongeBob Diner Dash apps, we will file additional requests for investigation.” Kathryn Montgomery and Jeff Chester spearheaded the campaign to pass COPPA during the 1990s, leading a coalition of prominent education, health, and consumer groups in a two-year effort, and working closely with Angela Campbell and a team of law students at Georgetown Law’s Institute for Public Representation, which served as legal counsel to the coalition. Although the law took effect in the formative period of Internet marketing, it was purposely designed to adapt to changes in both technology and business practices, with periodic reviews by the FTC to ensure its continued effectiveness. With the expansion of digital media platforms and the growing sophistication of online data collection and profiling, the need for updating the rules became increasingly urgent. Since 2010, the Center for Digital Democracy and a coalition of other consumer and public health organizations have been urging the FTC to update its COPPA rules to encompass the expanding array of digital platforms and marketing services used to reach and target young people. In a letter submitted to the Commissioners last week, more than 50 organizations – including the American Academy of Child and Adolescent Psychiatry, CDD, Common Sense Media, Consumer Federation of America, Consumers Union, the American Academy of Pediatrics, the American Psychological Association, and the American Heart Association – strongly endorsed the agency’s proposed rules, calling for timely action to adopt them. --30--