program areas Digital Consumer
Program Areas
-
Blog
Todayâs FCC Action Will Force Open the âBlack Boxâ of ISP Data Gathering Practices that Threaten Consumer Privacy
Vote Shows lack of understanding on limited role of FTC
Phone and cable ISPs pose a major threat to the privacy of their subscribers and consumers. They have a growing arsenal of âBig Dataâ capabilities that eavesdrop on their customersâincluding families. Internet Service Providers are gathering data on what we do and where we go, using sophisticated algorithms and predictive analytics to sell our information to marketers. As CDD documented in a report released last week, ISPs have been on a data buying and partnering shopping spree so they can build in-depth digital profiles of their customers (such as Verizon (link is external)/AOL/Millennial Media and Comcast/ (link is external)Visible World). Consumers should have the right to make decisions on how their information can be collected, shared or sold. With a set of FCC safeguards, Americans will have some of their privacy restored. We look forward placing on the record all the ways those ISPs nowâand willâthreaten the privacy of Americans. Several commissioners appear uninformed about the ability of the FTC to protect consumer privacy. The FTC does not have the regulatory authority to ensure privacy of Americans is protected (except in rare cases, such as the Childrenâs privacy law we helped develop). The FTCâs framework has failed to do anything to check the massive collection of our data that everyone online confronts. Itâs the role of the FCC to ensure that broadband networks operate in the public interest, including protecting consumers. Todayâs vote reaffirms that the FCC takes its mission to do so seriously. -
Blog
Commerce Department Continues to Show Disregard for Consumer Privacy by âconveningâ industry dominated group on facial recognition without participation of consumer and privacy civil society groups
Lobbyists craft purposefully vague proposals without any real safeguards for biometric data
Americans face new privacy threats from the use of their facial and other biometric information, as personal details of our physical selves are captured, analyzed and used for commercial purposes. Facial recognition (link is external)technologies are part of the ever-growing (link is external)data collection and profiling (link is external) being conduced daily on Americans todayâwhether we are online and offline. Companies want to be able to use the power (link is external) of facial recognition to make (link is external) decisions about usâincluding how we are to be treated in stores and on websites. Consumer groups have called on industry to support pro-consumer and pro-rights policies that would ensure an individual can decide whether facial and other personal physical information can be collected in the first place. Last June, however, the industry dominated process led by the Department of Commerce refused to support respecting a personsâ right to control how their biometric data can be gathered and used. As a result, consumer and privacy groups withdrew (link is external) from the Commerce Department âstakeholderâ convening on facial recognition. These meetingsâprimarily dominated by industry lobbyistsâare part of a White House initiated effort to design âcodes of conductâ to ensure Americanâs have greater privacy rights. But instead of trying to address the concerns of the consumer and privacy community about meaningful safeguards for facial recognition when used for commercial purposes, the Commerce Department merely continued the process without their participation. For the Commerce Department, its priority is to help grow the consumer data profiling industryâregardless of whether Americans face a serious threat to their privacy and the consequences of potential discriminatory and unfair practices. Today, the Commerce Department is considering industry proposals (link is external) on facial recognition that fail to ensure the American public is protected by the growing use of facial data collection for commercial use. The drafts allow unlimited use of our most personal data without effective safeguards. Instead of ensuring basic rightsâsuch as giving people the right to make informed decisions prior to the collection of their facial dataâthe industry proposes a scheme that would allow it to harvest our faces, skin color, age, race/ethnicity and more without any limit. By allowing such a clearly inadequate and self-serving industry proposal to be considered at all, the Department of Commerce (and its NTIA division) demonstrates it cannot be trusted to protect consumers. It is putting the commercial interests of the data industry ahead of its responsibilities to the American public. The process and the proposals are not reflective of America today. We cannot believe that President Obama (link is external) endorses how his Commerce Department has transformed the idea of a âConsumer Privacy Bill of Rightsâ into one that really gives carte blanche to the unfettered use of our faces and other highly personal biometric information. -
Julie Brill faces a formidable task as she tries to balance what she knows are industry-wide practices that undermine privacy with the intense commercial pressures to financially harvest our data. Whether Julie can successfully act as a one woman privacy truth squad is to early to tell. She recognizes all the ways that companies take advantage of consumers today, including tracking them on every device and wherever they are. Consumer groups will expect Julie to push her powerful clients to change how the way they do business today, whereâdespite lip service to the contrary-- privacy is viewed as an impediment to success in the marketplace. Whether Julie Brill can survive as a privacy Wallanda is to early to tell. She will face an industry that is largely in denial of what they do with our data. Julie does have the skills to walk the privacy tightrope. She has often reconciled her decades long role as a consumer advocate with work to get industry to act more responsiblyâespecially regarding how they collect and use consumer information. Julie Brill has been an extraordinary FTC commissioner who has played an important role supporting the strongest possible consumer protection actions by the agency. She has a unique, deep and personal relationship with many in the consumer community. She is already missed. The hiring of Julie Brill is not only the recognition by Hogan Lovells that she is extraordinarily well-connected, knowledgable and skilled. Hogan recognizes that powerful changes are now underway, led by the EU, that will potentially transform how consumer information is treated. The new (EU) General Data Protection Regulation (GDPR)âits privacy lawâis going to give new rights to the public that will force companies to treat our data differently. The uncertainty of the future of digital trade between the U.S. and EU also plays a role in Julieâs hiring I believe. With Safe Harbor struck down by the EU Court of Justice and privacy advocates threatening to see the same legal outcome for its replacementâthe Privacy ShieldâHoganâs clients (and the industry) need someone like Julie who is respected by many powerful EU officials. With the US/EU trade deal that focuses on digital trade and data flows now being negotiated (Transatlantic Trade and Investment Partnership, TTIP), the stakes are enormous in whether the U.S. data companies can win favorable rules.
-
This brief is submitted on behalf of several Consumer Privacy Organizations who seek to protect consumers from data breach, financial fraud, and identity theft. The Consumer Privacy Organizations associated with the EPIC amicus brief believe that a court order to compel Apple to develop a technique to break security features designed to keep out third parties will result in an increase in crime against consumers. The Electronic Privacy Information Center (âEPICâ) is a public interest research center in Washington, D.C., established in 1994 to focus public attention on emerging privacy and civil liberties issues. EPIC was specifically established to advocate for the use of strong encryption technology and for the development of related Privacy Enhancing Technologies. EPIC led the effort in the United States in the 1990s to support strong encryption tools and played a key role in the development of the international framework for cryptography policy that favored the deployment of strong security measures to safeguard personal information. EPIC also published the first comparative studies of international encryption policy. (See EPIC Cryptography and Libert 1998: An International Survey of Encryption Policy.) The Center for Digital Democracy (CDD) is one of the leading consumer protection and privacy organizations in the United States. Since its founding in 2001, CDD has been at the forefront of research, public education, and advocacy protecting consumers in the digital age. Constitutional Alliance is privately funded nonpartisan non-profit organiation whose stated mission is to "preserve state and national sovereignty, and the unalienable rights to life, liberty and the pursuit of happiness as pronounced in the Declaration of Independence and protected under the Bill of Rights of the United States of America." Consumer Action empowers underrepresented consumers nationwide to assert their rights in the marketplace and financially prosper through multilingual financial education materials, community outreach, and issue-focused advocacy. Consumer Watchdog is a nonprofit organization dedicated to educating and advocating on behalf of consumers for over 25 years.11 Its mission is to provide an effective voice for the public interest. Consumer Watchdogâs programs include health care reform, oversight of insurance rates, energy policy, protecting privacy rights, protecting legal rights, corporate reform, and political accountability. The Cyber Privacy Project researches and educates the public about privacy issues raised in todayâs networked world. Patient Privacy Rights (âPPRâ) works to empower individuals and prevent widespread discrimination based on health information using a grassroots, community organizing approach. PPR educates consumers, champions smart policies, and exposes and holds industry and the government accountable. The Privacy Rights Clearinghouse (âPRCâ) is a nonprofit consumer education and advocacy organization based in San Diego, California. Established in 1992, the PRC focuses on consumersâ rights and interests relating to informational privacy, answers individual consumer inquiries, and maintains a robust website of practical privacy protection tips. Privacy Times provides accurate reporting, objective analysis and thoughtful insight into the events that shape the ongoing debate over privacy and Freedom of Information. --- See full brief attached.
-
News
Promoting Beer using out-of-home digital targeting
reFRESH by Attract Media / TouchTunes for Coors Light
Coors Light, Attract Media (TouchTunes), Kinetic, Initiative and Common Ground collaborated to develop and implement the âreFRESHâ music campaign, creating a fully interactive user experience across multiple screens that drove brand awareness, engagement and on-premise sales at thousands of targeted social venues. The custom-designed full-screen touchscreen experience placed users in control, enabling them to take and share real-time photos with friends and embark on a digital tour through the history and culture of hip-hop while experiencing its regional flavors and unique features.Affiliated Agency: Affiliated Agency: Kinetic Worldwide, Initiative, Common Ground. -
Press Release
USPIRG & CDD urge Regulatory Safeguards for Online Lending Industry
Including Privacy & Consumer Protection Rules
The Center for Digital Democracy (CDD) and the U.S Public Interest Research Group (USPIRG) filed comments today in response to the Treasury Departmentâs request for information (RFI) on âExpanding Access to Credit through Online Marketplace Lending.â Specifically, the department sought public comment on (1) the various business models of and products offered by online marketplace lenders to small businesses and consumers; (2) the potential for online marketplace lending to expand access to credit to historically underserved market segments; and (3) how the financial regulatory framework should evolve to support the safe growth of this industry.âCDD/USPIRGâs detailed comments cautioned that âthe âtechnology-enabled credit provisioningâ marketplace should not be uncritically viewed as a panacea, especially for financially underserved and economically at-risk Americans.â Rather than giving online lenders special treatment, in fact, the filing calls on the Department of the Treasury âto work with other agencies to propose or implement rules that integrate the online lending sector within the financial services regulatory sector.â Pointing out that instead of âbeing a new source that can support the needs of low-income or underbanked consumers,â the majority of online loans are actually going to âconsumers who already have âprimeâ ratings.â CDD and USPIRG believe that the entire financial services sectorâand its use of Big Data to assess and âscoreâ consumersâwarrants closer regulatory scrutiny.âMarketplace lending should be regulated by prudential and consumer protection regulators in the same way that other financial services are,â the filing concludes, âwith CFPB authority where appropriate for banks and non-banks and meaningful consumer and prudential supervision by other responsible regulators. Certainly, the lessons of 2008 provide a strong warning against allowing an under-regulated, shadow banking system to grow and pose risks to the financial system, its safety net, or the overall economy.â -
Blog
Ten Questions that the Federal Trade Commission Should Answer on Cross-Device Online Tracking of Individuals.
1. Why has the FTC waited so long to review this serious threat to our privacy? The Federal Trade Commissionâs November 16, 2015, workshop (link is external) on cross-device tracking is a examination of a very disturbing practice that emerged several years ago. The online industryâs business model of identifying specific individuals and following them on whatever device they may use (PCs, mobile, etc.), so their behaviors can be analyzed for more effective micro-targeting, is well-known. For example, companies such as Drawbridge, which âtrack how [an] individual user traverses the web on his or her smartphone, tablet, laptop and PC,â and analyze âbillionsâ of pieces of data on us, has been around since 2010.[1] Cross-device targeter Tapad has been operating since 2011.[2] During the last few years there has been a veritable explosion of cross-device tracking of individualsâillustrating how our privacy has been lost regardless of what device we may use.[3] The FTC should be monitoring much more closely industry developments to expand their data-driven profiling and targeting techniques. The serious erosion of our privacy is reported daily by leading trade publications and is not a secret.[4] The commissionâand other agencies responsible for consumer privacy, such as the FCC and CFPBâneed to become much more proactive if they are to actually protect the public. 2. Why isnât the FTC bringing complaints against both Google and Facebook under their respective âconsent decreesâ for their own cross-device surveillance of consumers? Both Facebook and Googleâas the two dominant online marketing companiesâhave significantly expanded their own collection, analysis, and use of data from individuals for cross-device tracking. Both companies are under 20-year legal agreements with the FTC that is supposed to ensure that their practices protect our privacy.[5] But the commission has been silent regarding a major violation of our privacy, given the range of Facebook and Google cross-device practices. For example, Facebookâs acquisition of Atlas and its incorporation of new ways to engage in cross-device tracking have not been challenged by the agency.[6] Nor has the FTC pursued Googleâs cross-device tracking as a consent decree matter.[7] The commissionâs consent decrees are only as good as their enforcement. The FTCâs inaction regarding Facebookâs and Googleâs expansion of cross-device data harvesting undermines its claims that its decrees actually protect our privacy. 3. How has the FTCâs and Department of Justiceâs (DoJ) failure to stop âBig Dataâ mergers furthered the expansion of cross-device gathering of our information? As one of two U.S. antitrust and competition regulators, the FTC plays a key role reviewing mergers and acquisitions. Yet the agency has approved Big Data-related mergers that have further weakened consumer privacy and expanded the ability of marketers to track our behaviors across devices. While the FTCâs consumer protection and competition bureaus are separate, the commission has a responsibility to protect the public. Even with mergers reviewed by the DoJ, the FTC should speak out against deals that erode privacy and place consumers at further disadvantage through the use of Big Data. For example, Oracle was allowed to acquire both BlueKai and Datalogixâsignificantly expanding its sources of data used to profile Americans and to engage in cross-platform targeting. Alliance Data Systems was permitted to acquire Conversant, which bolstered its cross-device applications. The FTC should acknowledge that it is helping weaken the privacy of the American public by allowing data-driven mergers to be approved without effective consumer safeguards.[8] 4. Isnât cross-device tracking and targeting just a part of an ever-growing commercial Big Data surveillance complex that continually gathers and uses all our information? Anyone who follows the online industry recognizes that our privacy is being continually undermined. Every major company has become its own âdata broker,â harvesting all the data they directly gather on a person (when you come to their site, for example). They now merge that data with the abundance of so-called third-party information available for sale or use today. A key goal is to engage in what they call âidentity management, âwhich means using information on us to help influence our actions, purchases, and behaviors. Cross-device tracking is made possible through the unlimited ability companies now have to use our online and offline information without any serious consideration of our privacy.[9] 5. What is the role that Big Data companies and technologiesâsuch as Data Management Platforms (DMPs)âplay in cross-device tracking of individuals? The most powerful U.S. companies are using sophisticated data engines and analytics to gather data on individuals. The growing use of technologies such as DMPs, along with the real-time data targeting now embraced by the industry (known as âprogrammaticâ) is at the core of cross-device practices.[10] While the FTC is aware of these practices, it has not taken any actions to protect consumers.[11] 6. Isnât the gathering of information from our use of mobile phones, including for cross-device targeting, a major privacy violation? The answer is yes. The mobile phone is the digital spy in our pockets that we take and use nearly everywhere. Gaining access and insights from our mobile phones serves as a veritable digital gold mine for brands and advertisers. Marketers continually research how we use mobile devices, in order to help their clients identify our actual or intended location, as well other data about us (such as income, race, ethnicity, and gender). Companies such as Facebook, Google, and many others have developed ingenious ways to encourage consumers to use âappsâ that, once they are downloaded, report on our actions. Google, for example, explains they can help marketers understand how to take advantage of what they call a personâs âmicro-momentsâ--when through the use of our mobile phone we reveal we are searching for a product, store, activity or location.[12] Cross-device tracking and targeting is fueled by the unchecked data gathering from our mobile devices.[13] 7. Will the FTC address how cross-device tracking is helping marketers and brands reach us when we are in retail, grocery stores, and other âreal-worldâ locations? As we use our phone or tablet to search for information, download coupons, or scan for price information, these signals allow marketers to learn about our location and quickly connect data they have about us. So-called âhyper-locationâ tracking enables companies to identify what neighborhoods we live and work in, for example. As stores deploy so-called âbeacons,â Wi-Fi-networks, âgeo-fences,â and other ways to connect to people in and around stores, the data they gather from our use of multiple devices becomes more complex and valuable to them.[14] Online and offline distinctions are quickly fading, as cross-device tracking merges with sophisticated data targeting services. 8. Can the FTC protect consumers from cross-device tracking when we watch video online? There is an explosion of video consumption, as more people use their mobile devices to watch online video content. Internet-delivered video to TVâs (so-called âover-the-topâ) is another key way we see such programming. Incorporating our video viewing as part of the cross-device tracking apparatus is the latest way our media behaviors are being closely observed, whether we watch on small or large-screen devices.[15] 9. Will the FTC investigate how consumers are tracked and analyzed by cross-device âmeasurementâ services? Measurement is built in to todayâs tracking and targeting online system. Marketers wish to know whether we see an ad or promotional message and how we responded. Since we use multiple devices, measurement techniques now reflect an analysis of what we do on all our devices. With advances in measurement having a direct impact on our privacy, as well as with the transactions we make, the commission should investigate the impact of cross-platform âattributionâ techniques now broadly deployed.[16] 10. Will the FTC call on the online industry to âcease and desistâ from cross-device tracking until privacy safeguards can be proposed and implemented? The online ad lobby hasâfor decadesâworked to keep the FTC relatively powerless to protect privacy. It has opposed calls to provide the agency with ârulemakingâ authority so it could develop safeguards that would protect the public.[17] The lack of FTC authority to effectively address privacy threats is a key reason why U.S. data-driven marketers are able to expand their commercial surveillance activities. Despite its lack of power to require companies to engage in a moratorium on cross-device tracking, the FTC should use its moral authority. The commission should declare that the use of cookie syncing, probabilistic or deterministic attribution, unique identifiers, and other methods of stealthily following us from device to device should not be permitted. Leading data companies such as Google and Facebook, digital marketing trade groups such as the Interactive Advertising Bureau and Mobile Marketing Association, data brokers such as Axciom, Oracle, and Merkle, and cross-platform companies such as Tapad and Drawbridge should all be asked to support the commissionâs call to stop the tracking of individuals across devices. During the period established for the data-gathering moratorium, the FTC should propose safeguards. The commissionâs policies should empower individuals to decide whether and how they can be tracked and analyzed on any device. Itâs time for action by the FTC. It knows that Americans confront the loss of their privacyâand it should speak out against the eavesdropping practices that enable online companies to gather data on usâwhether we use a PC, mobile phone, or even TV. [1] http://adage.com/article/digital/drawbridge-raises-14-million-vc-investm... (link is external) [2] http://adexchanger.com/press-release/tapad-announces/;http://techcrunch.... (link is external) [3] http://bits.blogs.nytimes.com/2013/10/10/a-senator-raises-privacy-questions-about-cross-device-tracking/?_r=0 (link is external); http://blogs.teradata.com/teradata-applications/connecting-the-dots-at-t... (link is external) http://adexchanger.com/ad-exchange-news/data-management-platforms-are-ev... (link is external) [4] https://econsultancy.com/blog/62754-cross-device-measurement-in-google-analytics-will-turn-mobile-marketing-on-its-head/ (link is external); https://www.admonsters.com/blog/fight-fragmentation-grasping-cross-device-audience-behavior (link is external); âMobile creativity: Track mobile performance. AdMap. September 2015. Warc.com. Personal copy. [5] https://www.ftc.gov/news-events/press-releases/2011/11/facebook-settles-ftc-charges-it-deceived-consumers-failing-keep (link is external); https://www.ftc.gov/enforcement/cases-proceedings/102-3136/google-inc-ma... (link is external) [6] http://atlassolutions.com/why-atlas/cross-everything/ (link is external); http://atlassolutions.com/2015/09/02/in-app-conversion-measurement/ (link is external); http://atlassolutions.com/2015/09/17/cross-everything-dilemma/ (link is external); http://atlassolutions.com/2015/05/11/the-4cs/ (link is external); https://www.facebook.com/business/news/cross-device-measurement (link is external); http://digiday.com/platforms/omnicom-adds-atlas-tags-doubleclick-served-... (link is external) [7] http://doubleclickadvertisers.blogspot.com/2015/06/cross-device-conversion-metrics-come-to.html (link is external); http://adexchanger.com/online-advertising/google-adds-cross-device-metrics-to-doubleclick-partially-answers-facebooks-people-power/ (link is external); https://support.google.com/ds/answer/6139741?hl=en (link is external); https://www.youtube.com/watch?v=qFodrj2Drxg (link is external); http://adwords.blogspot.com/2013/10/estimated-total-conversions.html (link is external); http://adage.com/article/digital/google-tests-desktop-mobile-retargeting... (link is external) [8] https://www.oracle.com/marketingcloud/products/data-management-platform/id-graph.html (link is external); https://www.oracle.com/marketingcloud/products/cross-channel/mobile-marketing.html (link is external); http://adexchanger.com/data-exchanges/oracle-links-cross-platform-ids-touts-data-neutrality/ (link is external); http://www.bluekai.com/mobiledmp/ (link is external); http://www.tapad.com/press-release/tapads-cross-device-data-now-integrated-into-oracle-data-cloud/ (link is external); http://techcrunch.com/2015/05/04/drawbridge-cross-device/ (link is external); http://www.conversantmedia.com/digital-marketing-product-overview (link is external); https://www.quantcast.com/audience-grid/ (link is external) [9] http://adexchanger.com/mobile/google-allows-targeted-ads-based-on-first-party-data/ (link is external); http://liquid.pch.com/press/case-for-first-party-data-in-a-third-party-world/ (link is external); http://www.krux.com/blog/data-management/cross-device-identity-management-the-path-to-one-to-one-marketing/ (link is external); http://www.merkleinc.com/what-we-do/marketing-technology/merkle-data-management-cloud/connected-recognition#.Vkjj7craNyo (link is external); http://www.drawbrid.ge/technology (link is external); [10] https://www.neustar.biz/marketing-solutions (link is external); https://www.neustar.biz/blog/cross-device-dmp-as-the-unifying-layer-in-the-adtech-stack (link is external); http://www.lotame.com/resource/the-cross-device-question/ (link is external); http://blogs.adobe.com/digitalmarketing/digital-marketing/adobe-audiencemanager-takes-cross-device-targeting-new-level/ (link is external); http://www.mediapost.com/publications/article/237039/cross-device-marketing-no-longer-hypothetical-use.html (link is external); https://radiumone.com/products/advertiser/programmatic/ (link is external); http://www.digilant.com/digilant-announces-partnership-with-crosswise-to... (link is external) [11] http://www.mediapost.com/publications/article/242295/ftc-consumer-protec... (link is external) [12] http://www.nielsen.com/us/en/press-room/2015/exelate-expands-its-mobile-user-dataset-by-billions-of-monthly-interactions-with-pushspring.html (link is external); https://www.thinkwithgoogle.com/topics/mobile.html (link is external); https://developers.facebook.com/docs/app-ads/measuring/installs-and-in-app-conversions (link is external); http://doubleclickadvertisers.blogspot.com/2015/11/active-view-updates-improved-cross.html (link is external); https://www.fiksu.com/about/news-releases/precision-audience-targeting-w... (link is external) ; https://www.kochava.com/aol-partners-kochava-expand-programmatic-targeting-attribution-mobile-apps/ (link is external); http://adexchanger.com/mobile/kochava-attempts-to-crack-the-cross-device-attribution-code/ (link is external); https://www.fiksu.com/technology/audience-targeting (link is external); http://www.pushspring.com/news.html?post=124 (link is external) [13] http://streetfightmag.com/2015/06/02/why-cross-device-matching-will-transform-the-mobile-advertising-industry/ (link is external); http://www.marinsoftware.com/resources/whitepapers/the-cross-device-targeting-playbook-for-display-advertisers (link is external); http://www.marinsoftware.com/resources/whitepapers/the-cross-device-targ... (link is external) [14] http://www.criteo.com/resources/cross-device-advertising-how-to-navigate-the-next-big-opportunity-in-mobile-marketing/ (link is external); http://developer.android.com/training/location/geofencing.html (link is external); http://www.aislelabs.com/blog/2014/04/29/aislelabs-launches-the-first-marketing-automation-platform-for-physical-retail-locations/ (link is external); http://www.huffingtonpost.co.uk/jon-buss/cross-device-use_b_6969120.html (link is external) [15] http://www.experian.com/marketing-services/cross-device-video-analysis.html (link is external); https://www.doubleclickbygoogle.com/articles/?category=video&product=all&type=whitepaper (link is external); http://www.videologygroup.com/industry-insights/P40/programmatic-tv-driving-multi-screen-conversation/#.VkjyoMraNyo (link is external); https://www.tubemogul.com/cross-channel-advertising/ (link is external) [16] http://adexchanger.com/digital-tv/comscore-dives-deeper-into-cross-platform-video-measurement/ (link is external); http://cimm-us.org/cimms-annual-summit-examines-cross-platform-media-mea... (link is external) https://www.comscore.com/Products/Advertising-Analytics/validated-Campai... (link is external) [17] https://www.democraticmedia.org/content/how-industry-lobbyists-help-kill... -
Blog
Safe Harbor on Data Declared Illegal: Message to U.S.âTime to Enact Privacy Law that Protects Americans and Supports Global Data Protection
Case illustrates why FTC is legally unable to effectively protect the public and why Safe Harbor cannot be "fixed"
Todayâs historic decision by the European Court of Justice, which overturned the purposely ineffective âSafe Harborâ deal enabling data to flow to the U.S., is very welcome. As one reads the courtâ (link is external)s findings, itâs clear that for the EU, fundamental and human rights include the right to have your personal privacy protected. That means from both governmental surveillance (such as the NSA and other intelligence agencies) and also with commercial Internet companiesâas Google or Facebook. Advocates always recognized (link is external) that the Safe Harbor agreement brokered by the Clinton Administration was a digital privacy `house of cards.â All U.S. companies needed to do was to sign up for some inadequate principles that allegedly would protect the EU public. The Federal Trade Commission was supposed to investigate problems. But as CDD demonstrated last year in its complaint to the FTC on how leading U.S. companies were thumbing their data collecting noses at Safe Harbor, the system doesn't really do much of anything. Safe Harbor is run by the U.S. Department of Commerce, whose political loyalties (and revolving door) lie with the data collection industry. The message to America from the EU is clear: enact comprehensive privacy legislation. It has to meet (and should try and exceed) the high bar set by the EU. It canât be the weak (link is external) and self-regulatory based âPrivacy Bill of Rightsâ proposed this year by the White House. It has to define strong and enforceable rights, including limiting Big Data style collectionâwhich is now a pervasive part of our online landscape. The law should empower an independent privacy commissioner and give the FTC real regulatory clout. The U.S. also should endorse the EUâs framework (link is external) on privacy that is supported by many countries around the world. In its decision, the European Court of Justice reaffirmed what its Advocate-General has explained earlier. That the U.S. Federal Trade Commission does not have the statutory authority and legal powers to protect a person's privacy as required by the EU. In the EU, privacy is a "fundamental right." In the U.S., consumers have really very few such rights online. The court explained yesterday (in referring to the 2000 decision by the EU approving the Safe Harbor deal with the U.S.) that: " Decision 2000/520 does not contain any finding regarding the existence, in the United States, of rules adopted by the State intended to limit any interference with the fundamental rights of the persons whose data is transferred from the European Union to the United States, interference which the State entities of that country would be authorised to engage in when they pursue legitimate objectives, such as national security... Nor does Decision 2000/520 refer to the existence of effective legal protection against interference of that kind. As the Advocate General has observed (link is external)in points 204 to 206 of his Opinion, procedures before the Federal Trade Commission... are limited to commercial disputes..." The Business lobby has consistently fought against legislation that would empower the FTC to regulate privacy and other commercial practices. Consequently, while the commission does what it can (and is very active working to help the public), it cannot address the fundamental issue. U.S. companies gather and use our information in far-reaching, non-transparent and often troubling ways (think all the secret "scoring" of people that goes on to assess how to treat them; or the use of race, ethnicity, income and location used to track and target us, regardless of device, etc.). Safe Harbor cannot be fixed without the U.S. enacting comprehensive privacy legislation that brings it in sync with the EU. The time to do so is way best due. Kudos to Max Schrems (link is external), who brought the case, and is a tireless and effective privacy campaigner. See BEUC (link is external), PI (link is external) and TACD (link is external) statements as well. -
Blog
U.S. Public Interest Group and Center for Digital Democracy Urge FTC to Protect Consumers from Unfair Lead Generation Practices in Comments filed for Oct. workshop
Groups call for safeguards on "lead gen" rules exploiting financially vulnerable consumers, inc. for loans & credit. Role of both Google & Facebook raised for forthcoming FTC workshop.
The FTC requested that comments for the upcoming October 30, 2015 workshop on lead generation be submitted by September 20th so that issues could be addressed during the sessions. USPIRG and CDD submitted initial comments, which are attached below and also summarized. One of our findings from a recent analysis of the online "lead gen" marketplace was that digital industry leaders--including Google and Facebook--engage and support online lead generation in ways that raise substantive consumer protection concerns. USPIRG and CDD have been working for the last several years to encourage policymakers to rein-in lead generatio activities, especially those that play a role promoting financial products that can be expensive and harmful to consumers. We have written background papers on lead generation and payday loans, its use by for-profit colleges, and how Hispanics are targeted, for example. At its workshop, follow-up report and thru new enforcement activities, the FTC needs to analyze and address how contemporary online lead generation embodies a panoply of applications and tactics to acquire, use, and often share or sell a personâs personal data. Lead generation is no longer the simple process of encouraging a consumer to fill out an online form. Today, online âlead gen,â as it is called, incorporates the use of YouTube, Facebook, Twitter, search engines, mobile phones, apps, geo-location, native advertising, email, sentiment mining, data-driven audience buying (programmatic), user âscoringâ methods, attribution analysis for measurement, and a network of data brokers providing instantaneous identity and other sensitive information. The commission, in its workshop, report, and follow-up activity, should focus on the leaders of the digital data marketing industryâstarting with Facebook and Google but including many othersâand its use of lead generation. While there are likely many âbadâ lead generator actors, as the commissionâs enforcement actions have already identified, we believe that the most significant threats to consumers overall arise from the growing and now endemic use of powerful, non-transparent lead-generation techniques, especially for financial products, by the leading companies in the marketplace. Unless it is subjected to some floor of enforceable consumer protectionâincluding but not limited to transparency and real consumer choices to avoid itâlead generation will becomeâif it has not alreadyâa patently unfair system of consumer manipulation and control. Few consumers know that when they are encouraged to provide data about themselvesâwhen they seek a home, college or auto loan, for exampleâthat the supposedly informational website promising attractive rates and up-to-date information is really in the business on capturing their personal information to be used or sold as a lead. Online lead-generation techniques are integrated into the digital medium, with many interconnected applications fostering ongoing data collection for lead-related profiling and targeted services (e.g., search, social media, financial digital marketing). The commission should note that the leading business segments for online marketing revenues and expendituresâretail, financial services, and the automotive sectorsâsignificantly use online lead-generation tactics. So do the leaders in the digital media businessâincluding Google, Facebook, and Twitter, for example. The commission, in its workshop, report and follow-up activity, should focus on the leaders of the digital data marketing industry and their use of lead generation -
The Internet as a whole has become an important part of our global public sphere. Internet provides access to a wealth of information and knowledge, and the possibility to participate, create and communicate. This public space made up of internet infrastructures is increasingly threatened from two sides; by the centralization and commercialization through the dominant positions held by giant telecom and Internet companies, as well as by an increasing trend in state regulation and censorship of the net. This poses important questions about how we choose to organize and regulate our digital societies, and how Internet governance models can be developed and implemented to ensure fair and democratic participation. When it comes to the future of the Internet, a key discussion is one of infrastructures; who owns, runs and controls them. The question of regulation, and who oversees the regulators, is made complicated by the transnational nature of the net. As much as people expect a broadly and equitably accessible Internet open to diversity, we are, slowly but surely, moving away from it. Monopolization of Internet infrastructures and services by companies such as Facebook and Google has gone hand in hand with privacy intrusions, surveillance and the unbounded use of personal data for commercial gain. As we all interact in these centralized commercial platforms that monetize our actions we see an effective enclosure and manipulation of our public spaces. Decentralization and democratization of the Internet infrastructure and activities is essential to keep a free, open and democratic Internet for all to enjoy equitably. But can the âsmall is beautifulâ-idea be compatible with the building of state-of-the-art successful infrastructure in the future? The debates around net neutrality, infrastructure neutrality and Internet monopolies reflect the important choices that are to be made. It is essential the EU formulates a comprehensive vision on the internet that addresses the protection of civil liberties such as free speech and privacy, but also the growing commercialization of our digital public spaces and the commodification of personal data with the effect of the market encroaching on all aspects of our daily lives. Only then can it make relevant interventions regarding the Internet and its governance. Let´s discuss how to re-decentralize and reclaim the Internet for all. This conference (link is external) is organised in cooperation with Commons Network and Heinrich BĂśll Foundation. DRAFT PROGRAMME (TBC) 15:00-15:30 Introduction 15:30-16:45 1st panel, The big picture What, if anything, in the current model of Internet Governance is clashing with a decentralized, resilient internet viewed as a common good? And what steps should be made by policymakers to foster the best environment for decentralized, community managed projects to grow? Confirmed speakers: Renata Avila, Aral Balkan 16:45-17:00 Coffee break 17:00â18:15 Decentralised infrastructure: Examples what examples of local and decentralized projects do we have today and what are the obstacles they face? Confirmed speakers: Edmon Chung, Robbert Mica, Olivier Schulbaum 18:15â18:30 Conclusions and final remarks This conference will be live streamed at: http://greenmediabox.eu/en/live/ (link is external) http://greenmediabox.eu/en/live/>* (link is external) Background & Programme: http://www.greens-efa.eu/internet-as-a-commons-13850.html (link is external) Joint the event community on Facebook: https://www.facebook.com/events/939398269451418/ (link is external) https://www.facebook.com/events/939398269451418/> (link is external) Registration: http://www.greens-efa.eu/events/registrations/658-internet-as-a-commons.... (link is external)
