Skip to content

Discerning Data

  • About Us
  • Additional Resources
  • Contact Us

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy
  • Privacy
  • Cybersecurity
  • Data Strategy
  • Disruptionware

Is There a “Tech” Bureau in the FTC’s Future?

Share

The Federal Trade Commission has focused some of its recent public statements on technology issues and related enforcement challenges. In this blog post, I provide a recap of those statements, including one before the House Energy and Commerce Subcommittee on Digital Commerce and Consumer Protection.

Safeguarding consumer trust and security in the evolving world of IoT

Commissioner Rebecca Kelly Slaughter stressed the need for collaborative action to safeguard consumer trust and security in the evolving world of IoT, in remarks before the Open Technology Institute and New America Foundation . Commissioner Slaughter described a number of beneficial uses of connected devices as transformative, but also noted the legitimate risks associated with the hacking of connected devices.

Commissioner Slaughter believes we are at a critical point in the IoT era in terms of getting privacy and security right and noted a few basic trouble spots the FTC has observed in the marketplace.  For example, she noted that the FTC is continuing to see basic failures in product design and pre-release testing and encouraged companies to consider security at the outset.  At the same time, she noted that pre-release testing will not catch all problems so it is important to make sure there is a process in place to address vulnerabilities as they arise.  Further, she noted that deploying patches and other solutions is often challenging so she encourages companies to consider from the beginning how to maintain security over the lifespan of the device.

Finally, Commissioner Slaughter noted that the upcoming FTC hearings will provide an opportunity to learn more about the challenges and opportunities in the IoT space.  In addition, she noted her support of former Commissioner McSweeny’s idea to elevate the FTC’s technological expertise into a formal Bureau of Technology that would spot issues across both the competition and consumer protection missions.

FTC needs more resources, authority to enforce privacy and data security

Consumer privacy and data security will continue to be an enforcement priority at the FTC and it is critical that the Commission have sufficient resources to support its investigative and litigation needs, according to testimony delivered by the full Commission before the House Energy and Commerce Subcommittee on Digital Commerce and Consumer Protection on July 18. However, the Commission identified three impediments that impact its investigative and enforcement efforts with respect to privacy and data security and renewed its bipartisan call for comprehensive data security legislation.

First, the FTC has used Section 5 of the FTC, which prohibits unfair or deceptive acts or practices, to bring over 60 data security and 50 privacy enforcement actions. But, unless the action is paired with a statute or rule that provides for civil penalties, such as the Children’s Online Privacy Protection Act Rule, the Commission is prohibited from obtaining monetary relief for Section 5 violations.  The Commission believes that the inability to obtain monetary relief impedes its deterrent capability.

Second, the FTC has no jurisdiction over nonprofits or common carrier activity even though those entities may engage in practices that have serious implications for consumer privacy and data security.

Third, the FTC lacks broad rulemaking authority which prevents it from setting standards with respect to privacy and data security. As a result, Congress has granted the Commission specific authority to engage in rulemaking with respect to children’s privacy and some financial data security, and credit reporting.

While the Commission renewed its call for comprehensive data security legislation, it did not elaborate on what such legislation would look like or whether there are existing regulatory regimes that should be duplicated at the federal level, such as the New York Department of Financial Services Cyber Regulations.  Instead, the testimony highlighted the upcoming Hearings on Competition and Consumer Protection in the 21st Century  as an opportunity for the Commission to examine its remedial authority with respect to privacy and data security.

Press reports indicate that the subcommittee members were supportive of providing the FTC with more tools and resources.

The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

Receive Email Alerts to New Articles

SUBSCRIBE

July 31, 2018
Written by: Discerning Data Editorial Board
Category: Cybersecurity, FTC, Privacy
Tags: Congress, COPPA, FTC, House Energy and Commerce Subcommittee on Digital Commerce and Consumer Protection, Internet of Things, IoT, New York Department of Financial Services Cyber Regulations, Section 5

Post navigation

Previous Previous post: New Report Finds Health Care Industry Bears Highest Data Breach Costs
Next Next post: Attorney General’s Cyber-Digital Task Force Assesses Cyber Threats and Response Efforts in New Report

Search the Blog

Sign Up for Email Alerts

PODCASTS

Faegre Drinker on Law and Technology

©2023 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

  • About Us
  • Additional Resources
  • Contact Us
We use cookies to improve your experience with our website. By browsing our site, you are agreeing to the use of cookies. For more information about how we use cookies, please review our privacy policy and cookie policy. OK
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT