In a recent interview with Katy Bachman, FTC chairwoman Edith Ramirez discussed the changes that the agency has undergone due to privacy and data security concerns. Ramirez pointed to the current state of regulation and forecasts the FTC’s stance on the collection and usage of consumer data.
After reviewing the discussion, here are a few takeaways from the not-so-subtle hints Ramirez drops about the FTC’s direction:
- The FTC promotes the viewpoint that consumers care deeply about their privacy and that the agency’s role is to support transparency, control over data collection and usage of personal information about consumers. Internally, it seems like the privacy discussion has transformed from a pure consumer control argument to one where it is (appropriately) the responsibility of the businesses to anticipate and recognize a consumer’s right to privacy–and build those rights into the default design of marketing solutions.
- As consumers, we get that data brokers have assembled a lot of information about people and households. Not only do they collect, but they also use analytics to derive patterns of behavior that is then shared with marketers. Painting all data brokers as shadow organizations dealing in “stolen” goods seems a bit convenient. Legislators and policy makers may not understand or appreciate the role of data-informed marketing, and they viscerally may not like the fact that data collection and creation exists. But at this point it also seems clear they like it even less when data brokers don’t cooperate with inquiries. Under the guise of protecting consumers from a theoretical harmful use case, the policy makers seem to be suggesting that they have found an unsympathetic fall guy.
- While data brokers come off as shadowy and suspicious, the actual data thievery seems to still be getting a free pass at the FTC. Banks, retailers, credit card issuers, auction sites, online and offline catalogs are all onboarding, licensing, and reselling consumer behavior data as “anonymous one-to-one” targeting data to those data brokers. Under the guideline of protecting consumers from a theoretical harm, it would probably be wise to control the redistribution of first party data more rigorously. And while we are at it – is it anonymous or one-to-one? In a big data world it is unlikely that in can be both – at least for very long.
- In the end “self-regulation” will only serve as a complementary tactic to a more rigorous set of reforms that will be focused on the transparency of businesses, the data brokers and the fair use of data. While there is hand waving by the FTC Chair about increasing the prevalence of DAA icons on banner ads and creating easier opt-out mechanisms, Ramirez’s response parallels that of the Report to the President on Big Data and Privacy. In the report the notion of a self-regulated system of opt-in or opt-out is dismissed as being too easily gamed to be useful from any policy perspective. Byzantine authorizations are presented by a vendor during an online registration or the six pages of 6-point type “use of your data” letter one receives periodically from your bank are designed for their legal protection, not the protection of the consumer.
What do you think about Ramirez’s stance and the direction the FTC is headed? How will it impact you and your customers?