Request for Comments and Announcement of FTC Workshop on Spring Privacy Series #00005

Submission Number:
Victoria Holic
Initiative Name:
Request for Comments and Announcement of FTC Workshop on Spring Privacy Series
Matter Number:


I think the FTC is asking a very good question. If we study double-blind pharmaceutical studies, man-in-the-middle hacking exploits, and the systems US voters employ to vote by mail, I think we CAN identify new algorithms to link people to the data they reveal online. It feels as if I’m breaking a taboo to say this but (gulp) I worry about the following scenario: 1) A website hosting company like Microsoft or Amazon Web Services hosts websites which, in turn, host other websites; 2) Each website in the hierarchy of websites offers a Terms of Service agreement which deflects the risk of data loss or misuse onto the businesses and individuals below it in the website hierarchy; 3) The system administrators in the website hierarchy: a) Control which data security provisions are on offer to the websites below them; and b) Can inspect the data in the websites below them ...but the reverse is not true; 4) Many Software as a Service companies make money because they DO SELL and index the data they collect; and 5) Each website hosting company’s business practices are largely proprietary and confidential. In a scenario like that, aren't individual consumers and small businesses at a serious disadvantage? Shouldn't more American software designers design software based on the notion that a small businesses positioned in the MIDDLE of the aforementioned website hierarchy have NO REASON to trust the people above (or below them) in the website hierarchy? That IS the business reality we're dealing with, right? I feel like I'm in the Internet version of the "Emperor's New Clothes" but it's taking forever for someone to confirm that the Emperor is naked. MY QUESTIONS FOR THE FTC 1) Why are unbalanced and non-negotiable Software as a Service agreements legally binding - if competing products offer similarly unbalanced and non-negotiable Terms of Use or Terms of Service agreements? 2) What information should a Terms of Service agreement disclose to consumers in order to be considered legally binding? 3) How are small businesses supposed to use Software as a Service AND protect their intellectual property? 4) Suppose that a start-up DOES create a user authentication process which borrows from the notion of a double-blind alias. (For example, software manufacturers which create social networking software for self-help groups.) What can online privacy advocates do to increase the odds that software companies which offer above average privacy protections stay in business long enough to prove that it's possible to make money? NOTE If these start-ups DO MAKE MONEY (AND THEY DO GET MEDIA COVERAGE), THEN I assume that other start-ups will copy them. 5) If an employer is using "big data" to predict the minimum wage a worker will accept, how would we know? 6) How will people who are employed in the software industry ever fully participate in their democracy if they are afraid to brainstorm online about possible reforms in the industry that employs them? 7) Can the same data be used to categorize someone as "civic-minded" or "a traitor"? and 8)Are there any provisions in place to compensate the victims of data mining and predictive modeling? If my questions lead you to surmise that I'm frightened by: a) the possible uses of data mining; and b) the aggregate risk our economy faces because software Terms of Service agreements deflect too much risk onto consumers), you are correct. I would like to thank Julie Brill for her many fine speeches. It's a pity we don't see more of her on television ;-) By the way, I've read that the FTC is a trifle... under funded. Please advise. Can I skip donating money to my political party and donate to the FTC instead? PS - I'm prototyping a social networking app that can be configured to supply a dating site-style alias or a double-blind alias. If you know of a website publishing application for small businesses which already DOES THIS, please advise.