The announcement of the launch of the FTC’s Office of Technology is an important next-step development in the agency’s commitment to protecting consumers in the digital marketplace. As we look forward to the challenges the Office of Technology will take on, it’s an opportune time to look back at the ground-breaking work of the Bureau of Consumer Protection’s Office of Technology Research and Investigation (OTECH), which will bring its experience and expertise to the newly-formed Office of Technology.
Established in 2012 as BCP’s Mobile Technology Unit, OTECH has proven essential to BCP’s mission through its work in research, innovation, and litigation support. To ensure that our approach has been grounded in evidence-based research, OTECH led the way with first-of-its-kind studies on topics like kids’ apps, consumer-generated health data, mobile device tracking, and alternative credit scoring products. OTECH also built bridges to the academic community – initiatives that encouraged researchers to put people first in considering the impact that technological developments have on consumers.
OTECH taught us that the most innovative consumer protection policies aren’t formulated in isolation. Bringing together experienced litigators, savvy technologists, and thoughtful economists, OTECH conducted novel studies, some of which confirmed – and some of which disproved – popular assumptions about protecting consumers in the digital marketplace. For example, OTECH designed and conducted cost-effective research into social media algorithms, voice cloning, email authentication, and ransomware.
OTECH’s research into how fraudsters use breached credit card numbers and other personal information merits a special mention. In one study, OTECH intentionally leaked authentic-looking data onto a “paste site.” How long did it take fraudsters to use what they thought was stolen information? Nine minutes. In another study, OTECH identified 50 websites that had a particular web skimming security vulnerability in their shopping cart plugin. After OTECH attempted to make controlled purchases that were rejected, their “consumer data” was used by fraudsters many months after the unsuccessful purchase, suggesting that the actual injury from data breaches may be far greater than experts initially believed.
Although the full story can’t be told in detail, OTECH’s confidential contribution to BCP investigations and litigation further demonstrates the essential role they’ve played in protecting consumers. Legal education may still focus on torts and trusts, but thanks to OTECH’s expertise, BCP attorneys have developed the sophisticated understanding of technology necessary to probe the facts, build cases, and challenge unfair and deceptive practices in court.
As OTECH’s many roles transition to the Commission’s Office of Technology, the agency will benefit from the successful collaboration model that OTECH pioneered. In just the past year, working collaboratively with colleagues across the FTC, OTECH was instrumental in developing the Commission’s “right to repair” strategy to expand consumer choice and encourage competition. The Bureau of Consumer Protection is proud of OTECH’s decade of service and looks forward to the new frontiers the Office of Technology will explore in service to America’s consumers.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
- We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
- We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
- We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
- We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.
Hello ftc.gov administrator, Excellent work!
Your “groundbreaking” whatever is. I nothing to hackers . After what has happened to me, and begging for help from every single entity I could . I am out hundreds of thousands of dollars by someone accessing an old email address of mine , pretending to be me, and stealing from my business. I have little to no faith in anything you say has been done for consumers . Victims , I have found out, have 0 agencies that do anything to get to the truth. Cyber crime is no joke, and I do hope you have figured out some way to help others be safe and protected .
Hello ftc.gov administrator, You always provide helpful information.