FTC staff comments on FCC privacy proposal

Share This Page

The FCC asked – and we answered. Underway at the Federal Communications Commission is a proposed privacy rulemaking for broadband internet access service providers. The FCC sought public comment on the proposal and the staff of the FTC’s Bureau of Consumer Protection has offered its perspectives.

You’ll want to read the full comment, but here’s a back-of-the-envelope recap. The staff comment opens with the can’t-be-denied fact that consumers care about privacy and security. The massive collection and storage of personal information, the risk of identity theft, the release of sensitive stuff people view as private, and the potential use of data by employers, insurers, creditors, and others are just some of their concerns. To the extent that trepidations deter consumers from doing business online, companies may be concerned, too.

That’s why the FTC has brought over 500 cases so far to protect consumer privacy and security, including actions challenging deceptive privacy promises, illegal spyware, Do Not Call violations, and unreasonable data security practices, to name just a few. We’ve followed up with nuts-and-bolts guidance for business about complying with the law. In addition, we’ve used a variety of methods – websites, videos, conferences, publications, games, reports, etc. – to educate consumers about steps they can take to protect their personal information.

The most important takeaway is that FTC staff supports the FCC’s focus on what we’ve always seen as the core consumer protection values in this area: transparency, consumer choice, and data security. But the comment doesn’t just offer a 10,000-foot perspective. It presents brass-tacks suggestions about:

  • the definition of “personally identifiable information” (PII);
  • the potential for a standardized privacy notice that is the product of consumer testing;
  • opt-in vs. opt-out consent - what works best when;
  • the benefits of just-in-time choice for consumers and the use of dashboards or similar tools to make it easier for them to select or change their choices;
  • the importance of data security, including written information security programs and safe disposal; and
  • timely and meaningful breach notification.

Read the FTC staff comment for the details.

 

Comments

Would it be practical and would it be a good idea if the privacy rules were consistent with HIPAA requirements?

The Rule should not inhibit the ability to solve problems for clients. If you give the clearing house the ability to make exuses thats all the will do. Example I gave a couple securities cusips and dtcc depository recipes to Delloitte accounts receivable sits been over a month havent got a follow up email nothing thats the kind of behavior we cannot allow . suggestions give hardware encryption devices from cisco for authetication problem solved

I have been fighting for privacy for years. Data brokers not only are responsible for spyware and illegally stealing personal information, but selling the results to criminals and making judgments affecting consumer pricing on insurance, mortgages, and various consumer agreements. Most grievously brokers are selling lists that contain the home addresses of children, our active military, and police. These are endangering millions well beyond the risk of identity theft the industry invented. Hippa is ignored by Experian who openly sells the ailments and prescription medications in its product health bank. you can visit my website for more information on these issues. I applaud the FTC and FCC in its efforts.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.