Your cop on the privacy beat

You often hear the FTC described as America’s top cop on the privacy beat. We’re not the only agency working on privacy and data security issues, of course, but we have the broadest jurisdiction. And for more than 20 years, we have used it thoughtfully and forcefully to protect consumers even as new products and services emerge and evolve.

Part of our work involves the enforcement of specific laws and rules that protect the privacy of certain health, credit, and financial data. We also enforce the Children’s Online Privacy Protection Act and the COPPA Rule to make sure companies don’t collect personal information from kids online without their parents’ permission.

But that’s only part of our story. We use the FTC Act’s general prohibition on unfair and deceptive acts and practices to challenge allegedly illegal conduct involving the privacy and security of all kinds of consumer information. Our reach extends across the marketplace, touching on sectors as diverse as retail, advertising, credit reporting, health, financial, tech hardware, software, mobile, and social media.

As law enforcers, we walk the walk. To date, we’ve brought over 130 spam and spyware cases, over 120 Do Not Call cases targeting illegal telemarketing, over 100 Fair Credit Reporting Act actions, approximately 60 data security cases, more than 50 consumer privacy actions, almost 30 cases for violations of the Gramm-Leach-Bliley Act, and over 20 actions enforcing COPPA.

That long list of enforcement actions includes cases that protected consumer interests in the brick-and-mortar world and online. Depending on the nature of the violation, we’ve challenged the practices of smaller companies and global giants. The cases cover all parts of the internet ecosystem, including social networks, search engines, ad networks, online retailers, mobile apps, device manufacturers, and participants in the Internet of Things (IoT) marketplace.

Furthermore, the FTC Act’s broad ban on unfair and deceptive practices has allowed us to challenge a host of harmful privacy- and security-related violations. We’ve sued businesses that made deceptive claims about how they collect, use, and share consumer data. We’ve challenged companies that failed to provide reasonable security for people’s personal information and IoT devices. We’ve targeted businesses that spammed consumers, deceptively tracked them online, installed spyware or other malware on their computers, publicly posted sensitive data online without consumers’ knowledge or consent, and invaded consumers’ privacy by violating Do Not Call and other telemarketing provisions..

For companies that have violated the law – and for savvy businesses that read case announcements with a discerning “What can I learn from this?” eye – FTC law enforcement actions send a message about the need to protect consumers’ privacy. But our gaze is forward-facing, too. As the enforcement leader in the privacy and security arena, we’ve used recent conferences on topics like drones and FinTech to focus the national conversation on keeping consumer privacy and data security front and center as new technologies emerge.

How can you keep up to date on what’s up on our beat? Once a year, we release our Privacy and Security Update. The latest update for 2016 and updates for 2015, 2014, and 2013 tell you where we’ve been on behalf of America’s consumers – and where we’re going. What these updates demonstrate is that even as technology and the privacy landscape evolve, our interest remains constant:  to protect consumers’ personal information and ensure that they can confidently take advantage of the many benefits offered by a vibrant and innovative marketplace.

Comments

Please help States enforce laws regarding protected professions, such as Barrier Crimes Matrix implementation. It is theorized that OEDD declared in multiple states reveals epicenters of credential fraud exploiting PII (e.g, user false ID, lack of PO oversight of fraud convicted, multi-alias' burdens)

I have tried to solve things so I don't big down the court system and that should be the goal of the CFPB and it should teach the company how to resolve or respond to consumer issues but instead it is teaching company algorithm software how much to do and for what duration to bully the consumer till he or she gives up. As a compliance reporter I am upset how companies make fun of CFPB and FTC along with no understanding or lack of full rule or regulation. Even when I have called state and federal government for example department of transportation concerned about my safety and wish for help with safe harbor, I been brushed off or at federal level people who should know, don't have a clue. I explain the situation and process that should happen along with several other options and they seem confused. Regardless there is major issues with call centers the government has to help the consumer and should be reviewed ASAP due to the harm I can so easily see that is happening to the consumer. I would like to give further feed back but all others have gone in answered.
James C Dxxxxxxxx
Trying to find safe harbor and trying to stay compliant in a economic retaliation for reporting and doin the right thing.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.