We continually work to share details about our privacy, data collection, and data sharing practices with our site visitors. As part of this effort, we’ve developed these answers to frequently asked questions.
Why does the FTC collect personal information?
What about information from children under the age of 13?
If a visitor to our website tells us that he or she is under the age of 13, we do not collect any personal information from that person. Learn more about the Children’s Online Privacy Protection Act.
What information does the FTC automatically collect when I visit an FTC website?
Can I review the information the FTC has about me?
Yes. You have certain rights under the Freedom of Information Act (FOIA) and the Privacy Act of 1974. If you are interested in obtaining and reviewing the information we have about you, visit our Make a FOIA Request page. However, investigatory material gathered for law enforcement may be exempt.
Can I limit how the FTC uses or shares my personal information?
If you submit information for the public record, such as a comment on an FTC rule, guide or workshop, you can limit the posting of this information only as provided in our confidentiality rules. See FTC Rule 4.9(c). You decide what information to provide when you contact the FTC; however, we may be unable to respond or take appropriate action if your information is inaccurate or incomplete.
How does the FTC protect my personal information and its network?
We use security measures to protect your personal information and to control access to it, including safeguarding and monitoring our network and controlling access to our files, equipment, and buildings. We use Transport Layer Security (TLS) encryption to protect the transmission of the information you give us when you use our secure online forms. Please use caution when emailing the FTC sensitive information such as a Social Security numbers or bank account numbers. Although the FTC’s email system supports TLS encryption, a secure transmission depends on the encryption settings of the sender’s email service as well. Instead, we encourage consumers providing sensitive information to contact us by using our secure online forms or by phone.
One way the FTC protects its information systems is by participating in a program run by the U.S. Department of Homeland Security (DHS). The program, EINSTEIN, monitors network traffic to detect malicious activity. Electronic communications within the FTC may be scanned by government-owned or contractor equipment to look for network traffic indicating known or suspected malicious cyber activity, including malicious content or communications. Electronic communications with the FTC will be collected or retained by DHS only if they are associated with known or suspected cyber threats. DHS will use the information collected through EINSTEIN to analyze the known or suspected cyber threat and help the FTC and other agencies respond and better protect their computers and networks. For additional information on the EINSTEIN program, please see DHS’s website.
What happens when I leave an FTC website through an embedded link?
What about information collected by third-party services (such as social media services) that the FTC uses to communicate and interact with me?
The FTC uses third-party services such as Facebook, Twitter, and YouTube to communicate and interact with the public. You may encounter these services as separate websites (for example, the FTC’s Twitter page(link is external)), or as applications embedded within the FTC’s websites (for example, the Brightcove video player(link is external)). These services are controlled and operated by third parties and are not FTC websites or applications. By interacting with the FTC through these third-party services, you may be providing non-government third parties access to your personal information, which can be used to distinguish or trace your identity. Any information collected by a third-party service is subject to the privacy policies of the third-party service provider. These third-party services may, for example, use persistent (multi-session) cookies.
Generally, the FTC does not collect, disseminate, or maintain any personally identifiable information (for example, registration information) that you make available through these third-party services, except in the limited instances specified here. You should be aware, however, that the FTC may read, review, or rely upon information that you make available to the public or the FTC on these services (for example, comments made on the FTC’s Facebook page(link is external)), as authorized or required by law.
Please note that these third-party services supplement the FTC’s traditional communication and outreach efforts. If you need to communicate with the FTC, please use these traditional channels to contact us.
See additional privacy information regarding each of the third-party services currently used by the FTC.