FTC Seeks Public Comment on Sears Holdings Management Corporation Petition to Reopen and Modify Commission Order Concerning Online Browsing Tracking #17

Submission Number:
17
Commenter:
Chris Hoofnagle
State:
California
Initiative Name:
FTC Seeks Public Comment on Sears Holdings Management Corporation Petition to Reopen and Modify Commission Order Concerning Online Browsing Tracking
Dear FTC, Apologies, I did not have enough time to prepare a full comment on the Sears petition, so allow me to say briefly here that: 1) Sears has not met the standard for reopening and modifying its order. Despite the petition's claims to the contrary, there has not been a significant change in conditions in the mobile app marketplace. Yes, there are more apps, and many consumers use them. But fundamentally, apps do the same things they did years ago. 2) The public interest is not served by weakening standards for monitoring in apps, or by encouraging their adoption generally. App cause lock in and have other pathologies. 3) For instance, apps typically place the consumer in a worse privacy posture online. They enable more tracking and unique identification of users. In addition, apps are often written sloppily by not-so-good developers. It does not serve the public interest to allow such apps to monitor people in more situations, in part because the app security landscape is almost guaranteed to be worse than the default apps that ship with mobile devices. The consumer is almost invariably in a better security posture visiting sears.com from Safari or even Android's default browser. 4) The Sears decision is among the Commission's most important. A fundamental purpose in prohibit unfair practices is to promote fair ones. Viewed in that light, the Sears decision is one where the FTC is correcting the systemic weakening of contract norms online. At the beginning of the Web economy, Pollyannas thought that the internet would bring a contract utopia, where each person could obtain tailored terms Instead, we have a Web full of standard, adhesive contracts offered on a take-it-or-leave-it basis. The Sears decision provides a helpful baseline to bring more dynamism and to set basic rules in the law of online contract. 5) Finally, the Sears monitoring is properly understood as a wiretap. It is a comprehensive, contemporaneous interception of electronic communications. Under the Wiretap Act, such monitoring requires statutory justification (marketing is not one) or actual/implied consent from the user. The Sears decision simply required the company to have done what would have been required by the Wiretap Act. The FTC supports Congressionally-recognized privacy interests when stopping companies from using illusory forms of consent (the constructive model used by Sears) and by elevating consent to require real information and affirmative action from the user. For the forgoing reasons, the FTC should deny the petition. Respectfully submitted, Chris Hoofnagle* *Affiliation is for identification purposes only