The Commission's remedial authority to deter unfair and deceptive conduct in privacy and data security matters #FTC-2018-0052-D-0036

Submission Number:
FTC-2018-0052-D-0036
Commenter:
Narseo Vallina-Rodriguez
State:
California
Initiative Name:
The Commission's remedial authority to deter unfair and deceptive conduct in privacy and data security matters
To Whom It May Concern: We are writing in response to the FTCs solicitation for public comments regarding the upcoming hearings on competition and consumer protection. We are writing this letter to share our personal experiences and perspectives on the current state of consumer protection with respect to the privacy risks caused by 1) third-party tracking services embedded in mobile apps, 2) pre-installed Android software installed by the OS vendor, 3) commercial VPN services, and 4) intrusive web-based user tracking. For the last two years, our research activity focused on studying these technologies in depth due to their broad user adoption, their opacity and their potential harm to customer's privacy and security. As detailed in the attached documents, this research experience has allowed us and our collaborators to find empirical evidence of concerning and deceptive behaviors in these ecosystems, as well as instances of personal data collection performed without user consent. At the core of the problem is user's poor understanding of the underlying technologies and the lack of transparency of these products. Most users are not equipped with the required technical background and tools needed to foresight the long-lasting and severe impact that these products can cause on their privacy. Signed, Narseo Vallina-Rodriguez, IMDEA Networks Institute / ICSI Chris Kanich, UIC