FTC to Congress: Shorten Data Brokers' Leash
The Federal Trade Commission this week urged Congress to impose new regulations on companies that collect consumer data related to their Internet browsing habits.
Under the policy the FTC suggests, data brokers, or the holders of personal consumer information, must allow consumers access to that information. The commission also suggested that the largest data brokers, a group known as the "Individual References Services Group," should centralize that information on a website. There, the brokers could explain their policies on collecting data and disclose the companies with which they work.
The FTC offered these suggestions in an online privacy report, "Protecting Consumer Privacy in an Era of Rapid Change," which it released on Monday. It's built off a preliminary report the commission released in 2010 with observations on how the Internet, smartphones and digital marketing techniques are making consumers' privacy more vulnerable.
Some consumer advocacy groups felt that the expansive report from the FTC didn't go far enough in advocating greater consumer protections, though many applauded the commission's call for greater transparency among data brokers specifically.
"Consumer expectations are clear about what they expect about their information being collected, so that disclosure and notice provision would be good," Mark MacCarthy, VP for public policy at the Software and Information Industry Association, told the E-Commerce Times.
It's up to Congress to pass any actual legislation, but the FTC can urge both Congress and corporations to adopt policies that give consumers greater transparency.
The FTC didn't respond to our request for comment on the story.
As consumers use the Internet -- often via mobile devices like smartphones or tablets -- for a growing variety of tasks, including online banking, shopping and scheduling, companies have found they can mine much more personal data about their users than ever before. That information can be used to deliver more targeted ads and services, but just how much data these brokers collect, and how they use it, is often left unclear to everyday consumers.
"The FTC Report observes that most data brokers are invisible to consumers," Marc Roth, partner in the advertising, marketing and media division of Manatt, Phelps & Phillips, told the E-Commerce Times.
The FTC isn't the only one to acknowledge the growing privacy concerns. The Obama administration recently released its Consumer Privacy Bill of Rights, which called on tech companies, consumer protection agencies and the government to create legislation and guidelines that would give consumers more information about their data.
The FTC report also acknowledges that the issue specifically pertaining to data brokers has come up in Congress before. In 2009, the House approved a bill, the Data Accountability and Trust Act (DATA), that enhanced transparency requirements for data brokers and created a procedure wherein consumers could easily access their information. The bill died in the Senate, but the FTC suggested that a future bill could be modeled off DATA.
Might Be a While
While many data brokers and Internet companies that use that data recognize the public concern that surrounds privacy issues, the legislation the FTC suggests probably won't happen without a fight, said Roth.
"Frankly, I don't see this happening very easily, as the list industry has historically been very quiet about the services they provide to clients and will not take lightly the suggestion that they expose their practices to the world, much less to the consumers about whom they collect information," he said.
In addition, companies could argue that consumers actually enjoy the more personalized ads and services it's able to offer Internet users. And their concerns aren't only based on giving up industry practices.
Logistically, creating a centralized database containing such vast amounts of personal information could be tougher than the FTC anticipates. A website would have to maintain absolute confidentiality, which would increase development and liability costs and lead to even more possible security breaches, said Roth.
"While a good idea on its face, once you try to figure out how this would work, and the effects it would have on the companies in the industry, the details make it difficult to see how this can be easily achieved," said Roth.