Home Data FTC Says It Can’t Penalize Data Rule Breakers

FTC Says It Can’t Penalize Data Rule Breakers

SHARE:

Federal Trade Commission members said during a House hearing Wednesday that the FTC does not have the authority to adequately punish companies that misuse consumer data.

Several data privacy scandals over the last year and a half prompted the House Energy and Commerce Committee hearing.

Equifax’s data breach in 2017, for example, released personal information on roughly 143 million Americans, including Social Security and driver’s license numbers. And Facebook’s Cambridge Analytica scandal in March sparked a new wave of public distrust in social media after the Republican-affiliated firm gathered user data on 50 million accounts without permission.

With the EU’s General Data Protection Regulation now in effect – and the FTC overseeing the legal transfer of personal data from the EU to the US – the agency has added incentives to alleviate consumers’ privacy concerns.

At Wednesday’s hearing, Republican and Democrat commissioners implored Congress to grant the agency rule-making authority on data privacy issues and the ability to seek civil penalties.

Although the FTC explicitly notes on its website that it is tasked with protecting consumer data, commissioners and experts at the hearing drew attention to the obstacles that prevent it from doing so. Some attendees noted the agency’s limited legal and financial resources in hopes of getting more members of Congress to lobby on the FTC’s behalf.

President Trump’s government spending plan, released in May, cut FTC’s 2018 fiscal budget by about $6 million. Rep. Frank Pallone, D-NJ, said the FTC’s data privacy and security division has only 45 full-time staffers. Just 35 are lawyers able to bring enforcement actions.

To add to this uphill battle, the FTC cannot fine first-time violators of data privacy laws. At most, it can get an injunction to curb bad behavior after a first offense. The FTC can only seek financial punishment if a company breaks the rules again after signing a consent decree stating it won’t commit the same violation.

“Just a few months ago we were here listening to Mark Zuckerberg apologize yet again for Facebook’s failure to properly inform users of how their data could be shared,” Pallone said. “If the FTC was able to fine Facebook in 2011, the first time it found it failed to properly notify users, we may not have seen the Cambridge Analytica scandal.”

All five commissioners said they could better protect consumers if the committee had rule-making authority, which can only be granted by Congress. FTC Chairman Joe Simons said the committee will hold a series of public hearings in the fall to more critically address data privacy concerns.

“The FTC cracks down on illegal practices whenever we can, but I think our existing toolkit won’t do the trick,” FTC Commissioner Rohit Chopra said. “We need the ability to deter misconduct through financial penalties and sensible safeguards that can evolve with the marketplace.”

Must Read

Comic: An ID Bridge Too Far?

Programmatic Companies Wrestle With ID Bridging And What Counts As Fraud

In January, the Chrome browser removed third-party cookies for 1% of users, to facilitate testing of the Privacy Sandbox –  and a new controversy was born.

It’s Open Season On SaaS As Brands Confront Their Own Subscription Fatigue

For CFOs and CEOs, we’ve entered a kind of open hunting season on martech SaaS.

Brian Lesser Is The New Global CEO Of GroupM

If you were wondering whether Brian Lesser was planning to take some time off after handing the CEO reins of InfoSum to Lauren Wetzel last week – here’s your answer.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Comic: S.P. O'Middleman's

TripleLift CEO Dave Clark Abruptly Exits After Setting The SSP On A New Trajectory

Dave Clark, who’s led TripleLift for the past two years, is stepping down, effective immediately, and is being replaced by a coterie of TripleLifters.

shopping cart

Moloco Invests In Its Competitor Topsort As The Retail Media Stakes Go Up

Topsort can lean into Moloco’s algorithmic personalization, while Moloco benefits from Topsort’s footprint with local retailers in the US and in Latin America.

CDP BlueConic Acquires First-Party Data Collection Startup Jebbit

On Wednesday, customer data platform BlueConic bought Jebbit, which creates quizzes, surveys and other interactive online plugs for collecting data from customers.