The bipartisan legislation to establish a federal privacy law in the United States – the American Data Privacy and Protection Act – moves through Congress. Meanwhile, the Federal Trade Commission (FTC) has now taken steps to address issues related to commercial data. Read on to learn how you can potentially influence the data privacy direction of the FTC’s work.

On August 11, 2022, the FTC announced that it seeks public comment regarding its Advance Notice of Proposed Rulemaking (“ANPR”). It asks a series of questions related to commercial surveillance and data security. An ANPR signals to the public that the FTC is considering an area for rulemaking and requests written comments on its appropriate scope or on specific topics. It provides an opportunity for concerned stakeholders to weigh in on which questions deserve the FTC’s consideration and which direction the FTC should take.

For purposes of this ANPR, the FTC defines “commercial surveillance” as the business of collecting, analyzing and profiting from consumer data.  

The FTC seeks comment on whether the Commission should implement new rules governing the ways in which companies (1) collect, aggregate, protect, use, analyze and retain consumer data, as well as (2) transfer, share, sell or otherwise monetize consumer data in ways that are unfair or deceptive.

On Thursday, September 8, 2022, the FTC will host a virtual public forum to discuss the ANPR. On the agenda are topics such as:

• To what extent do commercial surveillance practices or weak security measures harm consumers, including children and teenagers?

• How should the FTC balance the costs and benefits of existing or emerging commercial surveillance and data security practices? What would be the costs and benefits of establishing and enforcing rules to address them?

• Should the FTC regulate harmful commercial surveillance or data security practices? If it acts to do so, what would those regulations entail?

The discussion at the September 8 meeting will also cover more specific topics such as:

• Do we need new rules to address the collection, use, retention, and transfer of consumer data? For instance, should we limit data usage to only what's necessary to deliver a requested good or service?
• What role does consent play in commercial surveillance? Can consumers effectively provide such consent?
• What notice and transparency should be required regarding commercial surveillance practices?
• Is it time to establish requirements regarding the implementation of security measures to protect consumer data?
• What issues are raised by automated decision-making systems? For example, their reliability, their impact on pricing, their propensity for errors?
• Are new rules needed to specify relief or damages not set out in the FTC Act?

The FTC’s announcement highlights that everyday technologies enable “near constant surveillance of people’s private lives.” Further, that surveillance exposes individuals to identity thieves, as well as heightens the risks of deception and other abuses.

Achieved Compliance will monitor and keep you informed with respect to the ANPR and the progress of the proposed federal privacy legislation. Additionally, we are available to clients who may wish to take this opportunity to comment on the FTC’s ANPR. In short, you could potentially influence the data privacy direction of the FTC’s work. Our years of participation in development of privacy policy, law, and regulation enables us to help you make your voice heard. Please contact us for more details.