CES 2020: What We Heard From the FTC
CES 2020 featured a wide array of cutting edge and futuristic technology – and also a clear focus on what DC officials had to say about how all that new technology might be regulated. Three Commissioners from the FTC — Chairman Joseph Simons and Commissioners Christine Wilson and Rebecca Slaughter – were on hand to discuss their views on where tech regulation and enforcement may be headed, including in the area of privacy. Here are some highlights from their remarks:
Will the FTC Continue to Lead on Privacy Enforcement?
All the Commissioners see the FTC as continuing to take a lead role in privacy, particularly when it comes to new technology. While there have been some calls for a new privacy regulator as part of federal privacy legislation, Chairman Simons argued that this would be a huge mistake, pointing to the agency’s expertise and record on privacy enforcement. Indeed, while competing Senate proposals privacy legislation have some key differences, they generally agree on giving the FTC enforcement and well as some rulemaking authority on privacy matters.
In light of California’s Consumer Privacy Act becoming effective on January 1, one question is whether California also will take a lead on privacy enforcement, once CCPA enforcement can begin on July 1. Absent intervening federal legislation, this appears to be the case. Indeed, the California Attorney General has indicated that companies’ CCPA compliance starting January 1 will be fair game for enforcement later in the year. As with Congress, the Commissioners are split on the degree to which any federal legislation should preempt state laws, with Commissioner Wilson warning against a patchwork of state laws, and Commissioner Slaughter more in favor of permitting independent state regulation and enforcement.
Will the FTC’s Privacy Approach Change?
The agency held a two-day hearing on its approach to consumer privacy last year, as part of its Hearings on Competition and Consumer Protection in the 21st Century, and at CES, there was significant discussion about various potential frameworks the Commission could adopt. Commissioner Slaughter reiterated her criticism of the “notice and choice” framework, arguing that consumers should not need to review individual privacy policies in order to make choices about collection and use of their personal information. Chairman Simons, addressing proposals for an opt-in consent approach, expressed concern that requiring consent for collection of every piece of personal information would unduly restrict advertising practices, and hurt smaller firms and new market entrants. On Commissioner Slaughter’s privacy panel, there was significant discussion of data minimization and de-identification techniques that companies could use, and Commissioner Slaughter specifically expressed concern about use of data by downstream entities for harmful purposes like discrimination and manipulation.
In his remarks, Chairman Simons noted that he wants conclusions from the agency’s 21st Century Hearings on Competition and Consumer Protection to come out in a “timely” way, so we should be hearing more in the coming year.
How is the Agency Approaching So-Called “Big Tech”?
The FTC has confirmed it is looking closely at large technology companies. Chairman Simons discussed the agency’ Technology Enforcement Division, which was set up to look more closely at large tech platforms, and in particular at potential anticompetitive conduct. That said, he emphasized that the agency does not go after companies just for being successful, but instead focuses on what it believes may be anticompetitive conduct that is harmful to consumers.
Similarly, Commissioner Wilson emphasized that she does not support breaking up companies because they are large and successful. And Commissioner Slaughter indicated that there is no “magic wand” to break up companies under current law. Commissioner Wilson also argued that analyses of past railroad and airline regulation showed that overregulation harms innovation and raises prices for consumers, and cautioned against a similar approach to tech regulation.
What’s On The Horizon in 2020?
At the beginning of 2019, as the federal government shutdown ended, Chairman Simons said he wanted to pursue “vigorous enforcement” in the coming year. And indeed, 2019 saw the agency obtain record-breaking settlements in privacy and data security cases. In 2020? At CES, he reiterated his call for “vigorous enforcement.” The Chairman indicated that he would like to proceed in as bipartisan a way as possible.
It also appears that more studies and policy recommendation are in the works. Commissioner Wilson indicated that she would like the Commission to do more studies under its Section 6(b) authority, including studies that may look at how consumer data is collected, used, monetized, sold, and shared. And notably, this year the FTC held workshops, sought comments, and sent data requests on a wide range of tech-related issues, from “right-to-repair” proposals to “Made in the USA” standards to COPPA Rule revisions to data security rules for financial institutions to broadband data practices. Not only are we likely to see some sort of Commission action in each of these areas in 2020, it appears that the Commission may push forward on more policy work – and even consider potential new rulemakings – before we reconvene for CES 2021.