Federal Trade Commission chair Joseph Simons said his agency has been a cop on the privacy beat for decades, including "vigorous enforcement with every tool we have."
He was making that point this week at the FTC's two-day forum on privacy.
The issue is top of mind given the rise of the Internet of Things and the FTC's added privacy oversight of ISPs after the FCC reclassified them as information services out from under the Title II common carrier regs--common carriers are exempt from FTC oversight.
Simons would like that exemption lifted so the FTC could have authority over common carrier privacy, too.
Simons billed the forum--which covered topics from IoT and the California privacy law taking effect next year to notice and choice, targeted advertising, and the General Data Protection Regulation (GDPR)-- as "one of the Commission’s most extensive efforts to engage the public on data privacy issues" in over a half decade.
"[O]ver the past two decades, we have brought hundreds of cases, conducted about 70 workshops, and issued about 50 reports to help protect consumer privacy," he said.
The FTC is under pressure from Capitol Hill to enforce consent decrees with edge providers and to look hard at whether the size of Facebook, Amazon, Google, Apple and Twitter--have antitrust implications the FTC may have missed in the rise of those companies from scrappy garage startups to companies trying to mine the world's data and with market caps on par with the GDP (rather than GDPR) of some countries.
In making his case for the FTC's muscular oversight, Simons pointed to its challenge of false claims of compliance with the EU-U.S. Privacy Shield, privacy cases brought against revenge porn sites, a mobile phone manufacturer and others, and its largest civil penalty ever for a violation of the Children's Online Privacy Protection Act (COPPA).
In February, video social networking app TikTok (formerly Musical.ly) agreed to pay $5.7 million to settle the FTC's allegation that it had illegally collected personal info from kids.
But Simons acknowledged there was more it could be doing.
"The FTC has done a remarkable amount to protect consumers’ privacy with the tools and resources at its disposal. But we must do more. We need to continue evaluating privacy risks as they evolve."
Simons told the Senate Consumer Protection Subcommittee last fall that the Federal Trade Commission needs three things to better protect consumer privacy, 1) rulemaking authority; 2) civil penalty authority—currently it can only try and make consumers whole for losses, not penalize the conduct responsible; and 3) jurisdiction over nonprofits and common carriers.
Simons also said Congress needed to come up with legislation on collection, use and sharing of data that still fosters competition and innovation, legislation that the FTC would enforce
He also would not decline more money, which some in Congress have suggested the FTC will also need.