The House Digital Commerce Subcommittee, in the first oversight hearing for the new Federal Trade Commission slate, probed the commissioners Wednesday (July 18) on issues like data security, IoT, privacy, deceptive advertising and more.
Rep. Bob Latta (R-Ohio), chair of the subcommittee, made some news early on, saying the committee was sending letters Wednesday to location data aggregators Location Smart, Securus and 3C Interactive "to probe their data handling and use." The letters are a follow-up to letters it sent to Apple and Google asking them to explain how smart phone user data is protected when it is compiled and shared.
The House Appropriations Committee actually appropriated $2 million more for the FTC than it asked for, which it may well need as it ramps up oversight of the internet, including the internet of things.
Rep. Jan Schakowsky (D-Ill.), ranking member of the subcommittee, suggested the commission needs more tech resources, including tools to protect consumer online privacy, such as civil penalty authority.
Rep. Greg Walden (R-Ore.) chair of the full committee, said the FTC's top cops needed to go after bad actors, and named some names: Facebook, Equifax and Uber.
"Particularly with Facebook being under a consent order with the FTC, we are closely evaluating the tools being used by the Federal Trade Commission" as that investigation of the consent order and whether Facebook violated it moves forward, he added.
Walden said the committee would look into whether there were ways to improve privacy regulation that could help consumers better understand how data flows support the global economy.
FTC chair Joseph Simons promised vigorous enforcement.
While Republicans are concerned about data-sharing issues, they also are concerned that too strict a regime, say opt-in for all data sharing, could undermine the basic economics of the web, something that concerns edge providers as well.
Simons said they did not want to unnecessarily "saddle" companies with regulations or compliance burdens. But he said the FTC would make sure companies are not misusing consumer data. Period.
Walden said that was why he supported the FCC's Restoring Internet Freedom Order and its restoration of FTC oversight of both ISPs and tech companies. He said that was critical to promoting a "free and open" internet.
He reiterated his call for tech companies to come to Washington and talk to the committee.
Rep. Frank Pallone (D-N.J.) put in a pitch for giving the FTC fining authority for first-time violations. Under the FTC Act, the agency can only seek an injunction for such a violation or strike a settlement.
"Only if the company commits the same unscrupulous act again, after promising in a consent decree that it would stop such conduct, can the FTC seek fines," Pallone said. "Just a few months ago, we were here listening to Mark Zuckerberg apologize yet again for Facebook’s failures to properly inform users of how their data would be shared. If the FTC was able to fine Facebook in 2011, the first time it found that Facebook failed to properly notify users, we may not have seen the Cambridge Analytica scandal."
Simons said he supported giving the FTC more civil penalty authority over data breaches, where the FTC could show sufficient harm for violations under the statute, but in terms of monetary remedial authority -- the FTC can require consumer redress for first offenses -- showing damage from any particular breach was very difficult.
Monetary relief is an insufficient deterrent, he said.