The FTC should create a data protection bureau, the advertising industry asked in a final round of comments on policy hearings. Broadband, retail and financial groups backed a federal, pre-emptive privacy standard. A Google-linked researcher said there’s no economic evidence to suggest online platforms need access to large amounts of data to compete “effectively.”
Karl Herchenroeder
Karl Herchenroeder, Associate Editor, is a technology policy journalist for publications including Communications Daily. Born in Rockville, Maryland, he joined the Warren Communications News staff in 2018. He began his journalism career in 2012 at the Aspen Times in Aspen, Colorado, where he covered city government. After that, he covered the nuclear industry for ExchangeMonitor in Washington. You can follow Herchenroeder on Twitter: @karlherk
Alexa users can delete audio data, but Amazon is still working to remove related transcript data, despite pressure from Sen. Chris Coons, D-Del., in July 2018. Coons in May suggested the company misrepresented the control that Echo smart speaker users have in deleting audio data from interactions with Alexa (see 1905240034). Responding to Coons in a letter dated Friday, the company said transcripts are deleted from Alexa’s primary storage systems, and “we have an ongoing effort to ensure those transcripts do not remain in any of Alexa’s other storage systems.” That leaves open the possibility that transcript data remains stored, despite user requests for deletion, Coons said in a statement Tuesday. He raised concern about how data can be shared with third parties: “The American people deserve to understand how their personal data is being used by tech companies.” Amazon’s letter describes how it retains records of Alexa’s actions in response to users, despite deletion of user audio. Examples include when a customer “subscribes to Amazon Music Unlimited, places an Amazon Fresh order, requests a car from Uber or Lyft, and orders a pizza from Domino’s.” The e-tailer doesn’t anonymize user identity information related to transcripts, which allows customers to review transcripts. Alexa is designed to get smarter every day, the company said, using machine learning to analyze region, dialect, context, environment, age and other details about Echo users. The company didn’t comment further.
Sens. Jerry Moran, R-Kan., and Richard Blumenthal, D-Conn., are open to moving forward with their own privacy bill, given uncertainty about the Senate Commerce Committee’s privacy working group (see 1906270053), three lobbyists told us separately. Ranking member Maria Cantwell, D-Wash., doesn’t believe the working group is the best way to reach consensus and is reportedly looking to negotiate bilaterally with Chairman Roger Wicker, R-Miss. That’s despite months of talks between Wicker and the original members: Moran, Blumenthal and Sen. Brian Schatz, D-Hawaii. Offices for the six involved in the group’s talks, including Senate Majority Whip John Thune, R-S.D., didn’t comment. Moran and Blumenthal are prepared to move forward regardless of the group's makeup, one tech lobbyist told us. Another said this signal from Moran and Blumenthal could be a negotiating tactic to bring the entire group to the table. The two remain committed to reaching consensus on privacy, especially given the group’s work this session, a Senate Republican lobbyist said. Moran “has been a great partner, and the work has been really substantive,” Blumenthal told reporters last week. “Other Republican and Democratic members of the committee have made immense” contributions, and “I’m still very hopeful.” Asked if he will move forward with Moran independently, Blumenthal said, “I’m not going to speculate about the future.”
The FTC isn’t equipped to handle modern enforcement challenges, Rep. Anna Eshoo, D-Calif., told us, saying there’s a strong case for creating a new data privacy agency. Eshoo and Rep. Zoe Lofgren, D-Calif., are drafting a bill that would create such an agency modeled after the Consumer Financial Protection Bureau (see 1906250033).
Senate Commerce Committee ranking member Maria Cantwell, D-Wash., doesn’t see her panel’s privacy group (see 1906140052) as the best route for reaching legislative consensus, a Democratic committee aide told us Thursday. A day earlier saw reports that Cantwell wants to negotiate bilaterally with Chairman Roger Wicker, R-Miss.
The compulsory license that enables satellite operators to import distant broadcast TV network programming without negotiating with local broadcasters should expire, Register of Copyrights Karyn Temple told the House Judiciary Committee Wednesday. The Copyright Office believes the Section 119 license is only necessary if there’s market failure, and that’s not the case, she testified. The license is to expire Dec. 31, with the Satellite Television Extension and Localism Act up for renewal.
Congress should consider offering the tech industry a set of standards to ensure proper moderation practices for malicious content, House Homeland Security Chairman Bennie Thompson, D-Miss., told reporters after a hearing Wednesday. Democrats from the panel hammered witnesses from Facebook, Google and Twitter, saying industry isn't doing enough to remove content from bad actors like the Christchurch, New Zealand, mass shooter (see 1905150047). Republicans mostly focused criticism on First Amendment issues and claims of anti-conservative bias.
Consumers should be able to turn off algorithm filtering that determines the online content they see, Senate Communications Subcommittee Chairman John Thune, R-S.D., said during a hearing Tuesday, announcing legislative efforts. Ranking member Brian Schatz, D-Hawaii, told reporters he likes the concept but suggested it could be folded into the Senate Commerce Committee’s ongoing privacy legislation talks.
House Democrats are drafting legislation that would create a U.S. data privacy agency modeled after the Consumer Financial Protection Bureau, according to documents we obtained. The draft framework for the Online Privacy Act from Reps. Anna Eshoo, D-Calif., and Zoe Lofgren, D-Calif., (see 1902130058) envisions an independent agency within the executive branch. Authorized with $200 million annually and about 1,600 staff, the U.S. Digital Privacy Agency would be led by a director who could issue rules and orders. The draft includes private rights of action for consumers, a sticking point for Republicans negotiating a privacy bill in the Senate. It doesn't address the issue of state pre-emption, another key point of contention. House Consumer Protection Subcommittee Chair Jan Schakowsky, D-Ill., is leading a separate privacy effort for Democrats. Eshoo and Lofgren requested feedback on the draft through July 12. The new agency’s enforcement authority would be “largely based on Title X of the Dodd-Frank Act,” which established CFPB. The draft dictates that maximum civil financial penalties be based on Section 5 of the FTC Act. The agency could carry out investigations, subpoena testimony or documents, issue civil investigative demands and issue cease and desist notices. State attorneys general could bring civil action under the proposal, but the federal government could intervene. The proposal would require breached entities to notify the agency of data incidents within 72 hours. It targets “any entity that collects or processes personal information” and transmits data over an “electronic network,” including broadband providers. Smaller businesses would be exempt: That includes entities that don’t have revenue from personal data sales, get less than half their annual revenue from targeted advertising, have fewer than 500,000 users, have fewer than 200 employees and have revenue under $10 million. The proposal envisions certain exemptions for data collection on cyber incidents, protection against other malicious behavior and law enforcement activity. It includes consumer rights to data access, correction, deletion, portability, human review of automated decisions, the ability to opt out of targeted content and the ability to be informed. Offices for the lawmakers didn’t comment.
The FTC should penalize Google for allegedly violating the children’s privacy law (see 1906190045), Sen. Ed Markey, D-Mass., and consumer groups wrote the agency separately Tuesday. Markey urged the agency to halt Google’s data collection of users under 13 and to delete all related data, as a result of alleged Children’s Online Privacy Protection Act infractions. He asked the agency to subject the company to yearly audits and force it to implement mechanisms ensuring the platform follows proper age requirements. He asked the commission to make sure any new Google products aimed at children are reviewed independently for compliance. The Campaign for a Commercial-Free Childhood and Center for Digital Democracy urged similar remedies, in their letter. The groups recommended the FTC make Google “remove all channels in the Parenting and Family lineup, as well as any other YouTube channels and videos directed at children, from YouTube.” An agency spokesperson confirmed receipt of the letters. The company didn’t comment.