FTC Testifies Before Senate Subcommittee About Consumer Privacy And Data Security

The Federal Trade Commission (FTC) testified on Tuesday (Nov. 27) before the U.S. Senate Commerce Subcommittee regarding the agency’s work on consumer protection, product safety, insurance and data security.

FTC Chairman Joseph J. Simons and Commissioners Noah Joshua Phillips, Rohit Chopra, Rebecca Kelly Slaughter and Christine S. Wilson testified, saying that during 2018 fiscal year (FY), the agency’s “law enforcement actions led to more than $1.6 billion in refunds to consumers and collected more than $8.5 million for the Treasury,” according to a press release. The numbers included $83.3 million in redress that the FTC returned to consumers, while its orders including in cases focused on Volkswagen, Amazon and Netspend required defendants to refund programs worth over $1.6 billion.

“Consumer privacy and data security remain important priorities for the FTC, and the Commission reiterated its commitment to use every tool at its disposal to protect consumers,” the agency wrote in the press release. “To date, the FTC has brought more than 60 data security cases, alleging that companies failed to implement reasonable safeguards, as well as more than 60 general privacy cases.”

According to the testimony, in September 2018, the FTC began holding its Hearings on Competition and Consumer Protection in the 21st Century to explore if changes in the economy, evolving business practices, new technologies or international developments might bring the need for adjustments to the agency’s regulations. The FTC has heard from more than 200 panelists and received over 700 public comments, and will continue to hold public hearings through early 2019.

The testimony also noted that there are limitations to Section Five of the FTC Act, the main statute enforced by the agency. In particular, the law does not provide for civil penalties. It also lacks authority over non-profits and common carrier activity, as well as broad APA rule-making authority for privacy and data security in general.

“The Commission has challenged numerous privacy and security practices under Section Five of the FTC Act. Our program in these areas which includes enforcement, as well as consumer and business education has been highly successful within the limits of our authority,” said Simons in separate remarks. “But Section Five is an imperfect tool. In my view, we need more authority.”