Articles and publications written by the CCC about Privacy.

Why does Ted Cruz want to empower Biden’s radical FTC?

Data privacy is an increasing concern for consumers and tech advocates alike. Lawmakers from both the Republican and Democratic parties know this, and it’s why the Informing Consumers about Smart Devices Act, being championed by Sen. Ted Cruz (R-TX), is receiving bipartisan support.

Cruz says this bill would “inform” consumers about smart devices with “spying” capabilities, but it is just another opportunity for politicians to expand their ever-growing paternalistic role in our daily lives.

Sure, users value their privacy, but only to a certain degree. Case in point: the smartphones that roughly 310 million people voluntarily keep on their person 24/7, even while they’re in the bathroom. Does it really matter if a smart refrigerator is equipped with the same technology as the smartphone present in your pocket (especially when the refrigerator has the added bonus of assisting with food management)?

Despite what Cruz may think, consumers aren’t dumb when it comes to smart products. We don’t need a warning label for the presence of audio-video software or internet-enabled capabilities. If a device needs to connect to WiFi or an app to function, clearly it is internet-enabled. If lights, thermostats, or music can be controlled by voice commands, then of course these devices have a listening function.

Many of us have come to accept the trade-off of data collection by companies we trust in order to use certain products, services, or websites. For some time now, internet surfers and online shoppers have become acquainted with pop-ups asking to enable cookies on their browsers. Digital cookies were always there, but what changed was the notification of them due to policy pressures. Have the cookie notifications really changed online activities? I doubt it. Have more pop-ups in the name of transparency improved online experiences? Also doubtful.

Organizations gather data to know their consumer base, not to stalk us and discover our dirty secrets. In fact, I’d appreciate it if my tech-enabled Traeger grill was “spying” on me — that way, I might receive some coupons based on my grilling history or suggestions on how to improve my barbecuing skills.

Firms are well aware that their reputation hinges on the comfort level of consumers when it comes to tech use and data collection: If consumers feel a company is infringing too much upon their privacy, backlash will surely ensue. As such, government deliberation over this matter is simply unnecessary.

If passed, the proposed bill will, at best, require warning labels to be affixed to the packaging of smart products and, at worst, place the Federal Trade Commission in charge of establishing disclosure guidelines and enforcement mechanisms. Any cost a company incurs related to regulatory compliance deemed necessary by the FTC will be felt in the marketplace, and manufacturers will take into account the potential for fines from the FTC when establishing their price points.

The expense of FTC interference will be borne by all taxpayers, and the cost to companies for new packaging and labels will spill over into higher prices for consumers.

It is unclear why members of the Republican Party would want to expand the regulatory mandate of the FTC, given that Chairwoman Lina Khan has proven her position as an anti-business ideologue ever since she was appointed by President Joe Biden. Our independent purchase decisions do not need to create an economic burden for all taxpayers nor serve as a means for furthering the FTC’s inquisition against corporate America.

At the end of the day, it is important to remember that every individual consumer has authority over what tech products are used within his or her home. Rather than increase the power of the regulatory state over our consumption habits, consumers concerned about their appliances having spyware capabilities should simply shop accordingly, and any nefarious activities should be handled by the court system.

The “Internet of Things” is meant to predict wants, persuade actions, and improve consumer experiences. Some in-home smart devices can even be literal lifesavers. Thanks to advancements in wearable tech and telehealth, real-time assessments can be transmitted to healthcare providers to allow for independent living at home. Take WalkWise, a smart mobility aid attachment benefiting those in need of senior care. Devices such as these shouldn’t be bogged down by FTC interference or government oversight.

Products that advance our well-being, and that we buy according to our preferences with our own money, should not be vilified by politicians and used to grow the nanny state. Although Cruz claims this bill to be “common sense legislation,” that assumes you (the consumer) have no common sense of your own.

Originally published here

Technological neutrality is the best mechanism of cyber security and protects consumer data privacy

KUALA LUMPUR, 26 th June 2023 – The Consumer Choice Center (CCC) emphasizes the
importance of governments supporting and maintaining technological neutrality in putting in
place the best mechanisms for cybersecurity systems and consumer data protection.

Representative of the Malaysian Consumer Choice Center, Tarmizi Anuwar said: “Technology
changes very quickly and faster than amendments or changes in laws. In this regard, laws that
are friendly to innovation and technology or so-called neutral technology need to be prepared so
that healthy competition between private companies becomes the best method of determining
the mechanism in data privacy regulations.”

In addition, Tarmizi commented on the recommendation of the Minister of Communications and
Digital that the private sector makes investments related to aspects of cyber security and data
privacy according to the appropriateness of their respective operational levels which is
considered positive. However, it is necessary to remain consistent and not put an excessive
burden on the private sector.

“The recommendation can be considered good because the enforcement of interoperability
standards can be prepared and implemented by the firm that handles the data, and is not
necessarily determined by law. This will also give space to start-up companies to operate at a
cost that matches their capabilities.”

“Basically, every company has its own interest in protecting the cyber security or privacy data of
their consumers. Excessive legal stipulations such as imposing specific software will cause an
increase in business costs and subsequently increase prices for consumers”, he said.

Explaining Malaysia’s efforts to collaborate with Southeast Asian countries in creating a data
sharing protocol to become a regional data processing hub, he said the government must make
the concept of industry-based data portability as the main standard.

“In order to become a regional data processing hub, the government needs to use industry
standards as the main policy and strategy. This standard is a faster and more efficient way and
is able to coordinate the differences in laws in each country to enforce and regulate portability
over the law.” he concluded.


Un outil se démocratise qui permet d’accéder à plus de contenus… tant que l’Etat ne s’en mêle pas directement. 

De plus en plus de consommateurs utilisent des VPN sur leurs appareils qui accèdent à Internet. Ce qui était autrefois une technique plutôt obscure permettant d’accéder à des sites différents par l’intermédiaire de serveurs virtuels est devenu un outil de plus en plus courant, qui a suscité l’intérêt des utilisateurs d’internet et des autorités de régulation.

Un VPN (Virtual Private Network), en français RPV (réseaux privé virtuel) permet à ses utilisateurs de se connecter à un serveur différent de celui où ils se trouvent actuellement. A travers diverses techniques cryptographiques, le VPN masque l’adresse IP de l’utilisateur et lui donne accès à d’autres contenus.

Déménager sans bouger

Il existe différentes utilisations d’un VPN : l’une d’entre elles, très courante, est l’accès à des contenus vidéo en streaming. En effet, alors qu’une nouvelle émission de télévision populaire peut être disponible aux Etats-Unis, il n’est pas possible de la regarder depuis la France. En connectant votre VPN à un serveur situé à New York, vous aurez accès au contenu qui peut être vu de l’autre côté de l’Atlantique, depuis le confort de votre propre maison.

Les fournisseurs de services de streaming tels que Netflix ou Amazon Prime n’aiment pas cette pratique, car ils craignent d’avoir des problèmes avec la réglementation sur les droits d’auteur. La raison pour laquelle certains contenus télévisés ne sont pas distribués en France est que ces chaînes n’ont pas acquis les droits pour ces émissions dans l’Hexagone – parfois en raison du prix, parfois parce qu’elles ne pensent pas qu’une certaine émission suscitera beaucoup d’intérêt en France, par rapport aux Etats-Unis.

Cela dit, l’utilisation des VPN dépasse de loin les avantages qu’il y a à regarder Game of Thrones sur son canapé. En masquant votre adresse IP, ils réduisent considérablement les risques de piratage ou de surveillance lorsque vous vous connectez à un réseau Wi-Fi public. Au fur et à mesure que les VPN sont devenus plus populaires, les fournisseurs de services VPN ont trouvé d’autres moyens de protéger vos données lorsque vous êtes en public.

Certains services VPN proposent également une fonction appelée « Internet Kill Switch ». Dans le cas où votre connexion VPN est interrompue ou déconnectée, cette fonction protège votre appareil et ses données des regards indiscrets. Elle bloque tout le trafic Internet vers votre appareil jusqu’à ce que la connexion avec votre VPN soit rétablie.

Quand l’Etat adopte les VPN

Les VPN sont également un bon moyen d’échapper à la censure gouvernementale. Bien que cela soit moins problématique dans de nombreux pays européens, les VPN sont couramment utilisés par les consommateurs en Autriche pour contourner les réglementations gouvernementales. Pendant longtemps, Wikipédia n’a pas été accessible en Turquie sans l’utilisation d’un VPN. Les VPN sont également très utilisés dans les dictatures, car les utilisateurs accèdent à des services d’information internationaux qui seraient bloqués dans leur pays.

Toutefois, bon nombre de ces Etats se sont ralliés à cette tendance. Il est légal d’utiliser un VPN en Chine, mais le gouvernement impose de nombreuses restrictions. Les VPN nationaux doivent être approuvés par le gouvernement et ceux qui ne le sont pas sont interdits. Les citoyens peuvent faire l’objet de sanctions, contrairement aux étrangers, qui peuvent rester impunis s’ils sont pris en train d’utiliser des VPN non autorisés. Evidemment, vous pouvez vous imaginer que les VPN locaux chinois sont contraints de ne pas débloquer du contenu interdit par le parti communiste.

En Europe, l’utilisation des VPN n’est pas limitée. Cela dit, le monde occidental a connu des textes législatifs susceptibles d’enfreindre l’utilisation des VPN.

Par exemple, un projet de loi récemment proposé aux Etats-Unis dont le but principal est d’interdire l’utilisation de TikTok fait vaguement référence à la possibilité pour les utilisateurs de contourner cette interdiction. Bien que la loi ne mentionne pas les VPN en tant que tels, Reason Magazine explique que « cette formulation laisse encore plus de place à la loi RESTRICT pour toucher un large éventail d’activités. Peut-être qu’un tribunal finirait par la juger inutilisable contre des personnes essayant simplement d’échapper à une interdiction de TikTok, mais cela ne signifie pas que les procureurs n’essaieraient pas, ni que les autorités n’utiliseraient pas des mesures de surveillance invasives pour essayer de détecter une telle évasion. »

Des services inégaux

Il y a un dernier point dont les consommateurs doivent être conscients. Si les VPN garantissent une plus grande sécurité en ligne, ils sont loin d’être une panacée. De nombreux VPN populaires vous promettent que vous pourrez « surfer sur le web de manière anonyme » ou que vous serez « complètement à l’abri de la surveillance gouvernementale ». Malheureusement, le simple fait de payer pour un VPN ne vous mettra pas totalement à l’abri de la surveillance et des menaces de piratage.

L’anonymat complet en ligne est très difficile à atteindre, car il nécessite une vaste gamme d’appareils et de logiciels de brûlage qui vont bien au-delà de votre utilisation quotidienne.

Lors de la mise en place d’un VPN, il est important de s’informer sur le produit que vous achetez. Il est également conseillé de s’abstenir d’utiliser des VPN « gratuits ». Si le VPN est gratuit, vos données sont le produit. L’utilisation d’un VPN devrait devenir un comportement banal en ligne, mais elle continuera à exiger que vous fassiez vos propres recherches.

Originally published here

Generational Endgame: The government needs to avoid repeated MySejahtera data leaks

KUALA LUMPUR, 6th March 2023 – The Consumer Choice Center (CCC) voiced concerns
over the implementation of the generational endgame and urged the government to drop the
generational endgame from the Tobacco and Smoking Products Control Bill.

According to Tarmizi Anuwar, the Malaysian Consumer Choice Center representative, he
believes that the Minister of Health is hasty in wanting to implement generation endgame
and is not consistent with the statement at the beginning that wants to implement it
incrementally and in stages.

It is even more worrying when the Ministry of Health wants to implement it in the next year,
which is 2024. However, until today it is still not clear what mechanism will be used to
ensure that the implementation process is not misused or pose other risks to consumers.
Recently, the Deputy Health Minister, Lukanisman mentioned that the government intends to
make the MySejahtera application as a national public health management tool or digital
public health super apps.

“If the government uses the MySejahtera application or any similar form of application to
implement the generational endgame, this may bring other risks to consumers such as
breach of information or personal data.”

“This is clear in the Auditor General’s Report 2021 Series 2 has revealed that 3 million
Malaysians’ personal data in the MySejahtera application was downloaded by the super-
admin account between 28 October to 31 October 2021,” he said.
In addition, according to Tarmizi, it is more worrying when the Deputy Health Minister’s
answer in parliament contradicts to the response given by the Ministry of Health to the
National Audit Department.

“The statement of consumer details downloaded by the super admin as part of security
measures against attempts to hack the application is contrary to the response given by the
Ministry of Health to the Auditor General’s Department.”

“In the report, the Ministry of Health’s response clearly states that there is an element of
misuse by the super admin account and a police report has been made.”
“The government needs to be more realistic in drafting and implementing laws so as not to
put consumers’ personal data at risk.”

Commenting further on the implementation of the finishing generation in the Tobacco and
Smoking Products Control Bill, he said, “The government needs to drop the generational
endgame and adopt more practical practices; harm reductions such as the United Kingdom
or the Philippines.

“Instead of a full ban these two countries recognize harm reduction as one of the methods
to reduce smoking in their countries.”

In addition, Tarmizi emphasized that the discussion about fundamental rights or individual
freedom in this matter must take into account various opinions and not just one school of
thoughts. He referred to the statement of Tun Zaki, Former Chief Justice, regarding the
generational endgame can be considered to be discriminatory and violate Article 8 of the
Federal Constitution.

“The law must operate equally on all people in fair conditions for all generations and every
group of society. The law cannot give only one advantage to one generation and deprive it
from another.”

MoH urged take immediate recommendations in the AG’s Report on MySejahtera data leak

KUALA LUMPUR: The Malaysia Consumer Choice Center (MCCC) urges the Ministry of Health (MoH) to implement immediate security measures to prevent the continued theft of personal data from the MySejahtera application.

This follows the Auditor General’s Report 2021 Series 2, which revealed that the super-admin account downloaded three million Malaysians’ personal data in the MySejahtera application from October 28 to October 31, 2021.

MCCC representative Tarmizi Anuwar urged the MoH to improve security measures to ensure the safety of consumers and that such incidents do not happen again.

“The MoH needs to act immediately to tighten the data security management system and the MySejahtera application as recommended by the Auditor General’s Report to prevent the intrusion of consumer data again.

Read the full text here

Kenapa KKM gagal kenal pasti data MySejahtera dimuat turun ‘Super Admin’, soal kumpulan pengguna

Wakilnya menggesa KKM segera bertindak memperketatkan sistem pengurusan keselamatan data dan aplikasi tersebut.

PETALING JAYA: Pusat Pilihan Pengguna (CCC) mengecam kerajaan kerana masih tidak mengenal pasti medan data peribadi yang dimuat turun daripada akaun “Super Admin” menerusi aplikasi MySejahtera, selepas lebih setahun laporan polis dibuat.

Wakilnya, Tarmizi Anuwar, menggesa Kementerian Kesihatan (KKM) mempertingkatkan langkah keselamatan bagi memastikan keselamatan data pengguna terjamin.

“KKM perlu segera bertindak memperketatkan sistem pengurusan keselamatan data dan aplikasi MySejahtera seperti disarankan laporan ketua audit negara bagi mengelakkan pencerobohan data berulang.

“Tindakan ini perlu diambil secepat mungkin kerana selepas satu tahun tiga bulan (laporan dibuat), kementerian masih tidak dapat mengenal pasti medan data peribadi telah dimuat turun.

“Hal ini sangat membimbangkan kerana lebih tiga juta data pengguna berisiko disalah guna pihak berkenaan,” katanya dalam kenyataan.

Read the full text here

The Ministry of Health Needs to Immediately Take the Recommendations of the Auditor General’s Report

KUALA LUMPUR, 20th February 2023 – The Malaysia Consumer Choice Center (CCC) urges the Ministry of Health of Malaysia to immediately present security measures to protect against the theft of personal data of the MySejahtera application from continuing. 

This follows the Auditor General’s Report 2021 Series 2 which revealed that 3 million Malaysians’ personal data in the MySejahtera application had been downloaded by the super-admin account on 28 October to 31 October 2021. 

According to the representative of the Malaysian Consumer Choice Center, Tarmizi Anuwar urged the Ministry of Health to improve security measures to ensure the safety of consumers and things like this do not happen again.

“The Ministry of Health needs to act immediately to tighten the data security management system and the MySejahtera application as recommended by the Auditor General’s Report to prevent the intrusion of consumer data again. This is important to ensure that consumers are safe,” he said. 

Based on the report, after one year and three months of the police report being made, the government has yet to identify the data fields that have been downloaded and are still under investigation by the authorities.

“The Ministry of Health needs to immediately take this action because after one year and three months, the Ministry still does not know or identify the personal data fields that have been downloaded. This is very worrying because more than 3 million user data is at risk of being misused by those who have downloaded it,” he added. 

According to Tarmizi, the Ministry of Health also needs to take seriously the questionnaire conducted by the audit department regarding the perception of consumers of the MySejahtera application. Based on the survey, a total of 2,699 responses or 49.8 percent disagree that personal data is stored in the My Sejahtera application database. While only 1,168 responses or 21.8 percent agreed and the rest were neutral. 

“Based on the survey conducted by the audit department, consumers are not confident about the level of security of the MySejahtera application and have concerns if their information or personal data is invaded by irresponsible parties.” 

“Although it has entered the endemic phase and this application is not used as before but the consumer’s personal data is still stored in this application.” 

“Therefore, the Ministry of Health needs to take immediate action and explain to public the steps that will be taken to deal with this matter seriously and be responsible in ensuring that this won’t happen again.”

The Great Danger of CBDCs

Kaleidoscopic Banknotes Collage

There have been numerous announcements of central banks starting to explore the idea of introducing Central Bank Digital Currencies (CBDC).

From e-naira, a CBDC issued by the central bank of Nigeria, to the digital yuan in China to the European central bank exploring the idea of the digital euro. In fact, according to the Bank For International Settlements research, 90% out of 81 central banks surveyed have been in some shape or form investigating the idea of introducing a central bank digital currency.

According to the same survey, an increasing number of countries are adjusting the legal authority of central banks giving them provisions that allow for a launch of digital currencies.

These central banks argue that CBDCs will help with financial inclusion by providing more access to financial services for underbanked and unbanked, they would lead to a significant reduction in fraud and money laundering, and they would improve efficiency and ultimately allow for a better and more efficient monetary policy through more control over the money supply.

CBDCs are often thought of in terms of the government’s response to crypto, the way that central banks are trying to get with the times and digitize money. However, except for utilizing similar technologies, they are fundamentally different from Bitcoin and many other cryptocurrencies.

The most significant difference between CBDCs and Bitcoin lies in the level of centralization and control. While Bitcoin is a fully decentralized currency operating on a decentralized ledger that not one person or organization can control, CBDCs are issued and fully controlled by the central bank that controls its supply, issuances, and use.

Bitcoin was created as a decentralized alternative to traditional fiat currencies and as a response to the monetary policies of central banks creating uncertainty and being responsible for the devaluation of money with ripple effects throughout the economy. CBDCs would equip governments with tools providing fast and easy total control over monetary policy to the extent of targeting businesses, organizations, and individuals. 

The level of control that a government would have over every transaction and the ability to apply transaction censorship over anyone would give leaders a level of control unprecedented in history, a tool that any totalitarian leader from a few decades ago could have only dreamed of. 

One could argue that most money already is digital, an endless collection of 0s and 1s. However, the crucial distinction is that no single database can track and oversee every transaction that exists. There are a number of laws and regulations in place that allow law enforcement to request access to records of interest where courts are required to give approval for such actions.

Forgoing these checks and balances currently in place and allowing one-click access to accounts of citizens would give not only an unprecedented power in terms of privacy violations but also an opportunity to monitor or deactivate undesirable accounts based on any perceived or real violation.

Taking away all of one’s ability to sustain themselves by locking their accounts is equivalent to jailing them. Giving officials the option to freeze or ban certain accounts without due process could seriously damage the principles of rule of law on which our society rests.

The potential for any elected or appointed officials to affect a citizen’s livelihood in such a way could lead to serious consequences, such as endangering the ability of citizens to use their right to free expression in fear of their lives being ruined in a single click. It is not hard to imagine many possible ways that any malicious actor could use this centralized power. Many other unintended consequences could be possible and some could create immense levels of social distrust.

Then there is privacy. Transactions made using CBDCs may be recorded on a public blockchain, making it possible for others to track and analyze financial data. Having citizens using a tool that could fundamentally affect their privacy on an unimaginable scale thus far in human history would be a grand violation of rights to privacy and would, without a doubt, lead to additional problems.

You thought your browsing history could be turned against you? Anyone having access to any monetary transaction you have made would definitely not be fun either and it is easy to imagine dozens of ways that bad actors could exploit access to that kind of information.

Another often overlooked potential consequence of introducing Central Bank Digital Currency is the digital monetary competition. If we see a rise in digital currencies issued by central banks, it is likely that they will enter a race with other country issued currencies as well as private or decentralized ones, such as Bitcoin. Having this sort of competition would potentially open up unknowing citizens to currency fluctuations which cannot be foreseen and create even larger instability with some national currencies. The ways this could affect purchasing power and lead to potential civil unrest is evident.

This is only a few ways that adoption of Central Bank Digital Currencies could affect life as we know it. It is easy to see how an extremely centralized, highly controlled and surveilled currency would be an end of many of the freedoms that our societies enjoy and shows why in contrast, Bitcoin, a highly decentralized, secure and censorship resistant currency is immensely important and represents one of the most potent tools humanity has today.

Aleksandar Kokotović is the crypto fellow at the Consumer Choice Center.

Memperkasa Akta Perlindungan Data Peribadi

Maklumat-maklumat penting pelanggan seperti nama, alamat, e-mel, nombor telefon, maklumat kesihatan atau butiran bank – semuanya harus disimpan dan dilindungi dengan teliti. 

Namun hampir setiap hari kita mendengar pelbagai kes baru mengenai kecurian identiti, jenayah kewangan atau serangan yang berbentuk pencerobohan data peribadi. 

Kebocoran atau pencerobohan data peribadi perlu diberikan perhatian kerana pengguna terdedah kepada aktiviti penipuan, penggodaman, pancingan data dan kecurian identiti.

Jika maklumat sedemikian sampai ke tangan yang salah, ia boleh menjejaskan keselamatan pengguna dalam pelbagai bentuk, termasuk integriti peribadi, keselamatan fizikal dan keselamatan kewangan.

Maklumat yang dicuri juga boleh digunakan untuk membuat profil palsu dan melakukan penipuan.

Firma keselamatan siber Surfshark menyatakan pada suku ketiga 2022 saja sebanyak 108.9 juta kebocoran maklumat berlaku di peringkat global. 

Kebocoran itu menunjukkan peningkatan sebanyak 70 peratus berbanding suku kedua tahun yang sama.

Menurut Menteri Komunikasi dan Digital, Fahmi Fadzil, pula sejak 2017 sehingga 2022 kira-kira 100 juta set data yang peribadi diceroboh dan dicuri.

Pada 2022 terdapat beberapa laporan insiden kebocoran data yang melibatkan maklumat peribadi berjuta-juta rakyat Malaysia yang didakwa berasal dari pangkalan data agensi kerajaan. 

Antaranya senarai daftar pemilih Suruhanjaya Pilihan Raya, data e-slip gaji kakitangan awam dan data kelahiran di Malaysia dari 1940 hingga 2004 milik Jabatan Pendaftaran Negara.

Read the full text here

Where is the FTC’s privacy report?

Data privacy is a fundamental liberal democratic principle for citizens + consumers.

In December 2020, the Federal Trade Commission ordered security and privacy data from Big Tech firms to inform potential future rules that would impact all consumers.

It’s nearly November 2022 but we still have NO report. Why?

We know that our interactions with companies and government involve privacy trade-offs that we must weigh individually. That’s what informed consumer choice is all about, and why we fight for smart data and privacy rules

Enough with data leaks/hacks!

We need smart data and privacy rules that can:
💡Champion Innovation
🛡Defend Portability
📲Allow Interoperability
👨‍💻Embrace Technological Neutrality
👩‍⚖️Avoid patchwork legislation
🔒Promote strong encryption

Learn more! 👇

Originally tweeted by Consumer Choice Center (@ConsumerChoiceC) on April 21, 2021.

The FTC began its 2020 investigation into data practices from major tech companies to try to understand their algorithms, data collection, and monetization. Tech firms provided this within 45 days.

But still no FTC report.

In August 2022, FTC called for public comments on commercial data practices and surveillance by tech firms, presumably informed by the data they collected and analyzed in their report.

But still no FTC report.

Maybe that’s why the deadline was pushed from October 20 to November 21, the week of Thanksgiving…

By then, will American consumers and citizens have access to the FCC report?

The FTC is asking for citizen comments on the data practices of tech firms, we deserve to know what’s in the report they’ve been cooking up for nearly 2 years.

As Joel Thayer writes, it’s an absolute failure that a major agency has fallen behind on this task, especially considering their ream of lawsuits and actions against these same tech companies.

If the FTC wants to empower consumers and provide a framework that we can debate, it needs to prove it. While data and consumer privacy are vital for consumers and innovators, we know this FTC chair has an agenda that will have sweeping ramifications.

FTC Chair Lina Khan has aimed to stop mergers and acquisitions and issued record fines on tech companies against the advice of her own staff. If FTC wants to invoke consumer privacy as another regulatory hammer, consumers deserve a say.

In our view, consumer and data privacy rules must provide balance and protection:

  • Champion Innovation
  • Defend Portability
  • Allow Interoperability
  • Embrace Technological Neutrality
  • Avoid patchwork legislation
  • Promote and allow strong encryption

Anyone who wants to submit a comment to the FTC on their “Trade Regulation Rule on Commercial Surveillance and Data Security” — even without the report — should submit one here.

Scroll to top