September 30, 2022

Volume XII, Number 273


September 29, 2022

Subscribe to Latest Legal News and Analysis

September 28, 2022

Subscribe to Latest Legal News and Analysis

September 27, 2022

Subscribe to Latest Legal News and Analysis

“Commercial Surveillance” Questions Take Center Stage at the Federal Trade Commission

In the spring of 2018 and in the wake of the Facebook-Cambridge Analytica data scandal, tech CEOs Tim Cook of Apple and Mark Zuckerberg of Meta (fka “Facebook”) initiated a contentious and public debate over the ethics of Facebook’s monetization of user data. As Apple further leaned into its decade-long push to incorporate data privacy into its core value proposition, Cook simultaneously lobbed criticisms at what he coined the “Data Industrial Complex,” arguing that companies like Facebook are infringing on the “fundamental human right to privacy” when they monetize their user’s data. Zuckerberg, in an uncharacteristically biting response, defended his company’s efforts to “provide a free service that everyone can use” and cautioned consumers not to develop “Stockholm Syndrome” for “the companies that work hard to charge you more [and] convince you that they actually care more about you,” a clear nod to the rapidly rising costs of Apple products and services.

The central tradeoff between a service’s affordability and the user’s right to privacy has been debated for the better part of two decades. However, 2018 and the Cook-Zuckerberg feud marked a clear escalation in rhetoric that did not wane heading into the 2020 election cycle. Some in the privacy community predicted that a Biden victory would usher in the long-awaited seismic shift in data privacy regulation. They pointed to Biden’s campaign rhetoric, as well as running mate Kamala Harris’s track record as California Attorney General. However, as both House and Senate versions of a federal privacy regime begrudgingly snake their way through their respective chambers, the quickest jolt to the regulatory landscape may come via Federal Trade Commission (“FTC” or the “Commission”) enforcement.

FTC Gives Notice

On August 11, the FTC issued an Advanced Notice of Proposed Rulemaking (“ANPR” or the “Notice”), asking the public to weigh in on whether new regulation is required to protect consumers and crackdown on “commercial surveillance.” The ANPR broadly defines “commercial surveillance” as “the collection, aggregation, analysis, retention, transfer, or monetization of consumer data and the direct derivatives of that information.” The Commission emphasized that any potential rulemaking must be aimed at an “unfair or deceptive act or practice,” as defined in Section 5 of the FTC Act, before enumerating a laundry list of concerns related to commercial surveillance. Some the Commission’s major concerns include:

  • Companies that collect consumer data for one stated purpose but use it for another;

  • Companies that preface their use of consumer data on informed consent that is not truly informed due to lengthy and convoluted language in disclaimers or the inherent power imbalance in the relationship;

  • Automated marketing systems that use consumer data to advertise “fraudulent products and services to the most vulnerable consumers,” including children and teenagers; and

  • New forms and mechanisms for illegal discrimination in critical markets such as housing, labor and healthcare.

For 60 days following the Notice’s publication in the Federal Register, the public will have the opportunity to comment on specific questions related to these issues, as well as any others contained in the full ANPR. The FTC has also announced plans to host a public forum from 2 p.m. to 7:30 p.m. eastern time on September 8, 2022. Individuals or organizations interested in participating can provide two-minutes of public remarks if registered by 8:00 p.m. eastern time on August 31, 2022.

What’s Next?

The ANPR represents just the first step in an extensive rulemaking process that will take years to play out and likely face immediate challenge in court if and when final rules are promulgated. The initiative was approved by the FTC along strict party lines—with the three Democrat commissioners voting in favor of the measure and both Republican commissioners voting against it. Lawmakers on both sides of the aisle have already expressed their view that the issue is better-suited for legislative action. First Amendment concerns are specifically anticipated in the ANPR, and the FTC requests feedback as to whether the First Amendment bars “the Commission from promulgating or enforcing rules concerning the way in which companies personalize services or deliver targeted advertisements.”

Still, the Notice is significant in that it represents yet another volley from what is seen on some fronts as an increasingly activist FTC. Businesses that heavily rely on consumer data must now stay vigilant for reform that could come from either branch of the federal government.

©1994-2022 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.National Law Review, Volume XII, Number 230

About this Author

Michael A. Goldberg Boston Corporate Attorney Mintz

Michael Goldberg is as Associate at Mintz's Boston office. Mike focuses his practice on complex corporate law matters relating to securities regulation, private equity, and corporate transactions, including mergers and acquisitions. He counsels clients in a variety of industries, including the life sciences, financial services, and the nonprofit sector. Mike was a summer associate at Mintz in 2020.

During law school, Mike was a member of the William & Mary Law Review and interned for the Federal Reserve Bank of Richmond and the Virginia...

Cynthia Larose Privacy Attorney Mintz Levin
Chair, Privacy & Cybersecurity Practice

Cynthia is a highly regarded authority in the privacy and security field and a Certified Information Privacy Professional (CIPP). She handles the full range of data security issues for companies of all sizes, from start-ups to major corporations. Cynthia is masterful at conducting privacy audits; crafting procedures to protect data; advising clients on state, federal, and international laws and regulations on information use and data security; helping organizations respond to breaches; and planning data transfers associated with corporate transactions. She is an in-...