The Federal Trade Commission’s recent settlement with VIZIO, Inc., may have created a new definition of “sensitive information” that includes viewing data, but the opinion of Acting Chairperson Maureen Ohlhausen may provide further insight on how the agency will act under the new administration.

On February 6, the FTC settled charges with VIZIO, one of

Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising.

Facebook’s response grew out of a ProPublica report published on October 28, 2015 detailing how journalists were able to purchase ads targeted to house hunters on Facebook,, all while excluding specific “Ethnic Affinities,” such as African-American, Asian-American or Hispanic people.  The report raised significant ethical and legal questions on how the features that enable advertisers to target their ads can be misused for discriminatory purposes.  The potential for interactive computer service providers to violate anti-discrimination laws has drawn attention for several years, especially following the decision of the Ninth Circuit Court of Appeals in the Roommates decision, which held that the that immunity provided by the Communications Decency Act (CDA) for online operators did not apply to an online service that offered questionnaires and selections to online participants that could facilitate discrimination against protected classes. See Fair Hous. Council v. Roommates.com, LLC, 521 F.3d 1157, 1166 (9th Cir.2008) (en banc).
Continue Reading Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

Wages may be stagnant in the United States, but one thing on the rise is the price of getting on the wrong side of the Federal Trade Commission.

Effective August 1, 2016, the maximum civil penalty dollar amount  for violating section 5 of the Federal Trade Commission Act, or failing to comply with COPPA or

Initial comments are due on May 27, 2016 regarding the Notice of Proposed Rulemaking (NPRM) released last month by the FCC in its broadband privacy proceeding. The rules proposed in the NPRM have already been the subject of contentious discussions throughout the federal government and the communications industry. Those discussions included a hearing earlier

In December 2015, the Federal Trade Commission (FTC) settled a drawn-out civil action it brought against Wyndham Worldwide Corporation (Wyndham) for multiple data breaches involving cardholder data (i.e., information on credit and debit cards). In a departure from dozens of prior FTC settlements that mandated broad security measures for all consumer data, the Wyndham consent order was limited in scope to cardholder data, and required compliance with the Payment Card Industry Data Security Standard (PCI DSS) and annual independent audits to confirm compliance.

PCI compliance has apparently become a topic of great interest to the FTC, and it has now issued an Order to nine PCI DSS auditors pursuant to Section 6(b) of the FTC Act, seeking insight into data security compliance auditing and its role in protecting consumers’ information and privacy. The companies have been given 45 days to respond with a “Special Report” containing information, documents, and items responsive to the Order. According to the FTC’s  Press Release regarding the Order, “[i]nformation collected by the FTC will be used to study the state of PCI DSS assessments.”

The Order contains a number of requests with upwards of 38 subparts, and specifically seeks both information and documentation regarding PCI auditing activities from January 2013 through the present, including:
Continue Reading Following its Settlement with Wyndham, the FTC Launches Wide Scale Inquiry Into PCI Compliance Audits

The Federal Trade Commission is currently the most aggressive enforcement agency on privacy and data security. The agency kicked off 2016 with PrivacyCon on January 14, which put the spotlight on academic research on consumer privacy and security.

The conference, which drew 400 attendees to Southwest D.C. and 1,500 more streaming online, showcased 19 papers on topics ranging from mismatched consumer privacy expectations online to the costs and causes of cyber incidents, with many papers focusing on the technology of online tracking. While the papers presented do not necessarily reflect the view of the FTC, it is likely that they selected presenters and findings that are consistent with their enforcement priorities.
Continue Reading FTC’s PrivacyCon Highlights Consumer Privacy Perceptions and Targeting

The FTC unveiled a lengthy report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, warning companies about commercial uses of big data and the discriminatory impact it may have on low-income and underserved populations. “Big data” refers to the ubiquitous collection of massive amounts of consumer information by companies, which may be analyzed to reveal certain consumer patterns, trends, and associations.

While the term may conjure up an ominous feeling for some, big data has brought numerous advantages to society by efficiently and effectively matching products and services to consumers of all demographics. However, the FTC’s report warns that potential inaccuracies and biases might lead to detrimental effects on low-income and underserved populations, such as the misuse of personal information, reinforcing existing biases and disparities against certain populations, perpetuating fraud against vulnerable consumers, and weakening the overall effectiveness of consumer choice. While companies can design efficient big data algorithms that learn from human patterns and behavior, those algorithms may also “learn” to generate biased results.
Continue Reading FTC Warns Big Data Brings Big Consequences in New Report

As publishers increasingly rely on more modern methods of native advertising – that is, ads designed to look and feel similar to a platform’s editorial content – as a source of revenue, the FTC has taken steps to clarify when native advertising may cross the line and become deceptive to consumers. Recently, the FTC published two documents that address the Commission’s position on the use of native advertising – an Enforcement and Policy Statement on Deceptively Formatted Advertisements (“Policy Statement”) and a business guide entitled Native Advertising: A Guide for Business (“Business Guide”). Under the Policy Statement, advertising that misleads consumers in a material respect, including with regard to its commercial nature, is deceptive under section 5 of the FTC Act. Under FTC law, advertisers cannot use “deceptive door openers” to induce consumers to view advertising content. Thus, advertisers are responsible for ensuring that native ads are identifiable as advertising (typically, through some sort of disclosure) before consumers arrive at the main advertising page. In addition, no matter how consumers arrive at advertising content, it must not mislead them about its commercial nature.
Continue Reading The FTC Clarifies Native Advertising Enforcement Guidance