By Tim Sparapani:
Late last year in Washington something of consequence happened: Two federal agencies decided to jointly regulate consumer privacy issues. And just this week, dozens of consumer and privacy advocates are pushing one of those agencies – the Federal Communications Commission – to vigorously enforce consumer privacy rights.
Given the turf-conscious nature of Washington, the success of last year’s unusual agreement is deserving of critical review. There are high stakes for American consumers who expect privacy violations to be policed properly. For businesses in the converging communications, Internet, and app spaces that rely on their ability to use customer data, doubling the number of privacy cops could create significant headaches.
Traditionally, the Federal Trade Commission (FTC) has been the lead agency for consumer privacy issues. The U.S. has a handful of consumer privacy laws that are sector- or industry-specific. For example, there are statutes on the books that provide authority to regulate the data of health care patients, students and minors. For nearly everything else the FTC has a sort of catch-all consumer privacy enforcement authority not authorized by statute but built up principally over the last 25 years through a series of policy pronouncements and enforcement actions against companies. The FTC uses its core power to police unfair or deceptive trade practices when companies do not live up to their own statements concerning, and promises regarding, their collection, sharing, usage and protection of their customers’ personally identifiable information. Unless a separate privacy statute grants regulatory authority to a different federal agency, the FTC has assumed it is the privacy cop on the beat.