Back to General Resources

House Energy and Commerce Consumer Protection Subcommittee Hearing on FTC Oversight

House Energy and Commerce Consumer Protection Subcommittee

“Oversight of the Federal Trade Commission: Strengthening Protections for Americans’ Privacy and Data Security.”

Wednesday, May 8, 2019

Key Topics & Takeaways

  • FTC Rulemaking Authority: Simons said he recommends providing the FTC with “targeted” rulemaking authority to prevent a broad scope that could lead to politicization of the agency, as well as provide state Attorney General (AG) authority. Chopra said legislation should provide bright line standards for easy and affirmative enforcement. Simons said the Federal Trade Commission Act sections 5 and 13(b), which grant FTC authority to protect against fraud, make injunctions, and seek court guidance for levying civil penalties, have not been reformed in years. Wilson said limitation under 13(b) prevents the FTC from deterring specific practices for companies who are not currently or imminent in conducting risky practices.
  • FTC Fining Authority: Chopra said fining authority would help deter violations of the law, but would have to be coupled with holding individuals accountable for choosing profit over protections. Slaughter said the FTC currently has to seek fining authority through the courts, and having the independent ability would be beneficial. Phillips mentioned the disgorgement process and said the FTC has to consider whether to pursue disgorgement, then consider a reasonable basis to calculate what was made through the process versus what would have been made otherwise, and then find ways to remediate the process.
  • FTC Standards and Programs: Simons stated the FTC has a history of engaging in self-critical self-examinations and is seeing an increase in provisions to “beef up” assessment provisions. Chopra said additional resources and authority will help, but bright line rules that provide clear guidance and have accountability and penalties will help the commission. Wilson said the FTC has a history of engaging in competition and consumer protection research and development.

Witnesses

Opening Statements

Chairwoman Janice Schakowsky (D-Ill.), Consumer Protection Subcommittee 

In her opening statement, Schakowsky said the committee would focus on the Federal Trade Commission’s (FTC) role in protecting Americans’ data privacy and security as Congress works on comprehensive privacy legislation. She referenced the Facebook Cambridge Analytica scandal, saying the reality is that large fines do not solve data protection issues for consumers. Schakowsky said the FTC needs increased funding, Administrative Procedures Act (APA) rulemaking authority, and the ability to conduct multiple investigations for violators of data privacy standards. She said the FTC does not have the authority to administer civil penalties for violations of unfair and deceptive practices. Schakowsky also discussed that the FTC is understaffed, comparing its 40 full time employees to the United Kingdoms’ data information system’s 500+ staff. She noted the lack of an appointed Chief Technologist and general scarcity of technologists employed at the FTC.

Ranking Member Cathy McMorris Rodgers (R-Wash.), Consumer Protection Subcommittee 

In her opening statement, Rodgers said the FTC serves as the “top cop on the beat” to deter bad actors who continue to attempt to destroy consumer trust, while the FTC continues to incentivize innovation and protect consumer privacy. She said consumers deserve to know how their information is being collected, how it is being used, and who it is being shared with, without surprises or inconsistencies. Rodgers stated that a privacy framework should not be a patchwork of legislation that leaves consumers vulnerable, should increase transparency and target harmful practices, improve data security practices, and be workable for small business and innovation. She said she believes these align with the mission of the FTC, and would further advocate to provide the FTC with additional resources. However, Rodgers said she is skeptical of providing the FTC with broad rulemaking authority, as the agency has broad jurisdiction of various industries. She suggested if the FTC is given rulemaking authority, Congress should have major oversight over their rulemaking process.

Rep. Frank Pallone (D-N.J.), Committee Chairman

In his opening statement, Pallone said the FTC plays a critical role in protecting Americans, saying it is a small agency with a vast mission. He mentioned the FTC is working to deter a variety of unfair practices, false advertising, predatory practices and fraud, suggesting the FTC needs more support and authority to prevent scams and enforce the law. Pallone said the FTC is the primary enforcer for data privacy and security in the U.S., and with increasing breach of trust of personal information, should be doing more to protect consumers. He said that in order to do so, Congress should provide the FTC with resources for investing in hiring more employees and provide the FTC with rulemaking authority. Pallone stated there are no clear and strong federal privacy laws that provide consumers protections and suggested passing comprehensive legislation that provides consumers the right to access, erase, and delete their data.

Rep. Ben Ray Lujan (D-N.M.)

In his opening statement, Lujan said that millions of people have been impacted by data breaches and scandals, including those of Marriot, Equifax and Cambridge Analytica, leaving consumers vulnerable and breaching their trust. He said it has been roughly 21 years since privacy legislation has been passed, dating back to the Child Online Protection Act (COPPA), before the expansion of the internet and social media. Lujan said Congress must act to pass a comprehensive data privacy and security legislation in order to protect consumers.

Rep. Greg Walden (R-Ore.), Committee Ranking Member

In his opening statement, Walden said the FTC is tasked with broad and important responsibilities and jurisdictions that spread out over every almost aspect of the U.S., with increasing concern over data protection. Walden said privacy does not mean the same thing for everyone, and recommended working towards a bipartisan federal data privacy and security bill, including a provision for preemption, to protect consumer security, improve transparency and accountability, while protecting small businesses.

Testimony

The Honorable Joseph J. Simons, Chairman, Federal Trade Commission

In his testimony, Simons said the FTC works to protect consumers and maintain competition in the economy, with a vigorous enforcement program to combat anti-competitiveness and harmful practices, noting that the FTC has filed various lawsuits for violators of consumer protection standards. Simons said the FTC prioritizes privacy protections, and with the growth of technology, its jurisdiction mostly falls under Section 5 of the Federal Trade Commission Act to prohibit deceptive practices. He said the FTC cannot levy civil penalties and reach non-profits and common carriers who violate the law. Simons suggested that Congress pass legislation that grants the FTC rulemaking and civil penalty authority and jurisdiction over non-profits and common carriers. He also noted that the FTC requires significant additional resources for enforcement purposes, which includes staff and promoting consumer protection and market competition.

The Honorable Noah Joshua Phillips, Commissioner, Federal Trade Commission

In his testimony, Phillips highlighted the FTC’s focus on consumer protections with respect to healthcare. He said the FTC has focused on this “essential” market for decades, and looks to prevent anti-competitive and pay for delay practices in the industry. Phillips said the FTC’s goal is to stop deceptive practices while protecting Americans’ health and wallets.

The Honorable Rohit Chopra, Commissioner, Federal Trade Commission

In his testimony, Chopra said the FTC polices against the misuse of data and highlighted concerns about terms of service agreements. He said their legal jargon and length cause consumers to become “numb” to giving away their rights and property to companies. Chopra said these terms of service agreements, which are not fairly negotiated, can lead to language for granting content unknowingly to companies, leaving the consumer vulnerable to exploitation. Chopra recommended that Congress look to prevent such exploitation in two areas: 1) for circumstances in which these contracts give one side more leverage; and 2) to look and scrutinize terms that impede fair competition.

The Honorable Rebecca Kelly Slaughter, Commissioner, Federal Trade Commission

In her testimony, Slaughter called for comprehensive federal privacy legislation with civil penalty authority, rulemaking authority, and jurisdiction over non-profits and common carriers. She said the FTC has limited authority in these areas and works to use them responsibly, such as through formal notice and comment and updating FTC rules to keep pace with the market. Slaughter suggested that privacy standards must be based on notice and consent practices that provide meaningful choice and clarity for consumers, without putting all the burden on consumers. Slaughter also mentioned the need for increased FTC resources for increasing staff and made note of the FTC’s five-to-one rate of return on investment of tax dollars.

The Honorable Christine S. Wilson, Commissioner, Federal Trade Commission

In her testimony, Wilson recommended the enactment of privacy legislation and clarification of FTC authority under Section 13(b) of the Federal Trade Commission Act. She agreed with Simons’ remarks, and further suggested the inclusion of a preemption provision to provide consistency and clarity to consumers. Wilson said legislation is necessary for addressing emerging gaps in the technology sector, and should be based on the sensitivity of data while maintaining competition and fostering innovation. She mentioned that the European Union (EU) General Data Protection Regulation (GDPR) may have led to unintended consequences such as decreased investment in startups and small business due to compliance costs and barriers to entry.

Question & Answer

FTC Rulemaking Authority

Reps. Earl Carter (R-Ga.), Jerry McNerney (D-Calif.), Walden, Rodgers, and Pallone asked about FTC rulemaking authority. Simons said he recommends providing the FTC with “targeted” rulemaking authority to prevent a broad scope that could lead to politicization of the agency, as well as provide state Attorney General (AG) authority. Chopra said legislation should provide bright line standards for easy and affirmative enforcement.

Reps. Tony Cardenas (D-Calif.) and Carter asked about current FTC penalty and oversight authority. Simons said the Federal Trade Commission Act sections 5 and 13(b), which grant FTC authority to protect against fraud, make injunctions, and seek court guidance for levying civil penalties, have not been reformed in years. Wilson said limitation under 13(b) prevents the FTC from deterring specific practices for companies who are not currently or imminent in conducting risky practices.

FTC Fining Authority

Reps. Kathy Castor (D-Fla.), Greg Gianforte (R-Mont.), Darren Soto (D-Fla.), McNerney and Carter asked about FTC fining authority. Chopra said fining authority would help deter violations of the law, but would have to be coupled with holding individuals accountable for choosing profit over protections. Slaughter said the FTC currently has to seek fining authority through the courts, and having the independent ability would be beneficial. Phillips mentioned the disgorgement process and said the FTC has to consider whether to pursue disgorgement, then consider a reasonable basis to calculate what was made through the process versus what would have been made otherwise, and then find ways to remediate the process.

Preemption

Walden asked about federal preemption. Simons suggested including substantial language for preemption and provide state AG authority. Slaughter added for flexibility in the language for states. Phillips said preemption gives businesses and customers clarity, while keeping in mind provisions for international operability, competition and compliance costs. Chopra cautioned against unintended consequences being created from federal preemption.

GDPR

Rep. Brett Guthrie (R-Ky.) asked if there are any concerns to consider about the GDPR. Simons said there is a high level of friction that is unfavorable to small business. Chopra said the EU is seeing a slowdown in small and new business formation, and that the principles-based approach creates some uncertainty. He suggested creating bright line rules to make compliance easy.

Senior Scams

Reps. Tim Walberg (R-Mich.), Lisa Blunt Rochester (D-Del.), and Pallone asked about FTC action to combat scams targeting seniors. Simons said there is no single fix to these scams, and a multi prong approach must be taken through enforcement and fining by the FTC. He also said this is an issue that is a priority for the FTC, and they need to provide guidance, implement resources, and remain proactive on combating new scam techniques. Chopra also said there should be a focus on senior scam tactics online, along with robocalls.

Disclosure Agreements

Rep. Robin Kelly (D-Ill.) asked about the requirement and use of disclosure agreements in privacy protection practices. Simons said to consider disclosure agreements in a privacy law, as the current practices and programs are imperfect and unclear.

FTC Standards and Programs

Schakowsky asked about the FTC ensuring companies comply with orders that require comprehensive programs to protect privacy and security and assessment requirements. Simons stated the FTC has a history of engaging in self-critical self-examinations and is seeing an increase in provisions to “beef up” assessment provisions. Chopra said additional resources and authority will help, but bright line rules that provide clear guidance and have accountability and penalties will help the commission.

Blunt Rochester asked if the government has the skills and training to stay ahead of future changes in privacy. Wilson said the FTC has a history of engaging in competition and consumer protection research and development.

Regulatory Sandboxes

Rep. Richard Hudson (R-N.C.) asked if Congress should consider regulatory sandboxes for privacy legislation, as well as about FTC jurisdiction on privacy. Simons said regulatory sandboxes are where small businesses could start, without having to comply with new legislation until they reach a certain size. He said sandboxes reduce the cost of getting into business, but that if privacy legislation is meant to protect all people, then small businesses collecting sensitive data are not protected. Phillips said they are worthy of consideration, but there is a need to understand the different perspectives of international uses of sandboxes. He said there is an opportunity to test where pro-competitive impacts are presented, as the benefit comes from the structure of these sandboxes.

For more information on this hearing, please click here.