When FTC Commissioner Terrell McSweeny says from the PPS-DC stage that she was “thrilled that the president issued an executive order geared toward increasing security around financial transactions,” you get the feel that maybe that’s not hyperbole. When asked about the best part of her new job (after nine months of waiting, her confirmation went through in April), she replies, “well, the best thing is protecting consumers. That’s an easy one.”
Poised and direct, but with a sense of humor, McSweeny made it clear in her one-on-one with Wilson Sonsini Goodrich & Rosati Partner Lydia Parnes that she is not only deeply interested in the pressing privacy and data security issues of the day, but she has a personal investment in seeing that organizations are clear and transparent with consumers.
For example, COPPA: “I care about this issue because I’m a parent; my kids are relatively young but relatively tech-savvy. And I have lots of peers who are parents, too … Kids are making choices and they’re making them as children. They don’t understand what they’re consenting to, and parents need help trying to protect them … Parents should have some ability to understand what’s happening to their kids online and using connected devices; they should know where the information is going and should have some understanding of whether that information is going to permanently follow their child.”
If there was any question whether McSweeny was going to take COPPA compliance seriously, let that be put to rest.
However, she is also clearly invested in educating herself about the current technological environment and open to dialogue. Enforcement, if she has her way, will only come into play when companies are opaque and stepping outside of their responsibilities to keep consumers informed.
“Data is a terrific tool to use in an educational environment,” she said, pointing to recently heightened privacy concerns around student data for an example, “and I don’t want to chill that environment. But we have to answer the parents’ legitimate questions.”
So, where does enforcement come into play? She acknowledged it’s both a complicated and important question, but McSweeny said the sensitivity of the information that has been made vulnerable is paramount, whether the information is likely to lead to financial harm or another form of harm that’s “equally significant.”
For example, the FTC’s settlement with seven rent-to-own companies involving live remote views into people’s homes: “That intrusion into your home is a significant invasion,” she said, regardless of whether there was some kind of financial harm or not. “That’s the kind of thing I consider very seriously when we’re looking at a set of facts.”
Also, there is the matter of deception: “How deceived might people have been by a statement? The Snapchat case would be a good example of that,” McSweeny offered. “If a central point of your product marketing is that it’s ephemeral and it disappears, and it does not, that’s a significant deception of consumers.”
McSweeny encouraged a continuing dialogue with the FTC, saying she’s more than open to discussions of what new products might do and what red flags they might raise and how a company is actively mitigating those concerns in the product development process. Further, if the FTC does come calling, don’t respond just with lawyers and executives.
“One recommendation I always have is to please bring somebody who understands how everything works in the business that we’re talking about,” she said. “Bringing someone with the technical and business expertise who can explain it is incredibly useful and shouldn’t be overlooked.”
For instance, if it was a data security issue that brought the FTC to your door, make sure people who are intimate with the data security plan are in the room. Data security is at the top of McSweeny’s priority list, and she tabbed it as “the most important topic” for the FTC in 2015.
“Consumers have adjusted to a connected lifestyle,” she said, “and we shouldn’t curtail those benefits. They’re making decisions about where to share their information in ways that are returning fabulous services, but I think that people lose confidence in some of that the more they feel that the information isn’t securely held.
“When (the FTC) got into the privacy business about 20 years ago, it was because we were looking to help consumers feel confident in using this World Wide Web to buy stuff. This was originally a consumer confidence idea, and it continues to be a consumer confidence idea.”
If you want to comment on this post, you need to login.