Advertising & Marketing

FTC Announces Broad COPPA Review for Children’s Online Privacy

by on March 24, 2010 · 8 comments

The Federal Trade Commission (FTC) today announced the release of an 18-page Request for Public Comment (embedded below) on its implementation of the Children’s Online Privacy Protection Act or 1998 (COPPA), which governs online sharing by, and collection of information from, children under age 13. The FTC had previously announced that it would accelerate the review, which had been planned for 2015, particularly because of concerns about the mobile marketplace, as noted in the FTC’s report on that topic released in February.

COPPA has undoubtedly succeeded in its primary goal of enhancing parental involvement in their child’s online activities in order to protect the privacy and safety of children online.  Yet these benefits have come at a price, as COPPA’s considerable compliance costs (estimated at $45/child, which can be crushing in the era of “free”) have likely reduced the digital media choices available for children.  So I’m glad to see the Commission recognize these trade-offs by asking about the costs and benefits of COPPA and any proposed changes right off the bat (Questions 1-5). Such trade-offs are an inevitable part of life and policymakers can’t simply ignore them, even when it’s “for the children.”

The Potential for COPPA Expansion

I look forward to seeing comments on the important questions raised by the Commission about precisely how best to implement the framework enacted by Congress.  But I do worry that the Commission has explicitly invited proposals for legislative changes to the statute itself. In particular:

6. Do the definitions set forth in Part 312.2 of the Rule accomplish COPPA’s goal of protecting children’s online privacy and safety? …

28. Does the commenter propose any modifications to the Rule that may conflict with the statutory provisions of the COPPA Act? For any such proposed modification, does the commenter propose seeking legislative changes to the Act?

Note that question #6 does not include the critical limitation “consistent with the Act’s requirements,” which appears no less than 17 times in subsequent questions about specific aspects of the current rules. Whatever the FTC intended, this will omission, combined with question #28, will be taken as an open invitation by many to propose not just changes in how the COPPA rules are implemented, but wholesale revisions to the COPPA statute itself. Continue reading →

SHARE: 8 comments

Google v. Everyone

by on March 23, 2010 · 9 comments

I had a long interview this morning with the Christian Science Monitor. Like many of the interviews I’ve had this year, the subject was Google. At the increasingly congested intersection of technology and the law, Google seems to be involved in most of the accidents.

Just to name a few of the more recent pileups, consider the Google books deal, net neutrality and the National Broadband Plan, Viacom’s lawsuit against YouTube for copyright infringement, Google’s very public battle with the nation of China, today’s ruling from the European Court of Justice regarding trademarks, adwords, and counterfeit goods, the convictions of Google executives in Italy over a user-posted video, and the reaction of privacy advocates to the less-than-immaculate conception of Buzz.

In some ways, it should come as no surprise to Google’s legal counsel that the company is involved in increasingly serious matters of regulation and litigation. After all, Google’s corporate goal is the collection, analysis, and distribution of as much of the world’s information as possible, or, as the company puts it,” to organize the world’s information and make it universally accessible and useful.” That’s a goal it has been wildly successful at in its brief history, whether you measure success by use (91 million searches a day) or market capitalization ($174 billion).

As the world’s economy moves from one based on physical goods to one driven by information flow, the mismatch between industrial law and information behavior has become acute, and Google finds itself a frequent proxy in the conflicts.

Continue reading →

SHARE: 9 comments

FTC Chairman Leibowitz: Just Trust Us, We Won’t Abuse Vast New Powers!

by on March 21, 2010 · 8 comments

That’s basically what FTC Chairman Jon Leibowitz told the Association of National Advertisers when he spoke to their “Advertising Law & Public Policy” conference last Thursday. As I noted last week, there’s intense pressure in Congress to pass a financial regulatory overhaul and, unfortunately, the version passed by the House in December—Rep. Barney Frank’s “Wall Street Reform and Consumer Protection Act of 2009” (H.R. 4173)—would also grant the Federal Trade Commission vast new powers for all its regulations, not just those relating to the non-bank financial institutions it currently regulates. In particular, HR 4173 would:

  • Make it far easier (and not just faster) for the FTC to issue all kinds of new regulations on its own, without a specific Congressional mandate to do so and instead of relying on case-by-case enforcement to punish “unfair” or “deceptive” acts and practices;
  • Reduce public input into those regulations;
  • Impose heavy civil penalties on companies before notifying them that a practice might be “unfair” or “deceptive”;
  • Prosecute those who merely provided “substantial assistance” to someone engaged in “unfair” or “deceptive” acts or practices; and
  • Sue on its own authority, instead of through DOJ (as now).

I summarized my concerns about this bill in this short interview with PFF’s new communications director, Mike Wendy, last week:
[display_podcast]

Leibowitz has lobbied hard to have his agency put on steroids (as former FTC Chairman Jim Miller put it), asking for all these things, as well as more funding, at the first Senate hearing on Hr 4173 back in February. (Conveniently, he was the only witness!) He repeated his calls for these powers on Thursday but tried to allay fears about how they’d be used. Continue reading →

SHARE: 8 comments

How Financial Overhaul Could Put the FTC on Steroids & Transform Internet Regulation Overnight

by on March 17, 2010 · 23 comments

Progress Snapshot 6.7, The Progress & Freedom Foundation (PDF)

This week marks a pivotal point in the history of the Internet.  Monday was the 25th anniversary of the first .COM registration—and in some ways, the beginning of the commercial Internet.  Yesterday, the Federal Communications Commission unveiled its long-awaited National Broadband Plan, which proposes ambitious subsidies to encourage broadband deployment.  On the theory that unease about online privacy may discourage broadband adoption, the Plan also calls for increased regulation of how websites collect, and use, data from consumers.

The debate over how to regulate online data use has gone on for over a decade, leading to today’s final “Roundtable” in the “Exploring Privacy” series held by the Federal Trade Commission over the last three months.  The stakes in this debate are high: Data is the lifeblood of online content and services, and consumers will ultimately bear the cost of restrictions on data use in the form of reduced advertising funding for, and innovation in, online content and services.

That’s why this week’s most important technology policy event may ultimately prove to be today’s Senate Commerce Committee hearing on Rep. Barney Frank’s “Wall Street Reform and Consumer Protection Act of 2009” (H.R. 4173), which narrowly passed the House in December without a single hearing and no real debate.  Although the sprawling (273,579 word) bill is mostly famous for creating a Consumer Financial Protection Agency, it would also, in just 613 words, “put the FTC on steroids,” in the words of Jim Miller, FTC Chairman from 1981 to 1985.  With vastly expanded powers, the FTC could impose sweeping new regulation touching virtually every sector of our economy.

The current FTC chairman, Jon Leibowitz, has made clear his determination to step up regulation of online data use, advertising, “blogola,” and child protection, just to name a few of the hot topics in Internet policy.  While the FTC will no doubt continue to push for increased statutory authority, such as the online privacy bill reportedly being drafted by House Commerce Internet Subcommittee Chairman Rick Boucher (mandating opt-in for data collection), Chairman Leibowitz may be able to implement most of his radical Internet regulatory agenda using the new powers conferred on his agency in a bill (H.R, 4173) few realize has anything to do with Internet policy. Continue reading →

SHARE: 23 comments

Livetweeting Final FTC Privacy Roundtable Today

by on March 17, 2010 · 2 comments

I’m livetweeting today’s final FTC Privacy Roundtable (check out the #FTCPriv hashtag on Twitter). Check out the day’s agenda or watch the webcast here. Adam Thierer and I expressed our concerns about the rush to regulation at the First Roundtable back in December—see my written comments and Adam’s summary of his remarks. David Vladeck, Director of the Bureau of Consumer Protection offered the following summary of the Roundtable process at the kick-off this morning:

  1. Benefits & risks of technology. “March of technology has blurred and threatens to obliterate the distinction between PII [personally identifiable information) and non-PII…. It’s getting harder and harder for users to choose anonymity.”
  2. Privacy challenges raised by emerging business models. What do consumers know? Consumers are often presented with confusing and unfamiliar situations. Consumers understand little about how their information is handled.
  3. Innovation in disclosure. Industry is testing privacy icons.
  4. Privacy policies are too vague, too long, too complicated and too hard to find. We need effective ways to disclose what information is being collected and to give consumers a meaningful way to control its use. There’s no way to put the genie back in the bottle once information has been shared.

On the critical question of next steps, Vladeck claims the agency isn’t certain where it will go and plans to “sit back” and think about the detailed record before making public a set of detailed recommendations on which the public will be invited to provide input. I’d like to believe him and I hope the agency really does think long and hard about the evidence provided in this process as to the trade-offs inherent in increased regulation, the complexity of this space, and the need for a cautious approach when it comes to tinkering with the data flows that are the lifeblood, both technological and financial, of the Internet. But based on their recent public statements, I fear that Vladeck and FTC Chairman Jon Liebowitz have already made up their minds about the need for regulation, and that this process is really just paving the way for a report this summer that will call for sweeping new legislation—just as the FTC did back in its 2000 Report to Congress. Continue reading →

SHARE: 2 comments

National Broadband Plan on Privacy Regulation: Another FCC Power-Grab?

by on March 16, 2010 · 4 comments

I’ve just read through the National Broadband Plan‘s (NBP) section on online privacy (pp. 52-57). I share the FCC’s goal of increasing consumer control over their digital profiles, and applaud the FCC’s call for promoting the development of trusted identity providers and for increased education about identity theft.  But I’m disappointed to see that the FCC is focused on regulatory solutions instead of less restrictive alternatives like consumer education, technological empowerment, increased enforcement of existing laws, or limiting government access to data collected by the private sector.

Given the nature of bureaucracies and the FCC’s sweeping assertions of its own authority in recent years, I suppose we shouldn’t be surprised that the FCC’s primary suggestion is that it should be given a key role in crafting privacy regulations for online services.  But the FCC clearly lacks any statutory authority over the “computing cloud” and Congress has not asked the agency for suggestions on expanding its jurisdiction.

The FCC deserves credit for recognizing something I’ve stressed: the manifold benefits of online data collection and use, especially that targeted advertising can significantly increase funding for “free” ad-supported content and services:

These data are giving rise to something akin to a “digital identity,” which is a major source of potential innovation and opens up many possibilities for better customization of services and increased opportunities for monetization. The value of a targeted advertisement based on personal data can be several times higher than the value of an advertisement aimed at a broad audience. For example, the going rate for some targeted advertising products can be several times the rate for a generic one because consumers can be six times more likely to “click through” a targeted banner advertisement than a non-targeted one. This differential will likely increase as targeting becomes more refined and more capable of predicting preferences, intentions and behaviors.

Firms’ ability to collect, aggregate, analyze and monetize personal data has already spurred new business models, products and services, and many of these have benefited consumers. For example, many online content providers monetize their audience through targeted advertising. Whole new categories of Internet applications and services, including search, social networks, blogs and user-generated content sites, have emerged and continue to operate in part because of the potential value of targeted online advertising.

Unfortunately, the FCC doesn’t acknowledge that these benefits are a critical part of the trade-off inherent in increased regulation of how online service providers collect and use data. Continue reading →

SHARE: 4 comments

A Busy Week for Tech Policy: Broadband Plan, Privacy Regulation, .COM Anniversary & FTC Authority

by on March 15, 2010 · 5 comments

This will be a busy week for tech policy in Washington! First, tomorrow the FCC is expected to release the National Broadband Plan that it’s been working on since Congress passed the “Recovery Act” passed in January 2009, tasking the FCC with formulating “a detailed strategy for achieving affordability of such service and maximum utilization of broadband infrastructure and service by the public.” Under Chairman Julius Genachowski, the FCC has issued a flurry of inquiries about extending FCC regulation to various aspects of the Internet, as we’ve lamented. Perhaps most troubling is the agency’s open-ended inquiry about regulating the use and collection of data by the private sector on the grounds that concerns about online privacy might slow broadband adoption. For the reasons I laid out in my comments on that inquiry, I very much hope the FCC does not attempt to shoe-horn this regulatory agenda into the Broadband plan. Unfortunately, the just-released executive summary suggests (mid-way down column 1 on page 2) the FCC may take a hard line on this issue.

At the same time that the FCC will be launching its “Five Ten Year Plan” for our infrastructure tomorrow, Verisign will be celebrating the 25th anniversary of the first .COM registration with a Policy Impact Forum in the Reagan Center. The all-start cast includes President Clinton, former FCC Commissioner Reed Hunt, ICANN President Rod Beckstrom, All Things Digital editor Kara Swisher, U.S. CTO Aneesh Chopra, Huffington Post founder Arianna Huffington and… my personal favorite, comedian Mo Rocca! They’ll all come together to celebrate how the private sector—symbolized by .COM—has transformed the Internet from a defense research project to a vibrant marketplace of ideas, goods, services, ads and personal sharing. Talk about Internet optimism!

On Wednesday, the Federal Trade Commission will hold its third and final Exploring Privacy Roundtable. Adam Thierer spoke at the first Roundtable on privacy polls and surveys, something I’ve written a lot about. I talked about the benefits of online advertising, as summarized in my comments to the FTC. We remain concerned that, for all the talk about improving self-regulation, this process is going to lead to increased regulation of data use and collection without first looking to the kinds of “less restrictive” we’ve been emphasizing to address real, non-conjectural harms: user education, user empowerment, increased enforcement, technological innovation at all levels, and enhanced protection from the clearest harm of all, government snooping.

Also on Wednesday (at 3pm), the Senate Commerce Committee will hold a hearing (in SR-253) on “Financial Services and Products:  The Role of the Federal Trade Commission in Protecting Consumers, Part 2.” What’s at stake in this hearing is far more than financial regulation, but how pending legislation already passed by the House—originally the Consumer Financial Protection Act (CFPA), which was reborn as the “Wall Street Reform and Consumer Protection Act of 2009” (HR 4173)—would, if enacted, expand the FTC’s powers to regulate vast swathes of our economy. Continue reading →

SHARE: 5 comments

A Rap Tribute to Entrepreneurship, Innovation, Web Start-ups & Advertising

by on March 13, 2010 · 0 comments

In January, we had the “Fear the Boom & Bust” rap video that pitted John Maynard Keynes v. Friedrich Hayek rapping about their respective approaches to monetary and fiscal policy, and theories of the business cycle. Now Pantless Knights (a web comic team) offers a terrific spoof of the Jay-Z/Alicia Keys video “Empire State” of mind rap video—instead of “New York,” the video celebrates the “New Dork” and the “Entrepreneur State of Mind.”

PantlessKnights describes the video as a “tribute to our favorite entrepreneurs (who are all ‘new dorks’).” The lyrics offer a short introduction to start-up capitalism:

Now I’m in the blogosphere, Now I’m in the twitterverse
Fans get so immersed, But I’m a nerd forever
I’m the new Zuckerberg, And since my website
I been cookin’ dough like a chef servin’ killa-bytes
Used to be the basement, Back at my mom’s place
Buildin’ web traffic so that we could sell an ad space Continue reading →

SHARE: 0 comments

Rocky Mountain Low: Colorado’s New “Track & Tax” Law Invades Consumer Privacy

by on March 12, 2010 · 6 comments

He climbed cathedral mountains, he saw silver clouds below

He saw everything as far as you can see

And they say that he got crazy once and he tried to touch the sun

And he lost a friend but kept his memory

-John Denver, Rocky Mountain High

We know that states are increasingly looking to tax anything and everything, including on the Internet. As Declan McCullagh reported earlier this week, Colorado and “fifteen other states have considered or are considering enacting laws targeting Amazon and other e-commerce companies that typically do not charge sales tax for shipments sent outside their home state.” These nexus taxes are #2 on the NetChoice iAWFUL list of bad legislation.

But Colorado’s recent “track and tax” law marks the most privacy-egregious Internet-related tax law we’ve seen.

Here’s the rub:  The Colorado state tax department will now have a listing of all purchases its citizens make from out-of-state companies. Why? So it can enforce its tax on purchases by way of the use tax that each of us owes to our government when sales tax isn’t collected.

HB 1193 was enacted last month as part of a package of revenue raising legislation. It originally started as an advertising nexus bill, but turned into a reporting bill when a lot of in-state companies that rely on affiliate advertising revenue complained that they would be harmed. Now it is consumer privacy that is harmed.

HB 1193 forces out-of-state retailers to track and report the purchases of Coloradans: Continue reading →

SHARE: 6 comments

Should Court Reject Google Books Settlement On Privacy Grounds?

by on March 5, 2010 · 3 comments

A couple weeks ago the Google Books Settlement fairness hearing took place in New York City, where Judge Denny Chin heard dozens of oral arguments discussing the settlement’s implications for competition, copyright law, and privacy. The settlement raises a number of very challenging legal questions, and Judge Chin’s decision, expected to come down later this spring, is sure to be a page-turner no matter how he rules.

My work on the Google Books Settlement has focused on reader privacy concerns, which have been a major point of contention between Google and civil liberties groups like EFF, ACLU, and CDT. While I agree with these groups that existing legal protections for sensitive user information stored by cloud computing providers are inadequate, I do not believe that reader privacy should factor into the court’s decision on whether to approve or reject the settlement.

I elaborated on reader privacy in an amicus curiae brief I submitted to the court last September. I argued that because Google Books will likely earn a sizable portion of its revenues from advertising, placing strict limits on data collection (as EFF and others have advocated) would undercut Google’s incentive to scan books, ultimately hurting the very authors whom the settlement is supposed to benefit. While the settlement is not free from privacy risks, such concerns aren’t unique to Google Books nor are they any more serious than the risks surrounding popular Web services like Google search and Gmail. Comparing Google Book Search to brick-and-mortar libraries is inapt, and like all cloud computing providers, Google has a strong incentive to safeguard user data and use it only in ways that benefit users and advertisers.

Continue reading →

SHARE: 3 comments

← Previous Entries

Next Entries →