FTC Members Unanimously Press Congress for Tough National Privacy Protections

ederal Trade Commission Chairman Joseph Simons, left, testifies during a House Energy and Commerce subcommittee hearing on Capitol Hill in Washington, Wednesday, May 8, 2019, regarding consumer protection on data privacy. Simons is joined at the witness table by, from left, FTC Commissioners Christine Wilson, Rebecca Kelly Slaughter, Noah Joshua Phillips and Rohit Chopra.
ederal Trade Commission Chairman Joseph Simons, left, testifies during a House Energy and Commerce subcommittee hearing on Capitol Hill in Washington, Wednesday, May 8, 2019, regarding consumer protection on data privacy. Simons is joined at the witness table by, from left, FTC Commissioners Christine Wilson, Rebecca Kelly Slaughter, Noah Joshua Phillips and Rohit Chopra.
Photo: Susan Walsh / AP

All five members of the Federal Trade Commission appeared Wednesday before the House Communications and Technology Subcommittee. One or two would have probably done the job. When it comes to consumer privacy—the hearing’s dominant focus—the commissioners’ opinions, however uniquely expressed, rarely diverge when it matters the most.


On the issue of a tough new privacy law to control how major tech companies handle the voluminous data collected on Americans each year, all five unanimously agree: such a law is desperately needed. In fact, no hearing’s attendees on either side of the room bothered to play at devil’s advocate. That exercise would have been entirely fruitless.

In a political climate that demonstrably prefers, if not rewards, the scoring of cheap political points over any substantive policy debate, watching policymakers of rival parties firmly agree on something as vital as the future of privacy is plumb refreshing. It feels a little like being wafted by a misting fan after overexposure to a hot summer’s sun.

When it came to typically hot-button questions like, “Do you all support a federal preemption of existing state laws?” the only reservation, from Republicans and Democrats alike, hovered around a fear that a national privacy law would end up being somehow lesser than the state laws it would, hypothetically, supersede.

“I’m trying to figure out how it works if we don’t do a nationwide law,” Greg Walden, the ranking Republican on the House Energy and Commerce Committee, pondered aloud at one point. The internet doesn’t care much for state lines, he conceded. In a way, it’s entire purpose is to obsolete the modes of commerce and communication traditionally hindered by such political demarcation.

“Who knew?” he then joked.

“If the legislation is substantial enough, then I think it makes sense to preempt,” said FTC Chairman Joseph Simons. With some caveats, his four fellow commissioners all agreed. “Consumers are looking for a seamless experience,” said Christine Wilson, a Republican—who went on to describe how, in one case, two state laws determining whether users need to “opt-in” or “opt-out” were conflicting, leaving businesses in something of a catch-22 scenario. They “literally cannot comply with both of those state laws,” she said.


Likewise concerned that a national law could lower privacy standards in some states, Rebecca Slaughter, a Democrat, smartly suggested that the question should hinge entirely on whether such a law can be passed that, in quality, exceeds, or is at least meets, the sensible state laws already in the books. Noah Phillips, a Republican commissioner, concurred, stressing that the need to supplant a messy patchwork of state laws is “essential.”

Mostly in agreement, Democrat Rohit Chopra, meanwhile, recalled that during the subprime mortgage crisis, the government’s broad preemption of state laws designed to safeguard borrowers only served to imperil them further. When one wonders why Congress hasn’t already slapped something together, this is one reason that—despite the deluge of transgressions committed by companies like Facebook on a continual basis—a hastily prepared law isn’t the answer. It could, in fact, do more harm than good.


Collectively, the commissioners are seeking to enhance their authority to pursue privacy violators at big companies and nonprofits alike; grow its budget for the hiring of new staff and technologies devoted largely to the issues of consumer privacy; as well as make its rulemaking requirements less stringent so it can, in effect, actually enforce whatever new law Congress spits out.

The FTC is run by a crowd with a healthy fear of wielding a large weapon. Whereas now the agency is trying to excise cancerous scammers and recidivist privacy violators with a pair of salad tongs and a baseball mitt, what it really needs is a proper scalpel. Like oh so many small-town police departments flooded with surplus military armaments, what it has absolutely no use for is a tank. History knows better.


“There was a time when the FTC was given broad rulemaking authority, but stepped past bounds of what Congress and the public supported,” said Walden, referring to laws passed some 40 years ago that, justifiably or not, markedly diminished the agency’s power. “Do you have any concerns with Congress delegating broad rulemaking authority to the FTC?” he asked.

“I have substantial concerns,” the chairman replied, soberly. “And please do not do it.”


Commissioner Wilson raised the example of a new impediment, the result of a Third Circuit court ruling enabling the agency to go after, say, a business engaged in fraud—but only if it can prove that the illicit activity is ongoing or imminent. “Say a fraudster stops defrauding people or an advertiser suspends its dubious advertising claims,” she said; under the court-imposed standard, “we’re unable to go after that conduct.”

“We believe this flies against a long line of cases saying otherwise, but we would appreciate clarification from Congress,” Wilson said.


Repeatedly, Simons raised the matter of his agency’s limited funding. In comparison to some agencies, such as the Justice Department, whose budget ranges in the dozens of billions of dollars each year, the FTC operates on a relatively small purse. Its FY 2020 budget request was for only $312 million. (By some estimates, that’s how much Amazon CEO Jeff Bezos, history’s richest man, makes every few days.)

Without more resources, Simons said at one point, the FTC would be forced to abandon other avenues of enforcement, such as pursuing scammers that rip off senior citizens, if it were to be forced to shift its attention to focus greater on consumer privacy. “Our authority is limited,” he said. “If we get more authority, we’ll need more resources.”


In regard to a new law, what the FTC doesn’t want to be stuck with is making decisions about what “privacy” really is, what it really means to Americans when you weigh their interests collectively. As was said hypothetically at one point, two consumers served personalized ads may react very differently; one may be creeped out, feeling as if their privacy is invaded, while the other believes the intuitive ads, promoting only what aligns with their interests, are wonderful and convenient. It should fall on the people’s representatives, therefore, to draw the lines; the FTC will merely color inside them.

“These privacy issues involve very serious and significant societal and culture value judgements,” Simons concluded. “Those should be made to the greatest extent by elected officials, not people who are unelected.”


Senior Reporter, Privacy & Security


One of the few things everyone can agree on: nobody wants their dirty laundry aired.  The fact that the FTC is incredibly underfunded is also pretty undeniable: their total budget is a mere $306 million.