Pursuing a harms-based approach to privacy and antitrust regulation

Federal Trade Chairman Joseph Simons, (L), Federal Trade Commissioners (2nd L-R), Rohit Chopra, Noah Phillips, Rebecca Slaughter and Christine Wilson testify on the "Oversight of the Federal Trade Commission" before the U.S. Senate Consumer Protection, Product Safety, Insurance and Data Security Subcommittee in the Russell Senate Office Building in Washington, U.S., November 27, 2018. REUTERS/ Leah Millis - RC1654D52A80

With the growing concern over consumer privacy and antitrust issues in the technology industry, there have been calls for Congress and regulatory agencies like the Federal Trade Commission to respond. To explore these issues, the Center for Technology Innovation hosted FTC Commissioner Noah Joshua Phillips in a conversation with Brookings Fellow Nicol Turner-Lee on March 14. The two discussed topics ranging from regulating consumer privacy to the Commission’s role in addressing different aspects of the tech industry.

The Need for Federal Privacy Legislation

The increasing number of data breaches and the effects of last year’s Cambridge Analytica data mining scandal have fueled concerns over how technology companies handle the personal information of their users. One potential response would be federal privacy legislation that safeguards personal data in an increasingly vulnerable online economy. During the discussion, Commissioner Phillips stated that Congress was better positioned than the FTC to implement sweeping federal privacy regulation because Congress could enact an enduring policy regime.

For the content of privacy legislation, Commissioner Phillips pointed to a harms-based approach for handling privacy concerns and addressing protection of personal data. The task of Congress should define the problems associated with consumer data privacy and determine what harms, such as data breaches or lack of transparency, should be addressed within the final legislation. Exploring the framework for privacy legislation is critical as technology continues to evolve.

Commissioner Phillips also spoke to the urgency of such a legislative directive, suggesting that Congress may want to pass legislation before state laws like the California data privacy act goes into effect in January 2020. While both the California law and the EU’s General Data Protection Regulation provide some examples for Congress, the effects of these policies are not yet fully known. A multiplicity of state laws could lead to high compliance costs, which could disproportionately harm small businesses. Commissioner Phillips instead recommended a comprehensive framework at the federal level to limit the complexity of legislation.

Antitrust concerns

When asked about regulating competition in the technology industry, the Commissioner suggested that a similar harm-based approach could be applied to antitrust as well as privacy regulation. However, the Commissioner did not support the inclusion of privacy as a criterion for addressing antitrust concerns, asserting that Congress must treat privacy as a distinct issue.

Online data privacy, algorithmic bias, the proliferation of robocalls, and non-compete agreements were other issues brought up as part of the discussion. Regarding algorithmic bias in cases like consumer loan product offers, the FTC already has authority to regulate under the Fair Credit Reporting Act (FCRA). The Commissioner also pointed to the agency’s efforts to minimize robocalls by encouraging the development of applications that help consumers block unwanted calls.

As an official newly appointed by the Trump administration, the Commissioner views his legacy as being one which will be evolving and ongoing. The dialogue and debate over online data privacy will continue among Congress, government agencies, industry, and civil society. As suggested in this conversation, the FTC will play a role in developing policy solutions that address the harms presented by new and emerging technologies.

Shezaz Hannan contributed to this blog post