FTC Chairwoman Edith Ramirez Chats About Privacy, Security and Why She's at CES

 
Share on Facebook Tweet Share Share Reddit
FTC Chairwoman Edith Ramirez Chats About Privacy, Security and Why She's at CES
There were many high-profile names at the International Consumer Electronics Show (CES) this year - including Washington officials - to see what companies have on tap for the future.

One was Edith Ramirez, chairwoman of the Federal Trade Commission, the nation's most prominent consumer protection and privacy watchdog. As technology has grown more integrated into our lives, the agency has taken a bigger role in policing tech. It increasingly cracks down on companies that have deceptive or unfair online security and privacy practices.

Last year, the FTC settled with Wyndham Worldwide over charges that alleged the hotel chain failed to protect customer data in a series of breaches - a case that solidified its cyber-security oversight. More recently, it settled with the company behind the "brain training" brand Lumosity for misleading advertising for its games.

We caught up with Ramirez ahead of the annual tech show's official Wednesday launch to talk about her priorities headed into CES and her advice on how companies and consumers should think about privacy and security issues when it comes to tech. This conversation has been edited for length and clarity.

Q: What are the FTC's top reasons for coming to CES?
A: I think it's twofold. The first is that we're really interested in seeing how technology impacts consumers. Part of our mission is to protect consumers in the digital world as well as in the brick-and-mortar world, and by coming to CES we ensure that we can see what the next generation of products will be. It's important for us to stay on top of what companies are doing when it comes to technology and to evaluate what the implications are for consumers.

Another reason is that it gives us an opportunity to engage with companies directly, and talk about the issues that we see as being important - to highlight the importance of protecting consumer privacy, protecting information, data security. So it allows us to stay on top of emerging trends and also to convey our important messages to companies.

Q: So keeping the lines of communication open.
A: Absolutely.

Q: Certainly, sometimes innovation and regulation are seen as being at cross-purposes. For example, we hear all the time that, "Washington moves too slowly" or, "Silicon Valley moves too fast." How do you see that balance playing out?
A: I don't really see them as being at cross-purposes. The way that we approach things is that, number one, we want companies to bring out new, innovative products. We want consumers to benefit from that. We also want consumers and companies to be aware of the risks to consumer information - when we look at privacy and data security, for instance.

It's important for companies to know that, in order to be successful, we think consumers need to have confidence in the products they're purchasing. They're not going to purchase all of these new products if they're concerned about what's happening to their personal information. And certainly - based on all the information I've seen, including surveys about how much consumers care about privacy - this is an issue that's important to them. And if companies are going to be innovating successfully, I think they need to take these issues into account.

Q: And earlier in the process?
A: Without question. We're mainly a law enforcement agency and, so, in much of our enforcement work, the problem that we often see is that companies don't really think about these issues at the outset of their design process. Instead, they think about them when something goes wrong.

Clearly, that's not the way a company should approach these things. So we really do encourage companies to engage in what we call privacy by design and security by design. And what that means is they should be thinking about incorporating privacy-protective measures early on, from the very beginning, when designing a product. Therefore [privacy and security are] embedded in the product and doesn't become something they have to deal with afterward - after something has happened, and it's a problem.

Q: Enforcement is obviously a huge part of what you do, but so is education. What should consumers who may be wary about buying new gadgets know before they buy them?
A: Consumers really do care about these issues, but I think it's important for them to understand the implications for them. And I think they need to understand what data practices are. So they need to make sure that they know - when they're bringing a new ["Internet-of-things"] device into their home, putting it on their wrist, et cetera - they need to understand what information is being collected about them, how that information might be used and what security measures are in place to protect information that's used.

From a company standpoint, there are a few key messages I convey whenever I have the opportunity to talk to companies. They should think hard about what information they really need in order to provide the service that they're aiming to provide to consumers.

If you don't need to collect the information, don't collect it. You're better off not having information that you don't really need. You're minimizing your risk. That's number one.

Number two: Be transparent about what you're doing and provide choices for consumers. When you provide choices, make sure that you respect the choices consumers select. Some may opt not to have their information collected. Finally, I can't emphasize the importance of data security enough. Today, given the volume of information that's being gathered and given the sensitivity of the information being gathered, in my mind, preserving and protecting that information is incredibly and increasingly vital.

© 2016 The Washington Post

One Random Mutation Triggered Life on Earth 600 Million Years Ago
This Holiday Season, Smartphones Saved Santa
 
 

Advertisement

 

Advertisement