At CES, Feds prod companies to expand privacy efforts

LAS VEGAS — Two top federal regulators on Wednesday urged tech companies to expand their efforts to protect consumer privacy.

“There is a responsibility if you collect [personal] information,” Federal Communications Commission Chairman Tom Wheeler said at CES.

He said Internet service providers (ISPs) have a responsibility to make sure personal data is held securely and that companies are transparent about what’s being captured. Wheeler also said consumers need to know that they have a choice — opting in or out — as to whether their personal data is collected.

“There’s no question that with connected devices, data is becoming today’s currency, and we need to be aware of the impact of that on consumers,” added Federal Trade Commission Chairwoman Edith Ramirez. The two chairs spoke separately in an interview format during a session at CES. Consumer Technology Association CEO Gary Shapiro asked the questions.

Ramirez said personal data is collected in so many ways that consumers might not be fully aware of information they’ve opted to share.

“It could be a smart fork to document what I’m consuming late at night,” she added. Devices are “gathering increasingly sensitive information about us, and how it is being used or shared, and the potential for unintended uses, is a concern.”

Ramirez was especially concerned that Pew Research Center recently reported that a significant minority of Americans are conflicted about sharing personal information with companies.

Pew found that 47% of Americans lacked confidence that they understand what would be done with personal information and had mixed feelings about whether or not to share it.

Ramirez added: “As companies amass all this information about us, they can reach inferences from seemingly benign information.” She said the FTC wants to try to provide guidance to the public on addressing such concerns.

Recognizing that Apple received wide consent from consumers to share personal health data for medical research, Ramirez said: “Consumers are willing to share if they can be assured … they understand what it is used for — if for the greater good or if shared for other parties for purposes we don’t know…. It’s clear, based on research…that consumers care very deeply about privacy.”

Ramirez didn’t single out any companies that might be raising privacy red flags, but did argue that companies “need to more clear” with how they will use private data. She also said it is important that “companies don’t collect information that they truly don’t need…that exposes risk.”

She called out lengthy and legalistic warranties that come with new devices and apps, which most consumers just click through quickly. “We need to do a lot more work in this area; most [consumers] are concerned how the information is used.”

Ramirez is personally concerned about sharing some of her own personal health data: she pulled out an older, small unconnected pedometer that she uses to measure her steps, noting that she prefers it over a smarter, connected device like a Fitbit. She said she was using an “old school pedometer; I don’t want to share.”

The FTC has brought 50 cases against organizations over data security lapses in recent months, and Ramirez said such actions show that companies need to have reasonable security protections in place to protect the personal information collected and used.

“We’re here to protect consumers and if companies run afoul of the law, we’re going to take action,” Ramirez said.