US regulators get sympathy from Congress on powers, fines
By MARCY GORDON AP Business Writer
May 08, 2019 10:14 AM
FILE – This Jan. 28, 2015, file photo, shows the Federal Trade Commission building in Washington. Federal privacy regulators are under scrutiny in Congress as they negotiate a record fine with Facebook to punish the company for alleged violations of its users’ privacy.
Alex Brandon, File
Federal privacy regulators got a sympathetic hearing from Congress on Wednesday for their request for greater powers and funding to police privacy, as lawmakers warned that fines against big companies may be inadequate to change their conduct.
The Federal Trade Commission is negotiating a record fine to punish Facebook for alleged violations of users’ privacy.
But “a large fine in a single case does not solve the problems that consumers face,” said Rep. Jan Schakowsky, D-Ill., chairwoman of the House consumer protection subcommittee.
At a hearing with the five members of the FTC, Schakowsky said the agency needs more funding and authority “at a minimum to restore consumers’ confidence.”
Rohit Chopra, one of the FTC commissioners, said that for some big companies, fines are a mere “parking ticket.”
“We cannot change behavior without finding out who at the top caused those problems,” Chopra said.
Although Schakowsky and Chopra didn’t specifically mention Facebook, the FTC is considering a rare action to hold Facebook CEO Mark Zuckerberg personally accountable for Facebook’s alleged failure to honor a 2011 agreement over privacy lapses.
The FTC also may limit how the giant social network targets advertising to its massive user base — potentially making the action far more than a regulatory slap on the wrist.
Beyond a fine expected to run as high as $5 billion, comprehensive action by the FTC could mark a watershed in federal action against the tech industry in the name of consumer privacy.
Rep. Michael Burgess, R-Texas, said even a large fine “is inconsequential for a company the size of Facebook” while potentially damaging smaller businesses.
By usual practice, the FTC — an independent agency — is split with three Republicans and two Democrats. Simons has advocated tougher enforcement action against tech companies and must obtain the agreement of at least two other commissioners for any action on Facebook.
Lawmakers have started work on a new national privacy law that could sharply curtail the ability of the biggest tech companies to collect and make money off people’s personal data. The role of the FTC as an enforcer of privacy protections is a key issue in the debate over legislation. Consumer privacy advocates and Democratic lawmakers say the agency currently lacks teeth and have pushed for expanding its powers and funding.
The FTC doesn’t have the authority, for example, to levy civil money penalties for first violations for most unfair or deceptive practices. It can only issue orders halting the conduct, as it did with Facebook in 2011.
The agency would be expected to write new privacy rules should Congress pass a new law.
Behind the momentum for a new law is rising concern over a string of scandals and the compromise of private data held by Facebook, Google and other tech giants that have reaped riches by aggregating consumer information. The industry has traditionally been lightly regulated and has resisted closer oversight as a threat to its culture of free-wheeling innovation.
Republicans have generally opposed an expansion of federal authority, but in the wake of the Facebook and other privacy scandals, some have taken a more open view toward the FTC’s powers and funding. Some business groups are also proposing an expanded role in privacy protection for the FTC.
The 2011 consent decree with the FTC bound Facebook to a 20-year privacy commitment. Violations could subject the company to fines of $41,484 per violation per user per day. The agreement requires that Facebook users give “affirmative express consent” any time that data they haven’t made public is shared with a third party.
The agency started investigating Facebook’s privacy practices more than a year ago after reports surfaced that the British political consulting firm Cambridge Analytica had improperly accessed the data of as many as 87 million Facebook users without their consent.