The Federal Trade Commission (FTC) has vowed to use “the full scope of its legal authorities” to crack down on illegal conduct that exploits consumers’ sensitive data.
In a blog post on Monday, Kristin Cohen, the Acting Associate Director at the FTC Division of Privacy & Identity Protection, stated that the agency would work to specifically protect location and health data collected by digital devices.
“Smartphones, connected cars, wearable fitness trackers, ‘smart home’ products, and even the browser you’re reading this on are capable of directly observing or deriving sensitive information about users,” Cohen said. “Standing alone, these data points may pose an incalculable risk to personal privacy. Now consider the unprecedented intrusion when these connected devices and technology companies collect that data, combine it, and sell or monetize it.”
While not mentioning the recent decision by the Supreme Court to overturn Roe v. Wade, Cohen went on to note the privacy concerns regarding period tracking apps as well as companies that had previously been found to be tracking those who visited abortion providers.
“The exposure of health information and medical conditions, especially data related to sexual activity or reproductive health, may subject people to discrimination, stigma, mental anguish, or other serious harms,” Cohen states. “Those are just a few of the potential injuries—harms that are exacerbated by the exploitation of information gleaned through commercial surveillance.”
The blog post also outlines considerations that companies should take when thinking about the collection of confidential consumer information. The FTC warns, among other things, that companies should be careful when claiming that data is “anonymized” given that such claims are almost always false.
“Significant research has shown that ‘anonymized’ data can often be re-identified, especially in the context of location data,” the blog added. “One set of researchers demonstrated that, in some instances, it was possible to uniquely identify 95% of a dataset of 1.5 million individuals using four location points with timestamps. Companies that make false claims about anonymization can expect to hear from the FTC.”
Although the FTC boasts of its previous actions against companies found to be violating consumers’ privacy, it remains to be seen whether their latest declaration will lead to any significant change given the vastness of the data broker industry.