Newsroom

Washington, DC: Over 20 public health, media, youth, and consumer advocacy groups sent a letter to the Federal Trade Commission (FTC) today objecting to Facebook’s recent proposed changes to its privacy policy. The groups raised concerns about the potential negative impact of these changes on teens. In a letter to the Federal Trade Commission’s Chairwoman Edith Ramirez, groups working on teen-related issues—including American Academy of Pediatrics, Consumers Union, Public Citizen, Consumer Watchdog, Pediatrics Now, and the National Collaboration for Youth—challenged changes to the “Statement of Rights and Responsibilities” that give Facebook permission to use, for commercial purposes, the name, profile picture, actions, and other information concerning its teen users. The groups also objected to new language directed at 13-17 year-old users that states that teens “represent that at least one of their guardian’s or parent’s have given consent for this use of their personal information on their behalf.” As groups with a broad range of expertise and years of research in issues related to marketing, media, public health, consumer rights, and youth, the concerns in the letter addressed—among other issues—the ways in which Facebook’s proposed changes would expose teens to the same problematic data collection and sophisticated ad-targeted practices that adults currently face. “These new changes should raise alarms among parents and any groups concerned about the welfare of teens using Facebook,” observed Joy Spencer, who runs the Center for Digital Democracy’s digital marketing and youth project. “By giving itself permission to use the name, profile picture and other content of teens as it sees fit for commercial purposes, Facebook will bring to bear the full weight of a very powerful marketing apparatus to teen social networks.” Dr. Gwenn O’Keefe at Pediatrics Now also expressed concern. “Given the number of teens who are legally on Facebook and pre-teens who are on there posing as teens,” she declared, “it’s in everyone’s interest that Facebook create an environment that is appropriate and healthy for the development of teens.” Citing the FTC’s 2011 Consent Decree with Facebook, the letter asked the agency to hold Facebook accountable, redress the changes, and protect the interests of teens. (A list of the 27 signatories is attached.) ### African American Collaborative Obesity Research Network American Academy of Child and Adolescent Psychiatry American Academy of Pediatrics Benton Foundation Berkeley Media Studies Group Campaign for a Commercial-Free Childhood Center for Digital Democracy Center for Global Policy Solutions Center for Media Justice Center for Science in the Public Interest Children’s Advocacy Institute Children Now Consumers Union Consumer Watchdog Corporate Accountability International Pediatrics Now Prevention Institute Public Citizen Public Health Advocacy Institute Public Health Institute Media Alliance Media Literacy Project Mercy Hospital’s Young People’s Healthy Heart Program National Collaboration for Youth Shaping Youth United Church of Christ, OC Inc. Yale Rudd Center for Food Policy and Obesity

The coalition's letter is attached. Facebook is violating the terms and spirit of its 2011 Consent Decree (link is external) with the Federal Trade Commission (FTC). As we have explained to FTC officials, the new policies planned by Facebook are designed to further expand its wide-ranging data collection and targeting apparatus. Facebook must be required to be candid and specific to its U.S. users on how its new data use policies reflect what it sells to marketers and advertisers (its various ad products, data techniques, focus on mobile, etc.). Without such candor and transparency, Facebook is fundamentally in violation of the 20-year committment it made to the American public via the FTC. The FTC has to stand up for the rights of U.S. consumers and make the Consent Decree--which the agency has repeatedly said has created new privacy safeguards for Internet users around the world--mean something. The agency has claimed (link is external) that its Facebook order "alone protects the privacy of more than a billion people world-wide." That has largely been a fiction--something anyone who follows Facebook (as we do at CDD) know. It's time for the FTC to take Facebook to court for violating its agreement. Facebook's new policy on its 13-17 year old users is especially alarming. It wants to target teens with an aggressive mix of data collection, profiling and tracking--without any safeguards.Here's what CDD's attorney Hudson Kingston said to us about Facebook's new tactic on teens: "Across the United States, states' laws don't allow minors to definitively bind themselves with a contract. Through legal fictions Facebook's new policy tries to bind both minors and their parents to consent to ongoing invasions of privacy, based only on the nonaction of teenage users. This violates the FTC 2011 Facebook Order's requirement of affirmative consent before the company undercuts privacy, as well as basic concepts of capacity to consent." Joy Spencer, who runs CDD's project on digital food marketing and youth, said: "Teens spend their lives online 24/7, especially on social media platforms like Facebook. They use Facebook to socialize and share critical information that often spreads quickly and has great power and influence within tight and trusted social networks. By changing its Statement of Rights and Responsibilities and Data Use Policy to grant itself permission to use the name, profile picture, content and other actions of teen users for commercial purposes and without their express consent or compensation, Facebook is definitely stepping over the line. Most teens do not share their personal photos and personal views on Facebook with the expectation that brands can take their pick of their images and actions to digitally market commercial products. What is most disturbing here is that Facebook is taking advantage of teens while they socialize with peers and exploiting their rightful need for self-expression in order to make a profit. The FTC should definitely step in to make sure this does not happen. " Facebook's redlined changes is attached in the FBSRS document. Here's what it says (my bold): 10. About Advertisements and Other Commercial Content Served or Enhanced by Facebook Our goal is to deliver advertisings and other commercial or sponsored content that are is valuable to our users and advertisers. In order to help us do that, you agree to the following: 1. You can use your privacy settings to limit how your name and profile picture may be associated with commercial, sponsored, or related content (such as a brand you like) served or enhanced by us. You give us permission to use your name, and profile picture, content, and information in connection with commercial, sponsored, or relatedthat content (such as a brand you like) served or enhanced by us, subject to the limits you place. This means, for example, that you permit a business or other entity to pay us to display your name and/or profile picture with your content or information, without any compensation to you. If you have selected a specific audience for your content or information, we will respect your choice when we use it. If you are under the age of eighteen (18), or under any other applicable age of majority, you represent that at least one of your parents or legal guardians has also agreed to the terms of this section (and the use of your name, profile picture, content, and information) on your behalf.

Washington, DC: A report released today by the Center for Digital Democracy (CDD) criticizes the Obama Administration’s recent effort to establish new privacy safeguards for the Digital Era. The more than yearlong proceeding led by the Department of Commerce’s National Telecommunications and Information Administration (NTIA) to further the Administration’s proposed “Consumer Privacy Bill of Rights” failed to ensure that the public can be protected from the array of sophisticated mobile “app” data-gathering practices. The detailed, 34-page report, “Head in the Digital Sand,” argues that the lobbyist-dominated process failed to examine the actual operations of the mobile app industry and its impact on the ability of consumers to protect their privacy effectively. Among the most disturbing revelations is the growing use of real-time tracking and surveillance of individual mobile app users. Industry practices requiring investigation by the FTC are identified, including apps that stealthily eavesdrop on consumers to ensure they spend more on virtual goods and other services—moving them up, in industry parlance, from “minnows” to “dolphins” and then to big cash-generating “whales.” The report examines other mobile and app-related data collection practices, including the ways users are being tracked from device to device; how app developers “acquire” and target users; the role of so-called “ad exchanges” that auction off mobile consumers to advertisers in milliseconds, through the use of data-rich profiles; so-called “monetization” practices relied on by developers; and industry research on the unique personal relationship users have with mobile devices and content. In 2012, the White House released a privacy “blueprint” with seven “rights” that all consumers should be guaranteed, and urged Congress to enact legislation. The NTIA was also tasked with bringing industry, nonprofit organizations, and others together to develop so-called voluntary but enforceable codes of conduct to implement consumer privacy rights. However, as CDD’s report describes, the so-called “stakeholder” process failed to deliver meaningful and effective privacy safeguards. “There was an assumption that consumers would be willing to dispassionately analyze how an app uses their data before they try it out,” explained CDD Executive Director Jeff Chester. “But as our report reveals, there is already a sophisticated app marketing system in place that actually uses existing data, along with a host of interactive marketing tactics, to influence consumer decisions. Before they download an app, consumers need to know more than just what data that app may collect or share with sponsors or third parties,” he added. “They need to be told how the app really operates—whether it spies on them, whether the app experience will change in order to promote the sales of goods and virtual products, and precisely how any personal data might be used for purposes related to finances, health, their race or age, for example.” Last month, the NTIA hailed the work that led to a proposed “Short Form Notice Code of Conduct to Promote Transparency in Mobile App Practices.” On Thursday, August 29, the NTIA convenes a forum to address “lessons learned” about the work that produced the mobile app code and how that process should be structured for future work. CDD called on the Administration to release its long-promised legislation on consumer privacy, and to replace the NTIA with the Federal Trade Commission as the lead agency proposing new privacy rights for Americans. “The Administration has told the European Union that it has its privacy house in order,” said Chester. “But this initial effort, as well as the revelations of NSA surveillance, raises questions about how well the privacy of Europeans will be protected as a new Transatlantic trade deal (TTIP) is negotiated.” A copy of CDD’s new report on mobile apps and consumer privacy is available at www.democraticmedia.org The Visual Appendix can be downloaded via: https://www.hightail.com/download/bWJvblFOdENOQndVV01UQw (link is external) CDD works to protect the interests of consumers in the digital era, focusing on issues related to consumer privacy, public health, children and youth, and financial services.

Center for Digital Democracy Adds Legal Director Focusing on Youth Privacy and Digital Marketing Issues CDD Begins Industry Review to ensure new COPPA Rules are Enforced Washington, DC: Hudson Kingston has joined the Center for Digital Democracy (CDD) as its new Legal Director. Mr. Kingston will oversee CDD’s regulatory and industry initiatives to ensure that the Children’s Online Privacy Protection Act (COPPA) rules, recently updated by the Federal Trade Commission (FTC), protect children effectively. Under the new regulations, which went into effect in July 2013, a child’s privacy is better protected when they use mobile devices, social media, “Apps,” or online games. There are also new safeguards regulating marketing practices such as online behavioral targeting. CDD spearheaded a coalition of consumer, child advocacy, and public health groups during a four-year campaign to press the FTC to bring its COPPA rules up to date. “Hudson’s strong commitment to consumer protection and public health will help CDD represent the interests of young people in the digital era,” said executive director Jeff Chester. With a background in human rights and environmental law, Mr. Kingston worked on consumer protection issues at the Center for Food Safety, and also focused on national environmental policy at the White House Council on Environmental Quality. Hudson earned his J.D. from the University of Iowa and LL.M. degrees from both New York University and the National University of Singapore. He is a member of the New York and D.C. bars as well as the Federal District for D.C. Kingston has also worked on legal projects in Laos and India. “Now that the revised COPPA rules are in force, CDD intends to closely monitor the children’s online marketplace to help promote compliance,” explained Chester. “We are also stepping up our examination of data collection and interactive marketing practices targeting teens. Hudson will be working closely with the FTC and other policymakers and will be spearheading our regulatory efforts,” he noted. “Parents, as well as most Americans, believe children should be able to use the Internet without being surreptitiously tracked,” said Hudson. “I look forward to leading CDD's expanded efforts on COPPA and protecting minors from privacy and health threats.” CDD works to protect the interests of consumers in the digital era, including on issues related to public health, children and youth, and financial services.

The United State Trade Representative (USTR) holds hearings today for stakeholders to address issues related to the EU/US negotiations on the Transatlantic Trade and Investment Partnership (TTIP). CDD has been invited to testify. Here's a summary: EU and U.S. consumer groups, through the Transatlantic Consumer Dialogue, have already gone on record with USTR urging that data protection and data flow-related issues not be addressed in the TTIP negotiations. Both in the U.S. and the EU, policymakers are in the process of reviewing and potentially revising their respective privacy frameworks, making any trade agreement on the issue premature. However, the recent revelations of widespread data gathering by the U.S. and also European governments reported by the news media require a new approach for addressing digital products and e-commerce services, data flows, and data protection. We urge the USTR to call on the newly formed U.S. and EU review on privacy- and national security-related issues, which is now operating parallel to the start of the TTIP negotiations, to report its findings to the public. A thorough understanding of what data on citizens have been collected, and by whom (including by commercial entities), is required. Finally, digital products and services require a separate approach outside of the TTIP process. The civil liberties of individuals, including their right to privacy, should not be treated as just another commodity to be traded through negotiation.

The new FTC rules designed to better protect children's privacy kick-in on July 1, 2013. CDD and colleagues led a four-year campaign to help create these safeguards. The new rules better protect kids from stealth online tracking, the collection of their geo-location information by apps and mobile devices, data gathered by social media, etc. Here's a guide for parents to help them understand how to make COPPA work for them. Groups interested in learning how they can monitor online sites to ensure they are following the new safeguards, as well as file complaints with the FTC, can email us for a free COPPA compliance guide.

June 1 is the deadline for filing Comments in the FTC Internet of Things inquiry. (link is external) Today's contemporary mobile device (link is external), geo-location (link is external) aware, (link is external)offline/online data (link is external), advanced marketing applications like facial recognition (link is external), mobile real-time ad exchanges (link is external), geo-fences (link is external), cross-platform tracking (link is external)and paradigmatic approaches such as Google's Zero Moment of Truth (link is external) and shopper marketing (link is external)based path-to-purchase methodologies make the Internet of Things (link is external) a consumer and privacy concern today--not in some pending future. We call on the FTC to address how the Internet of Things is already a reality, and to do a better job on sensitive data--especially involving finances, health, racial/ethnic information and youth.

Today, the United States Trade Representatives convenes two days of hearings (see attached agenda) to help it formulate a negotiating policy for the forthcoming EU/U.S. trade pact--known as the Transatalantic Trade and Investment Partnership (TTIP). CDD is one of the consumer groups that has been asked to brief its Policy Staff Committee.A number of U.S. industry groups, including the "Digital Trade Coalition" (Sidley & Austin) and the Coaltion for Privacy & Free Trade (Hogan Lovells)--in what illustrates how healthy fiction writing is at some law firms--paint a picture of a robust system protecting privacy here (we've attached their comments to USTR as well because they are worth reviewing to illustrate what the online data lobby agenda is). These coalitions want the U.S. to seek a trade deal that would allow our ineffective privacy regime to be considered "interoperable" with the EU's human rights and civil liberties robust approach. As we will explain later today, the U.S. is just at the very beginning in its efforts to protect consumer privacy in the digital era--hampered by many of the very forces these business coalitions represent. A number of U.S. online data companies, for example, are even unwilling to support even a modest Do Not Track standard, or stronger rules to protect youth, let alone serious privacy legislation.Consumer and privacy groups which are also members of the Transatantlic Consumer Dialogue will also speak on the TTIP, including on its impact on health, food safety, IP and other issues.

Today, the United States Trade Representatives convenes two days of hearings (see attached agenda) to help it formulate a negotiating policy for the forthcoming EU/U.S. trade pact--known as the Transatalantic Trade and Investment Partnership (TTIP). CDD is one of the consumer groups that has been asked to brief its Policy Staff Committee. A number of U.S. industry groups, including the "Digital Trade Coalition" (Sidley & Austin) and the Coaltion for Privacy & Free Trade (Hogan Lovells)--in what illustrates how healthy fiction writing is at some law firms--paint a picture of a robust system protecting privacy here (we've attached those comments to USTR as well because they are worth reviewing to illustrate what the online data lobby agenda is). These coalitions want the U.S. to seek a trade deal that would allow our ineffective privacy regime to be considered "interoperable" with the EU's human rights and civil liberties robust approach. As we will explain later today, the U.S. is just at the very beginning in its efforts to protect consumer privacy in the digital era--hampered by many of the very forces these business coalitions represent. A number of U.S. online data companies, for example, are even unwilling to support even a modest Do Not Track standard, or stronger rules to protect youth, let alone serious privacy legislation. Consumer and privacy groups which are also members of the Transatantlic Consumer Dialogue will also speak on the TTIP, including on its impact on health, food safety, IP and other issues.

Hispanics embrace of digital technologies, such as mobile phones, and their growing economic clout is attracting intense interest from marketers. This report highlights some of the recent recent research and activities aimed at the U.S. Hispanic market. We will be updating this report, including adding links which provide more information on the marketplace (and which raise privacy and consumer protection issues). 6/2/2013 Update: http://www.pulpomedia.com/the-ihispanic-opportunity.html; (link is external) http://www.pulpomedia.com/iHispanic-media.html (link is external) Big Data Hispanic Targeting: http://luminarinsights.com/solutions/customer-decision-engine/ (link is external)

In a 4-0 decision, the FTC agreed with CDD and a coalition of consumer, public health, and child advocay groups to reject calls from the online marketing lobby to delay the implementation of the new COPPA rules. The decision can be read here. (link is external)Our coalition's oppostion to the industry request played an important role in the commission's decision. It can be reviewed here. (link is external)The commission's action sent an important message that protecting the privacy of children and empowering parents/caregivers is a core value which must be respected.

This EU-commissioned report--"Assessment of Young people's exposure to alcohol marketing in audiovisual and online media" analyzes the role of Facebook and other social media. It was written by Rand Europe (and CDD is cited, among many others).

The leading U.S. consumer groups and many others filed this today at the Federal Trade Commission asking for the new children's safeguards to go into effect as planned this July. It's in response to requests made last week by the trade groups Interactive Advertising Bureau (see attached) and Application Developers Alliance (link is external). The filing well-documents why the new rules better protecting children online and empowering parents are needed now. It also serves as a counter-point to the Direct Marketing Association (link is external) and media business lobby FTC filing also seeking a delay of the rules.

Second in a series from leading U.S. privacy and consumer NGOs on the failure of U.S. law and regulation to protect privacy.

A series of the failure of U.S. privacy policies to protect consumers. The first paper was written by CDD on the failure of self-regulation. The second was written by the ACLU and Friends of Privacy, USA.

CDD and U.S. PIRG Education Fund filed comments yesterday with the FFIEC (link is external), the federal body which develops policies for the Consumer Financial Protection Bureau, Federal Reserve, FDIC, etc. We called for a set of strong safeguards to protect consumers from largely opaque and unfair social media marketing practices used in the financial marketplace. It especially called for regulation with the growing use of predictive "scoring (link is external)" products that evaluate how a financial service can view the creditworthiness of a consumer. The filing also called for an investigation into how Facebook's marketing appartus is used in the consumer financial marketplace, and the need to closely scrutinize the growing role of mobile devices.

This letter was sent today to new FTC Chairwoman Edith Ramirez by three-dozen NGOs--including the national leaders in the consumer and privacy fields.

As part of the comprehensive system of commercial surveillance tracking us 24/7 wherever we go and do, more companies are integrating offline and purchasing data with online information. But when the largest commercial database of individuals around the world marries (link is external)its user data with the ton of consumer records held by Acxiom, Epsilon, (link is external) Bluekai (link is external) and Datalogix, (link is external) major privacy and consumer protection issues are raised. Acxiom--whose President just told (link is external) the annual meeting of online marketing hotshots that “Data can make you rich,” offers new ways to track and target a user. It just unveiled what it calls its "AbiliTag" system (which will presumably be used by Facebook). Here's how Ad Age describes (link is external) what it can do: "The tag system extends the technology Acxiom uses internally to match its clients' direct mail, email, online cookies and other data sets, now enabling it for ad targeting online and in mobile. The system will eventually be used for digital TV ads also. The approach is not entirely different from offline-to-online database matching that connects an advertiser's data to large sites with registration data such as Yahoo or AOL. However, Acxiom argues that its system goes beyond that approach by allowing sites that don't have registration information to connect advertisers to their customers in digital channels. The idea is to use the Acxiom tag to identify a customer who visits an Acxiom client site, then a publisher partner site." Acxion describes (link is external) AbilTag's benefits to publishers (excerpt): "With AbiliTag publishers can access a growing range of benefits from Acxiom: Provide advertisers access to the richest possible audience information - their audience data along with advertisers’ CRM data (the best targeting data available) and Acxiom’s rich demographic and interest data. Assure the highest quality of integration through Acxiom’s patented real-time audience matching and recognition solution AbiliTag. ... Offer more precise online audience targeting, measurement and attribution to advertisers. Provide Fortune 500 advertisers audience targeting capabilities with data they are already know and understand. Offer secure, scalable and compliant access to 45M+ consumers per month on 60M+ devices. Offer audience portraits utilizing the combined audience data that demonstrate greater insight and added value to advertisers. ... Allow advertisers to leverage insights from offline multivariate consumer prediction models where propensity to purchase, shopper preferences, and LTV are already known." Meanwhile, Facebook is acquiring from its partner Microsoft the online ad analytics and attribution company Atlas (link is external). Here's what Atlas does with Facebook data: "Advertisers create and designate an ad to an engineered audience in Facebook, comprised of various parameters, including demographic and interest-based criteria. The resonance of the message within each audience can then be measured with precision and reported within Atlas. From this, a compelling story can be told. For example, advertisers can gain true insights into the traction their messaging holds in driving acquisition. In addition, by merit of supported impression and view through metrics, latent branding effects can be examined, identifying correlations with consumer behavior weeks to months following exposure to Facebook advertising. Audiences and creative messaging can be constantly refined until the advertiser sees the optimal results they are striving for. Additionally through statistical aggregation the overall performance of social display can be evaluated and pitted against other channels that are competing for credit. Viewing Facebook tracked data through Atlas’s Engagement Mapping (link is external), advertisers can ascertain where Facebook falls within the purchase funnel and make the most informed decisions as a result. The implications of Facebook tracking within Atlas, however, reach far beyond linear performance measurement and standard reporting. The FTC, Senate Commerce Committee, GAO and others examining the impact of Big Data Brokers on privacy and consumer protection should make Facebook's new set of data gethering and targeting alliances a key focus.

Statement on Appointment of Edith Ramirez at Chair of the FTC by Jeff Chester, CDD Edith Ramirez cares deeply about consumers and the issues that effect their everyday lives. She is always willing to listen and works hard to find out the facts before making a decision. We have found her to display unique insights on issues critical to consumer welfare and competition. Ms. Ramirez will be a thoughtful and effective leader of an agency that has been strengthened over the last several years to better meet the consumer protection challenges of the 21st Century. Under her leadership, we expect the FTC to blaze new ground on privacy—especially involving mobile devices, digital data brokers and Do Not Track.