Washington, D.C. - Energy and Commerce Chairman Frank Pallone, Jr. (D-NJ) delivered the following opening remarks at a Consumer Protection and Commerce Subcommittee hearing on “Oversight of the Federal Trade Commission: Strengthening Protections for Americans’ Privacy and Data Security:"
The Federal Trade Commission (FTC) plays a critical role in protecting American consumers and promoting competition in the marketplace. It is a relatively small agency, but the breadth of its mission is vast.
As the nation’s consumer protection agency, the FTC works to protect consumers from a variety of unfair and deceptive practices, including false advertising, illegal telemarketing, unfair debt collection, and fraud.
Last year, the FTC received nearly 3 million complaints from consumers who reported losing around $1.5 billion to fraud. Seniors were preyed upon by criminals pretending to need money to bail their grandchildren out of jail. Veterans were tricked into giving their credit card information to a thief who claimed to work for the Veterans Choice Program.
These are just two examples of the thousands of frauds the FTC faces every day. Many are perpetrated through robocalls, which I am working to address through the Stopping Bad Robocalls Act. But that is not the only way fraudsters commit their offences and the FTC needs more support and more authority to prevent scams and enforce the law.
The FTC is also the nation’s primary enforcer in the area of privacy and data security. Talk about a daunting job when you consider that companies today monitor every move we make. They are tracking where we go, who we are with, our private conversations, our health, the websites we visit, and, increasingly, what we do inside our homes. As we have learned from the concerning privacy issues surrounding Cambridge Analytica and Facebook, and from massive data breaches like the one at Equifax, there is little reason to believe that consumers can trust these companies with our personal data.
The FTC can and should be doing more to protect consumers, and Congress needs to give the FTC the tools it needs to be more effective. That starts with resources. The FTC has fewer employees today than it did in the 1980s when the Internet did not exist. It has just 40 employees responsible for protecting the data of 300 million Americans. That’s unacceptable - particularly when you consider that the United Kingdom, which has a much smaller population, has more than 500 people who protect the privacy and data of its residents. We must give the FTC the resources it needs to become a global leader on privacy and data security.
The FTC also needs more authority to prevent privacy abuses from happening in the first place and to ensure that companies properly secure the personal data entrusted to them.
Too often, the FTC can do little more than give a slap on the wrist to companies the first time they violate the law. That’s because it lacks the authority to impose a monetary penalty for initial violations. Currently, the FTC can only order a company to stop the bad practices and promise not to do it again. If we really want to deter companies from breaking the law, the FTC needs to be able to impose substantial fines on companies the first time.
To make matters worse, there are no strong and clear federal privacy laws and regulations that establish a baseline for how companies collect, use, share, and protect consumer information. The FTC lacks the ability to issue such regulations leaving Americans left to the whims of corporations.
Companies should not be gathering consumer information without a good reason and should have clear consent when they use that information for purposes a consumer would not reasonably expect. When I search online about the side effects of a medicine, I don’t expect that information to be shared with advertisers, data brokers, or insurance companies and it shouldn’t be shared unless I say so. Companies also need to protect the data they collect so Americans are not as vulnerable to identity theft, scams, and other unfair and deceptive acts as they are today.
Congress must pass strong, comprehensive privacy legislation, and this Committee will take action. The legislation should give consumers control over their personal data, including giving consumers the ability to access, correct, and delete their personal information. And it should shift the burden to companies to ensure they only use the information consistent with reasonable consumer expectations.
I look forward to hearing from all of the commissioners about how the FTC can better fulfill its mission in this important area of consumer protection. Thank you, and I yield back my time.
