FTC Acting Chairwoman: Protecting Consumer Privacy in a Time of Crisis
Rebecca Kelly Slaughter, Acting Chairwoman of the FTC, delivered remarks this week at the Future of Privacy Forum, laying the groundwork for the new administration’s privacy and data security initiatives. Slaughter signaled the agency’s reinvigorated interest in enforcement of consumer privacy regulation — and a willingness to pursue tougher disgorgement and consumer notice remedies. Slaughter’s remarks also touched on privacy and equity issues brought to the fore by the COVID-19 pandemic and systemic racism. In Slaughter’s view, the FTC should scrutinize remote learning software and ed-tech tools for potential COPPA violations; likewise, increased reliance on telehealth and contract tracing apps creates health privacy concerns. Finally, Slaughter indicated that the FTC will probe algorithms and facial recognition technologies for racial bias.
The Indian government’s war with Twitter
In an ongoing saga, the Indian government ordered Twitter to block certain accounts associated with the country's farmers’ protests. Twitter initially complied, then six hours later, it backtracked and restored the accounts in question. Ultimately, Twitter suspended some of the accounts, while leaving other accounts (predominantly those belonging to journalists, activists, and politicians) standing. Article 69A of India’s information technology law gives the government authority to block online content which “threatens the security of the state.” The situation raises important questions about social media platforms’ obligations to their users and to sovereigns, and the role these platforms play in shaping both public discourse and the rule of law.
TikTok Sale to Oracle, Walmart Is Shelved as Biden Reviews Security
The Biden administration has weighed in on the pending TikTok sale, seeking more time for a broader review of potential security risks posed by Chinese tech companies. Back in August 2020, President Trump cited national security concerns in his decision to ban TikTok in the U.S. CFIUS followed Trump’s lead shortly after, ordering ByteDance (TikTok’s China-based parent company) to divest itself of TikTok’s U.S. operations. A hasty deal with Oracle and Walmart was arranged, all while ByteDance brought a legal challenge against the government’s actions. It now seems likely that the Biden administration will take a different, more lenient approach to the TikTok situation, possibly involving a third-party data custodian in place of an outright sale.
New antitrust reform bill charts one possible path for regulating big tech
Democratic Senator Amy Klobuchar recently unveiled a new bill, titled the Competition and Antitrust Law Enforcement Reform Act, which seeks to modernize U.S. antitrust law and adapt it to the competition issues posed by today’s tech platforms. The bill proposes new standards for merger review (“appreciable risk of materially lessening competition”) and exclusionary conduct that Senator Klobuchar hopes will sweep more broadly. The bill also would expand the enforcement budgets at the FTC and DOJ to the tune of $300 million. Senator Klobuchar is the new Chair of the Subcommittee on Antitrust, Competition Policy and Consumer Rights — and some speculate that the bill might gain the bipartisan support of Republican Senator (and fellow Antitrust Subcommittee member) Josh Hawley.
Proofpoint sues Facebook to get permission to use lookalike domains for phishing tests
Proofpoint, a prominent cybersecurity company, is suing Facebook in Arizona federal district court to retain several of its URLs, which are “lookalike” versions of Facebook and Instagram domains, such as facbook-login.net and instagrarn.org. Proofpoint claims that it was using these slightly misspelled URLs in good faith to test for phishing awareness. Facebook first sought control of Proofpoint’s URLs in front of ICANN (the industry non-profit that oversees domain name registration) and in January, Facebook won an order from an ICANN tribunal requiring Proofpoint to transfer the URLs. Now Proofpoint is in court seeking to block the transfer and retain its URLs.