The agency calls for industry self-regulation despite concerns regarding collection and use of sensitive data, such as medical information and information about children.
It's unclear whether consumers understand what information about them is collected, aggregated, and used to deliver advertising, and even the governing body in charge of protecting consumers admits it has more to learn.
The Federal Trade Commission recently issued a report on consumer protection and technology that explains how the commission will prevent Internet fraud as well as unfair and deceptive advertising. The report, entitled "Protecting Consumers In The Next Tech-ade," outlines consumer protection challenges as technologies evolve.
It found that "questions regarding the types of consumer data collected for use in behavioral advertising, how such data are used, and what protections are provided for that data remain." After a November town hall meeting on Internet tracking, targeting, and advertising technology, the FTC began drafting principles to encourage self-regulation of online behavioral advertising.
The principles stress a need for transparency in data collection; securing data collected for behavioral advertising; and obtaining express consent from consumers when companies change privacy policies to use data differently. They also highlight a concern regarding collection and use of sensitive data, such as medical information and information about children.
"Relying on new technological developments that allow for micro-targeting, marketers are attempting to customize the marketing process and ensure that the right consumers receive the right ads," the FTC explained. "By profiling consumers' online and offline habits in detail, advertisers are able to direct very specific advertising messages to individual consumers, engaging in what is known as 'behavioral targeting.'"
The FTC said that such practices may provide consumers more relevant ads, but they also may pose data security and privacy threats if the information is misused by businesses or inadequately secured.
The prohibition on unfair or deceptive acts or practices in Section 5 of the FTC Act protects consumers and has worked for 70 years, the FTC said. Since it is intended to prevent harm, it is unlikely to restrict conduct viewed as beneficial to consumers, the FTC pointed out.
"Applying traditional principles of deception and unfairness to acts and practices related to new monitoring technologies like sensor networks and RFID, as well as to behavioral targeting and mobile marketing, will focus the agency's inquiry on practices that are likely to injure consumers," the FTC explained in the report.
The FTC said it has brought 24 enforcement actions against companies that have failed to take reasonable steps to protect consumer information. Yet, it sees self-regulation an important tool in protecting consumer privacy because industry groups can respond quickly to changes in technology and the marketplace.
"The FTC then can analyze the development of the standards and monitor their implementation to ensure that consumer protections are adequate," the FTC report stated. "The Commission will continue to monitor the development and implementation of self-regulatory standards related to privacy to determine whether they allow consumers to get the benefits of new technologies without exposure to any undue risks."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.