Tech privacy policies need an overhaul, regulators say
The heads of two federal agencies that regulate cybersecurity said during interviews at CES that technology companies need to do more to protect consumers' personal information.
Federal regulators on Wednesday called on gadget and technology companies to up the ante when it comes to protecting consumer personal data and privacy.
Edith Ramirez, chairwoman of the Federal Trade Commission, said during an interview at CES 2016 that she is so skeptical of how her personal health data might be handled online that she has opted for an old-fashioned pedometer to track her steps instead of using an Internet-connected fitness tracker like the Fitbit.
Speaking in separate interviews at the Consumer Electronics Show in Las Vegas, Edith Ramirez, chairwoman of the Federal Trade Commission, and Tom Wheeler, chairman of the Federal Communications Commission, emphasized the importance of security, transparency and choice for consumers over the collection and use of their personal information.
"Internet service providers have a responsibility to make sure information they collect is secure," Wheeler said.
Ramirez echoed these sentiments. She said devices are gathering increasingly sensitive information about consumers, and "how that data is being used or shared, and the potential for unintended uses, is a concern."
"The industry needs to address these concerns and be more transparent about how they handle personal data," she added.
Privacy and data security have become hot button policy issues in the technology sector over the past year as several tech companies, including wireless carriers such as T-Mobile, have experienced data breaches that have exposed consumers' personal data. A hack of the Chinese toy maker VTech late last year exposed profiles of children who own its toys, heightening concern over interactive toys that connect to the Internet and store personal information.
Wheeler said it was the responsibility of any company collecting personal data of its customers to ensure that the information is protected and that companies explain clearly to their customers how they are obtaining this data. He also added that consumers need to have the choice to opt in or out of the data collection.
His agency, which regulates Internet service providers, took action last year against AT&T and cable operator Cox Communications for not providing adequate protection of customer data.
Ramirez said she is so skeptical of how her own personal health data might be handled online that she has opted for an old-fashioned pedometer to track her steps instead of using an Internet-connected fitness tracker like the Fitbit. She said she isn't alone in her distrust of how companies handle personal data, citing a recent Pew Research survey that showed 47 percent of Americans didn't understand what would be done with personal information and had mixed feelings about whether to share it with Internet-connected devices.
Saying that companies "need to be more clear" about how they handle private customer information, she said it is important that companies "don't collect information that they truly don't need." She warned that companies are trying to gather as much data as possible regardless of whether it's needed for a given application, exposing companies to risk.
Ramirez also said that disclosures for many devices and apps are lengthy, complicated, and do not provide consumers with a clear idea of how their personal data is being handled and shared.
"A lot more work in this is area is needed," she said. "Most of us are very concerned about how our information is used, and I think companies need to recognize this."
The FTC will help provide guidance to companies and the public for how to address these concerns, she said, reiterating that the FTC is a law enforcement agency committed to taking action against companies that do not adequately protect consumer information.
"Ultimately, we're here to protect consumers," she said.