FTC Considering Rules on Collecting, Selling People's Personal Data
Tired of companies gathering and selling your data? The FTC is exploring the possibility of rules around the practice.
Zachary McAuliffeStaff writer
Zach began writing for CNET in November, 2021 after writing for a broadcast news station in his hometown, Cincinnati, for five years. You can usually find him reading and drinking coffee or watching a TV series with his wife and their dog.
ExpertiseWeb hosting, operating systems, applications and softwareCredentials
Apple software beta tester, "Helps make our computers and phones work!" - Zach's grandparents
The US Federal Trade Commission said Thursday that it's looking into creating rules concerning companies that profit off of collecting and selling people's personal data. The FTC calls this practice commercial surveillance and defines it as "the business of collecting, analyzing, and profiting from information about people."
"Firms now collect personal data on individuals at a massive scale and in a stunning array of contexts," FTC Chair Lina M. Khan said in a news release.
The agency said it's seeking the public's input on whether these new rules are warranted. People can share their thoughts on the topic at a virtual, public forum scheduled to be held on Sept. 8 from 11 a.m. to 4:30 p.m. PT.
Lawmakers on both sides of the aisle agree something must be done to address privacy concerns. In June, the bipartisan American Data Privacy and Protection Act, or ADPPA, was introduced in the House, but negotiations on the bill have since stalled.
Some Democrats see FTC action as a stop-gap solution to ensure some protections are in place, while Republicans think Congress should address privacy concerns through legislation like the ADPPA.
In April, Khan pushed for new privacy rules and limits on what data companies can collect. She questioned whether companies should be allowed to collect consumer data indiscriminately while keeping most consumers in the dark about how their data is being used.
"I believe we should approach data privacy and security protections by considering substantive limits rather than just procedural protections, which tend to create process requirements while sidestepping more fundamental questions about whether certain types of data collection and processing should be permitted in the first place," she said at the time.