Federal Trade Commission

President Donald Trump has designated Maureen K. Ohlhausen as Acting Chairman of the Federal Trade Commission by a White House order. Ohlhausen was sworn in as a Commissioner of the Federal Trade Commission on April 4, 2012, to a term that expires in September 2018.

Prior to joining the Commission, Ohlhausen was a partner at Wilkinson Barker Knauer, LLP, where she headed the firm’s FTC practice focusing on privacy, data protection, and cybersecurity matters. Ohlhausen previously served at the FTC for 11 years, most recently as Director of the Office of Policy Planning from 2004 to 2008, where she led the FTC's Internet Access Task Force. She was also Deputy Director of that office. From 1998 to 2001, Ohlhausen was an attorney advisor for former FTC Commissioner Orson Swindle, advising him on competition and consumer protection matters. She started at the FTC General Counsel’s Office in 1997.

As consumers have come to rely on multiple devices, companies are using technologies to connect a consumer’s activity across those devices – smartphones, tablets, desktops, laptops, and more. It’s called cross-device tracking and the Federal Trade Commission just released a staff report on the subject. Drawing on an earlier FTC workshop, the report discusses the benefits and the challenges associated with technologies that enable cross-device tracking. Here is a summary of some staff recommendations:

Transparency: FTC staff calls on anyone engaged in cross-device tracking – both cross-device tracking companies and consumer-facing entities – to truthfully disclose their tracking activities.
Choice: Companies should offer consumers choices about how their cross-device activity is tracked. It goes without saying that if consumers are told they can opt out of tracking, companies must honor that promise.
Special considerations for sensitive data: For certain categories of sensitive data – for example, health, financial, or children’s information – the staff recommends not tracking consumers without their express affirmative consent.
Security:Consistent with the message businesses have been hearing for years, the staff report recommends that companies practice good data hygiene to avoid unauthorized access, including by hackers in the case of a data breach.
Periodic reassessment of technologies and practices: FTC staff recommends that companies periodically reassess their practices as technology evolves and simplify consent choices whenever possible.

Protecting consumers’ privacy and personal data has long been a priority at the Federal Trade Commission. Over the years, we’ve helped millions of identity theft victims recover from that crime. We created the National Do Not Call Registry to limit unwanted telemarketing, and we continue to fight illegal robocalls. And we’ve brought more than sixty cases against companies that didn’t take reasonable steps to protect people’s data. But we’re not living in the past. Among our recent cases: a settlement with Ashley Madison over the company’s lax data security and misleading claims; our first case against an education lead generator for misleading people about how their information would be used; and a case against a company that marketed internet routers with serious security flaws. On Wednesday, January 25, at 3 p.m. EST, we’ll be participating in a Data Privacy Day Twitter chat for businesses sponsored by the National Cyber Security Alliance.

As I finish my year as Federal Trade Commission Chief Technologist, I wanted to take one more opportunity to encourage researchers to conduct research relevant to consumer protection and share it with the FTC. In this blog post, I share some thoughts on research in nine areas that I believe would be useful to the FTC. At the end I provide information about how to get in touch with FTC staff to discuss research.

Privacy and Security: Privacy and security are important to the FTC’s consumer protection mission. Research that investigates how consumers value privacy, the way consumers balance privacy interests with other interests, how companies assess and manage security risks, and the way consumers are impacted by privacy and security breaches would provide valuable information.

Ads and marketing: The FTC regulates advertising and marketing practices to protect consumers from those that are unfair or deceptive. Research related to new advertising and marketing practices and research that provides insights into how advertising and marketing practices are used in new media would aid FTC staff.

The Federal Trade Commission filed a complaint in federal district court charging Qualcomm Inc. with using anticompetitive tactics to maintain its monopoly in the supply of a key semiconductor device used in cell phones and other consumer products. Qualcomm is the world’s dominant supplier of baseband processors – devices that manage cellular communications in mobile products. The FTC alleges that Qualcomm has used its dominant position as a supplier of certain baseband processors to impose onerous and anticompetitive supply and licensing terms on cell phone manufacturers and to weaken competitors. Qualcomm also holds patents that it has declared essential to industry standards that enable cellular connectivity. These standards were adopted by standard-setting organizations for the telecommunications industry, which include Qualcomm and many of its competitors. In exchange for having their patented technologies included in the standards, participants typically commit to license their patents on what are known as fair, reasonable, and non-discriminatory, or “FRAND,” terms.

The Federal Trade Commission announced a crackdown on two massive robocall telemarketing operations, both of which have been blasting robocalls to consumers on the National Do Not Call (DNC) Registry since at least 2012. Many of the defendants in the two cases, FTC v. Justin Ramsey, et. al. and FTC v. Aaron Michael Jones, et. al., have agreed to court orders that permanently ban them from making robocalls, making any calls to numbers listed on the Do Not Call Registry, violating the TSR, and/or assisting others in doing so. The settling defendants also will pay the Commission a total of more than $500,000.

The two ringleaders of the operations—Justin Ramsey and Aaron Michael (“Mike”) Jones—have previously been sued by state attorneys general for telemarketing violations and the FTC’s litigation against them continues. According to the FTC’s complaint in the Ramsey action, the defendants illegally blasted millions of robocalls in 2012 and 2013 to consumers on the DNC Registry selling home security systems or generating leads for home security installation companies. In just one week in July 2012, the defendants allegedly made more than 1.3 million illegal calls to consumers nationwide, 80 percent of which were to numbers listed on the DNC Registry.

Federal Trade Commission Chairwoman Edith Ramirez announced her resignation from the FTC, effective February 10, 2017. Ramirez became Chairwoman on March 4, 2013, and has served as an FTC Commissioner since April 5, 2010, following her appointment by President Barack Obama. Chairwoman Ramirez prioritized protecting consumers and promoting competition in the technology and healthcare sectors, safeguarding consumer privacy and data security in the online world, and protecting diverse communities from deceptive and unfair practices and scams.

Under her leadership, the FTC brought nearly 400 law enforcement actions covering a range of consumer protection issues and approximately 100 enforcement actions challenging anticompetitive mergers and business conduct in major sectors of the economy, including the healthcare provider, pharmaceutical, retail, and energy markets. A priority for Chairwoman Ramirez has been expanding the FTC’s role in studying markets and emerging trends, and issuing reports that provide best practice recommendations to companies. For example, the FTC has issued reports on a wide range of key topics, including patent assertion entities, the sharing economy, the Internet of Things, and big data, among other topics.

The Federal Trade Commission filed a complaint against Taiwan-based computer networking equipment manufacturer D-Link Corporation and its US subsidiary, alleging that inadequate security measures taken by the company left its wireless routers and Internet cameras vulnerable to hackers and put US consumers’ privacy at risk.

In a complaint filed in the Northern District of California, the FTC charged that D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras. The complaint filed is part of the FTC’s efforts to protect consumers’ privacy and security in the Internet of Things (IoT), which includes cases the agency has brought against ASUS, a computer hardware manufacturer, and TRENDnet, a marketer of video cameras.

The Federal Trade Commission announced that it is challenging the public to create an innovative tool that will help protect consumers from security vulnerabilities in the software of home devices connected to the Internet of Things. The agency is offering a cash prize of up to $25,000 for the best technical solution, with up to $3,000 available for up to three honorable mention winner(s). The FTC is asking IoT Home Inspector Challenge contestants to develop a tool that would address security vulnerabilities caused by out-of-date software in IoT devices. An ideal tool might be a physical device that the consumer can add to his or her home network that would check and install updates for other IoT devices on that home network, or it might be an app or cloud-based service, or a dashboard or other user interface. Contestants also have the option of adding features such as those that would address hard-coded, factory default or easy-to-guess passwords. Submissions will be accepted as early as March 1, 2017 and are due May 22, 2017 at 12:00 p.m. EDT. Winners will be announced on or about July 27, 2017.

The defendants who operated a Florida-based tech support scheme that the Federal Trade Commission and State of Florida charged deceived thousands of consumers, will pay $10 million for consumer redress to settle the action. According to the complaint, defendant Inbound Call Experts, doing business as Advanced Tech Support along with other defendants, used high-pressure sales pitches to telemarket tech support products and services falsely claiming to find viruses and malware on consumers’ computers. The stipulated final court order prohibits the defendants from misrepresenting that they have identified performance or security issues on consumers’ computers and from making any other misrepresentations while selling a product or service.