Economic assistance and impose sanctions on russia. Also on the agenda in the senate this week, a bill to extend Unemployment Insurance and a measure to repeal the current formula for medicare payments to doctors. The house returns at noon eastern with legislative business at 2 00. Nine suspension bills are on the agenda, one includes a measure to allow individuals to make taxdeductible donations for 2013 through april 15th of year. Votes are not expected in the house until 6 30 p. M. Eastern. You can watch live coverage of the house on cspan and the senate on cspan2. Cspan, created by americas Cable Companies 35 years ago and brought to you today as a Public Service by your televisioning provider. Television provider. Host and joining us this week on the communicators is the chairwoman of the federal trade commission, edith ramirez, thanks for being with us, we appreciate it. What, when it comes to telecommunications, whats the ftcs responsibility in that area . Guest well, peter, let me just start off by thanking you to have me on the show, its great to have an opportunity to talk about the important work of the federal trade commission. And before with i turn to your question, let me just explain that we at federal trade commission have a dual mission which is to protect American Consumer ands to promote competition, and we do that in a couple of different ways, main ways. The first is that we are a civil Law Enforcement agency, so we bring lawsuits against companies that engage in unfair or deceptive acts or practices or engage in unfair be methods of competition. We also engage in policy and Research Work to Study Industries and to promote best practices and also advocate for laws that we think are needed. And as to your specific question, what i can tell you is that were really interested in protecting consumers when it comes to the entirety of the mobile ecosystem. And so by that i mean that we are interested in what App Developers are engaging in, what platforms are doing, uprating systems, mobile app stores, and so, again, we insure that American Consumers are protected and that theres a competitive landscape. Host pad dam chairwoman, in a recent speech in other have been yous youve talked about the internet of things. What do you mean by that . Guest well, you know, one of the things that ive been very interested in doing is that we do a great deal to protect the privacy of American Consumers and insuring that consumers have as much control as possible over the collection and use of their personal data. And im very interested in making sure that the ftc stays current and stays abreast of emerging technologies. The internet of things being one of them. And what that refers to is that today we see all sorts of everyday devices increasingly becoming connect today the internet and being able to communicate with each other and communicate with consumers. And so you see connected cars, you see connected devices, appliances, and what that means is that it has very different many implications for consumers. It can bring both a great deal of benefits for consumers but also raises some privacy implications that we are concerned about. And in particular i think there are three, what i see as three privacy challenges when it comes to the internet things. The first one being that theres a tremendous amount of information thats being collected by these devices that are connected to each other, connected to the internet. Also the information thats being collected there is the potential for that information to be used in ways that consumers may not anticipate. And, third, the other issue is that when you collect vast amounts of information about consumers, the issue of Data Security becomes increasingly important, how does that information, is that information being protected . Whenever you have something thats connected to the internet, it raises the potential that someone, a hacker or identity thief, could potentially access that information and use it in malicious ways. Host well, havent we signed over a lot of our privacy to big data, to some of these Big Companies . Guest well, you know, at the ftc we think thats not, that shouldnt be the case, that consumers really ought to have control and there ought to be Greater Transparency over how companies are using the personal information of consumers. And so we advocate three broad principles when it comes to privacy generally. The first one being what we would have known in the privacy world as privacy by design, and what that means is that we encourage companies to from the very outset when theyre conceiving of new products and services to really think hard about the privacy implications of what theyre doing and to think hard also about how much information is really needed to deliver the product or service that they aim to deliver so that if they can minimize the amount of data thats collected, that would be best, and you just need to think about what those implications are. Second hi, we also advocate what we call or refer to as a simplified notice. We Want Companies to communicate to consumers what informations being collected, how its being used so that consumers have, again, control over their personal information. Anden then the third major principle is the idea of transparency. A lot of what is happening happens in the background, happens in black box, and consumers may not necessarily be aware of the extent of the collection of information and that, from our perspective, creates an issue. And wed like to have companies, again, be more open about what their privacy practices are and their data practices are. Host well, joining our conversation with the chairwoman of the federal trade commission is lynn stanton whos a Senior Editor with Telecommunications Reports. When you talk about privacy by be design, a lot of these apps, the designers of the app didnt design the entire app. They take off the shelf pieces of software, and ten theyre not themselves then theyre not themselves aware of all the information that softwares collecting. What kind of responsibilities do they have and does the ftc have the kind of tools it needs to deal with an ecosystem like that, where theres all these pieces that come together; the device, the software, the Service Provider like verizon or at t . How do can you deal with all of these pieces . Guest i think thats a very important point that youre making and, yes, the ecosystem itself is very complex, and there are a number of different players. I think what we need to do is we have jurisdiction over a good number of those players, not all of them. We do not have jurisdiction over common Carrier Services, for instance be, and by that i mean that there is an exception to our authority under the ftc act which means that we dont have jurisdiction over what would be traditional voice services, for example. We actually think that that particular exception to our authority is quite outdated given the blurring of lines that you see today, for example, when youre using a smartphone. So we have, the commission has for some time now been advocating that that exception be removed so that we actually have jurisdiction over the full ecosystem and provide American Consumers complete protection. But we are looking at App Developers, we are look at device manufacturers, and we bought cases across the ecosystem to try to insure and encourage companies to be looking at these issues and to make sure, number one, that they arent enpaging in engaging in unfair or deceptive practices. For instance, if the company ends up making a promise about i how they will be handling Consumer Information, assuring consumers their information will be secure, we expect them to actually fulfill that promise. And if they dont, then we would have jurisdiction to bring a Law Enforcement action. Just one example of that is that we brought an enforcement action against htc america, a device manufacturer, because they add certain security flaws in their software that ended up leading to the disclosure of personal information, and so we took action against that. But we feel that all the players in the ecosystem do have a role to play here, and were going to be on guard through our Enforcement Authority to take action where appropriate. But then also at the same time we have this policy and research function where we encourage best practices. Weve been looking at various new, emerging technology. The internet of things, we actually held a workshop on that last fall to learn more about these technologies and also encourage best practices by companies. Typically in the past Consumer Information has been things the consumers provided to the company or maybe things that they learned about them, like their payment history. So your name, your address, numbers associated with accounts and whether you were paying them on time. But with this new ecosystem, they know where you are, they know who you call, they know which apps you use, they know how things interact with each other. Your heart rate maybe if youve got one of these wear able devices. Sure. Does it require a different approach, kind of information . Does the ftcs authority cover these new kinds of information . Thinking of information as financial and health and different cat goes like that, in children, of course, especially. Are there sensitive kinds of information that arent realized are sensitive as these devices learn so much about us . Guest so a couple of things to note if response to your question. First, i think, the fccs been engaged in the arena of privacy and Data Security for some time now, so to a certain extent why dont we call it, it falls under the rubric of big data. And by that i mean today you have this ubiquitous collection of just vast amounts of information. You now also have analytics, the new tools that can be used to process that information and allows companies to make sure so in many respects the issues im talking about today are issues that we confronted in the past, but now the fact that the amount of information that as being gathered is of a significantly greater magnitude does raise just a qualitative difference because, again, its just so much information thats being but its not entirely dissimilar to issues weve been dealing with in the past. I think one thing that youre, i believe youre getting at is that sometimes you can aggregate whats seemed to be benign which was and then make decisions that one might consider to be sensitive. One example in this area is an example that was reported in the media where you had, target had some analytical tools that they were able to determine based on the purchase of a particular individual, were able to determine that she was, in fact, pregnant because she was purchasing things like unscented lotion, for example. So that, i think, can raise concerns depending on what inferences are being drawn. So these are issues that i think companies have to think hard about, and were tackling in a variety of ways including making sure that companies abide by relevant laws. And this can also lead to manager thats referred to as discrimination bilal brit m. And, again, how is that information being used. One thing that we argue is that we are analyzing, ask weve been conduct and weve been conducting a study over the last year of data brokers. And these are companies that aggregate information from both online and offline sources and then sell that information to companies who then use it for a variety of purposes. We are reaching a conclusion to our study, and we hope to be issuing a report fairly soon. Then were going to be making certain recommendations. One of those includes making sure companies abide by selfreporting act, the fcra which we do report, so weve been vigilant in that arena, making sure that companies abide by that. But i think there are other implications, and were thinking hard about those, and were asking companies to think hard about this how this information is being used. Host chairwoman ramirez, do you feel that the private companies are cooperating with where youre trying to go, and do you feel that the ftc has enough enforcement tools at this point in. Guest let me address the first question, and i do believe that companies are now and in the last several, few years in particular understand that consumers do care a great deal about their privacy, and i believe that many of them are reacting and responding to that by both making sure that their policies and their practices insure greater privacy for consumers. So i do think that the marketplace is responding to that. I think more needs to be done in that area, and so we do advocate, again, best practices and where our Enforcement Authority may apply, we will take action. I personally believe that there needs to be federal legislation be this this arena in this arena because i think be more does need to be done. We have an approach here in the United States where we take a federal approach to the protection of private information, Consumer Information. We have certain laws that apply to financial information, we have laws that apply to health information, and we at the ftc have done, i think, a good job of using our tort under the ftc act to enhance privacy protections, but i think more needs to be done. And i would, i favor a comprehensive federal law in this arena and am supportive of that. Host lynn stanton. Support of not just data privacy, but Data Security legislation. Guest absolutely. That legislation tends to focus on obligations to protect and after the fact punishments the if you dont, but for consumers it would be much better if the breaches never happened, if they wouldnt have to deal with the fact that they were exposed to Identity Theft and other issues. Why havent companies done more up to this point given the Public Relations night pairs that these kinds of nightmares that these kinds of exposures take and also financial obligations that may occur in doing credit protection and what not . Guest so i think youre hitting an important point, which is the companies do need to be doing more at the front end. You mentioned Data Security which i havent yet spoken too much about. We are looking at the front end. Under our authority what we expect of companies is that they provide reasonable and put in place reasonable security measures to protect the Consumer Information that they use as part of their business operations. Be we do find, as youre suggesting based on our experience and enforcement work weve done in this area, we find that Many Companies are still not putting in place appropriate security measures to protect the Consumer Information that they maintain, that they collect and that they use. That experience that we have is backed up by day data. Verizon, for example, releases an annual report analyzing data breach incidents and finds that a lot of the intrusions that you see really are the result of sort of low difficulty hacking, basically. So, and what that tells me is that theres a lot more that Companies Need to be doing as a general matter. And were doing what we can through our Enforcement Authority, but also encouraging companies. We brought a security case, but really what were trying to do with our enforcement board is Alert Companies of their obligations to provide adequate security. Theres another area where as a Bipartisan Commission we unanimously have endorsed and support legislative action in this arena, have asked congress to enact both a robust Data Security law, also would have strong data breach notification requirements. Were also asking for Civil Penalty Authority for the ftc so that we can have greater deterrence in this arena. Wed also like to get jurisdiction over nonprofits which we currently lack, and we do find that nonprofits are subject to and have seen breaches in this area. So, clearly, more work needs to be done in that area. And then we also ask for some apa Rulemaking Authority to allow us to implement any such law. Host you are watching the communicators on cspan. Our guest this week is the chairwoman of the federal trade commission, edith ramirez. Shes a lawyer, shes a harvard law grad, and she served as one of the editors of the harvard law review prior to joining the ftc in 2010, shes been the chairwoman since 2013. Lynn stanton of Telecommunications Reports is a Senior Editor there. Hi. We were talking about Data Security, legislation. In the reality the political prospects for getting that passed anytime soon arent that great. Any legislation is a slim bet really at this time, and there are few issues that state authority enforce, they may prove to be stumbling blocks. Given the authority that you have right now, have you at all looked into the idea of one of these multistakeholder processes that the Commerce Department has been using with respect to privacy, and now theyve picked up one for patent online notification issues . Do you think thats an area that maybe working with consumer stakeholders and corporate and other stakeholders that have access to all this data could be a good approach . Guest absolutely. I think that selfregulation generally so long as you have a robust stan