Agency Recommends Firmer Data, Algorithm Regulations to Protect Online Privacy

The National Telecommunications and Information Administration recommended new limitations on companies harvesting and selling online user data, as the federal government continues to explore potential consumer privacy protections. 

A new filing from the NTIA, a subsidiary of the U.S. Department of Commerce, discussed the various problems associated with how data is collected from online users, touching on issues ranging from business competition to user security and personal privacy. 

The document serves as a series of recommendations for the Federal Trade Commission in their ongoing open-comment period requesting input on future data security and commercial surveillance measures. Some of the most important suggestions NTIA officials underscored were to require companies to minimize data collection overall, restrict the usage of harvested data for targeted advertising, and to limit the usage of biometric technologies. 

“Strong privacy rules will help make the Internet a better place for everyone,” Alan Davidson, the assistant secretary of Commerce for Communications and Information, said in prepared remarks. “NTIA is calling for rules that stop the unnecessary and harmful collection and use of personal information. Companies need guardrails about what they can build, and NTIA supports the FTC’s efforts to put those rules in place.”

The NTIA’s recommendations broadly advocate policies that disincentivize commercial surveillance and user data exploitation. The agency specifically characterized the trending business model built on behavioral advertising—designed to keep users engaged with a platform for longer periods of time—as both harmful to individuals and smaller businesses that do not have the financial resources to adopt the same practices.

The filing also explained the need for more protections for health data collected by external organizations, which can store and sell sensitive health data at the expense of users because they are not subjected to Health Insurance Portability and Accountability Act provisions. 

NTIA officials acknowledged the FTC has attempted to take action to close this loophole, but that the agency lacks resources to restrict health data brokering. 

“Reorienting current incentives in the digital ecosystem that promote pervasive data collection should be a key goal of the Commission’s trade regulation rules,” the report said. 

The report also emphasized the need for strong algorithmic disgorgement penalties—which require companies to destroy algorithms in addition to data—to prevent businesses from profiting off a machine learning algorithm derived from user information obtained through “unfair or deceptive” tactics.

“The FTC’s role in protecting consumers and promoting competition is essential to a healthy digital economy, and rules can help ensure that the agency’s capabilities keep pace with the emergence of new technologies and business models,” the report reads. “The evolution of new technical capabilities and the legal challenges that the FTC describes in its notice have also strengthened the value of clear baseline rules for businesses and consumers. The FTC is uniquely positioned to develop these rules because of its subject-matter expertise from decades of law enforcement actions and policy explorations, as well as its broad authority over commerce.”