Media Advisory
November 13, 2018
Contact: Randolph May at 202-285-9926
Free State Foundation President Randolph May, Senior Fellow Seth Cooper, and Research Fellow Michael Horney submitted comments to the National Telecommunications and Information Administration (NTIA) in response to its proposed approach to advance consumer privacy while protecting prosperity and innovation. FSF's comments focus on how consumers' privacy is best protected by case-by-case enforcement by the Federal Trade Commission.
The complete set of Free State Foundation comments, with footnotes, is here .
Immediately below is the " Introduction and Summary " to the comments, without the footnotes.
Introduction and Summary

These comments are submitted to NTIA regarding its proposed approach to advance consumer privacy while protecting prosperity and innovation. NTIA's principle-based approach sets out desired privacy protection outcomes for consumers as well as high-level goals for federal action to protect privacy. In these comments, we focus on how case-by-case enforcement by the Federal Trade Commission (FTC) offers the best means for achieving federal goals for a harmonized system of clear legal rules that facilitate flexibility in privacy protection approaches for consumers. Our comments identify steps for bolstering the FTC's jurisdiction over consumer privacy and for establishing the agency as the common enforcer of privacy protections across all online service platforms. At the same time, the comments emphasize that overly restrictive privacy policies, such as ubiquitous mandatory opt-in, that are inconsistent with consumers' preferences will reduce the amount of information available to satisfy consumer demands.
We commend NTIA for pursuing consumer privacy protections by "[r]efocus[ing] on the outcomes of organizational practices, rather than on dictating what those practices should be." In other words, NTIA rightly seeks to cultivate " a set of inputs for building better privacy protections into products and services." The stunning variety of existing and emerging digital services and applications involving significantly different uses of various types of consumer information makes detailed government-prescribed codes unrealistic, unworkable, and likely detrimental to innovation, investment, and consumer welfare. Instead, NTIA's Notice rightly calls for an approach to protecting consumer privacy by "managing risk and minimizing harm to consumers from collection, storage, use, and sharing of their info." This approach is suited to today's dynamic digital services ecosystem, and ultimately necessary for "balancing flexibility with the need for legal clarity and strong consumer protections."
Online consumers expect consistent rules to protect their privacy throughout the United States. Therefore, privacy regulation in the U.S. should reflect those expectations, whether consumers are doing business with an Internet service provider (ISP) or an edge provider like Google or Facebook. Case-by-case enforcement by the FTC offers the best means for a harmonized system of clear legal rules that enables flexibility and that is conducive to desired privacy protection outcomes. The FTC's capabilities, expertise, and analytical approach toward consumer privacy make it the preferred agency to serve as a common enforcer of privacy protections. Unlike a proscriptive approach relying on ex ante rules, a case-by-case approach allows for individualized examination of the type and use of consumer data involved as well as the underlying digital content, service, or application. Agency enforcement precedents provide a prophylactic function and guidance regarding what privacy practices are permitted or not. And by avoiding rigid categorical restrictions, a case-by-case approach is hospitable to experimentation and innovation in new digital services and privacy protection measures.
The FTC's present approach to collection of consumer information generally comports with consumers' online expectations. With regard to personally identifiable sensitive consumer information, like financial and health records, the FTC requires an affirmative "opt-in" choice for the collection and use of such data. And with regard to non-sensitive consumer information, like general web browsing or application usage, the FTC's policy is to allow opt-out as the default choice for the collection and use of such data.
Many online service providers allow consumers to access online services and content without the payment of fees. There is considerable evidence that Internet consumers value "free" content and services, even if it means they must share personal information. Thus, consumers "pay" for accessing online content by exchanging their personal non-sensitive information. By collecting consumer information and making that data available to advertisers, online providers are then able to deliver prospective consumers targeted ads they value.
Further, the FTC's approach requires that online service providers make the relevant privacy disclosures about information collection and use "clearly and prominently, immediately prior to the initial collection of or transmission of information, and on a separate screen from any final 'end user license agreement,' 'privacy policy,' 'terms of use' page, or similar document." When consumers are presented the relevant information regarding their privacy protection choices, they are able to make informed decisions that reflect their preferences.
There are some important steps that Congress should take to bolster the FTC's jurisdiction over consumer privacy and to establish the agency as the common enforcer of privacy protections across all online service platforms. Transferring the FCC's privacy jurisdiction over traditional telephone, cable, and direct broadcast satellite (DBS) services to the FTC is one step. Due to technological convergence, continued enforcement of legacy FCC privacy regulations is increasingly arbitrary and likely to result in one set of providers being unfairly disadvantaged by being subject to overly-restrictive and unevenly applied rules that do not match current market realities. Consumers and online service providers alike would benefit from a simpler, more consistent set of privacy expectations.
Internet communications do not stop at state borders and neither should privacy laws. To the extent that any state laws and regulations impose more stringent requirements on service providers than those set at the federal level, then those state laws and regulations that conflict with federal policy should be preempted.
A PDF of the complete FSF comments, with footnotes, is here.

* * *
Randolph J. Ma y, President of the Free State Foundation, is a former FCC Associate General Counsel and a former Chairman of the American Bar Association's Section of Administrative Law and Regulatory Practice. Mr. May is a past Public Member and a current Senior Fellow of the Administrative Conference of the United States, and a Fellow at the National Academy of Public Administration.
Mr. May is a nationally recognized expert in communications law, Internet law and policy, and administrative law and regulatory practice. He is the author of more than 200 scholarly articles and essays on communications law and policy, administrative law, and constitutional law. Most recently, Mr. May is the co-author, with FSF Senior Fellow Seth Cooper, of the recently released A Reader on Net Neutrality and Restoring Internet Freedom and #CommActUpdate - A Communications Law Fit for the Digital Age as well as The Constitutional Foundations of Intellectual Property , and is the editor of the book Communications Law and Policy in the Digital Age: The Next Five Years . He is the author of A Call for a Radical New Communications Policy: Proposals for Free Market Reform . And he is the editor of the book, New Directions in Communications Policy and co-editor of other two books on communications law and policy: Net Neutrality or Net Neutering: Should Broadband Internet Services Be Regulated and Communications Deregulation and FCC Reform .

Seth L. Cooper  is a Senior Fellow at The Free State Foundation. He previously served as the Telecommunications and Information Technology Task Force Director at the American Legislative Exchange Council (ALEC), as a Washington State Supreme Court judicial clerk and as a state senate caucus staff counsel. He is an attorney, and he graduated from Seattle University School of Law with honors. Mr. Cooper's work has appeared in such publications as  CommLaw Conspectus , the  Gonzaga Law Review , the  San Jose Mercury News , the  Des Moines Register , the  Baltimore Sun , the  Washington Examiner , the  Washington Times , and  The Hill .

Michael J. Horney is a Research Fellow at The Free State Foundation. He is a graduate of George Mason University, where he received a Master of Arts in Economics and was awarded a Mercatus MA Fellowship. He earned his Bachelor of Science with an Economics major and Political Science minor at Towson University. Mr. Horney was an MA Fellow and Research Assistant on policy research at the Mercatus Center at George Mason University, focusing on regulations, technology policy, and education policy, and he served as a Graduate Intern for the Committee on Ways and Means' Subcommittee on Social Security.
The Free State Foundation's newest book A Reader on Net Neutrality and Restoring Internet Freedom , by Randolph May and Seth Cooper, is available from Amazon  here  in paperback for $9.95 or for your Kindle  here  for $2.99. And it is available  here  from Apple and other booksellers in various e-book formats for $2.99 or less. Read more about the book  here .
By the way, when you are shopping for books or other items on Amazon, please login through AmazonSmile here . If you do so, Amazon will donate 0.5% of the price of your purchases to the Free State Foundation. We know that it is a small donation, but every little bit helps to support our work!
A Free Market Think Tank for Maryland......Because Ideas Matters and FSF are registered trademarks of the Free State Foundation.
All trademark and copyright rights are reserved.