Commissioner Joshua Wright accused the Federal Trade Commission of fear mongering when it come to the potential privacy harms of data collection.
Wright, one of two Republicans on the FTC and an economist by trade, singled out two of agency’s recent reports during a speech Thursday at the Chamber of Commerce in Washington.
In a stunning take-down of the agency’s recent Internet of Things report published last December and the Data Broker report published last May, Wright said the agency chose a “more narrative and anecdotal approach to identifying the potential effects of regulating the collection and use of data” over a “more analytical, evidence-based data policy based on economic analysis.”
In both reports, Wright found the language used in the reports paints data collection and big data as “inherently suspect,” and “sound[s] like the commission is offering readers a reason to share its generalized fear of data,” Wright said.
As an example, Wright cited a breathless passage in the IoT report: “the sheer volume of data that even a small number of devices can generate is stunning…fewer than 10,000 households…can generate 150 million discrete data points a day.”
“So what?” Wright countered. “The fact that there are millions of data points is not—in and of itself—a privacy risk.”
While Wright found these sort of examples distasteful, he really takes offense when the commission based its recommendations on anecdotes gleaned during FTC workshops in order to draw up business best practices and make legislative recommendations.
“We seem to have created a third category of reports, we hold a workshop, we don’t do any data analysis…and issue a report….When we get to specific recommendations for congress or businesses to do things, we have no idea if that will make consumers better off. It is my hope that will change,” Wright said in response to a question from the audience. “The agency has the resources to do good reports. For me it’s puzzling and frustrating that we’ve opted not to do that,” he said.
An entire lexicon of terms has popped up in the recent years in the privacy, data collection, and big data debate, what Wright called “slogans and catchphrases” that haven’t been consistently defined and obscure the debate, terms such as: big data, data broker, data minimization, privacy by design, security by design, sensitive, and device ID.
The terms, Wright said, should not be used as a “substitute for the sort of rigorous economic analysis required to understand the tradeoffs facing firms and consumers,” he said.