Today, Sept 8th, the FTC held a Public Forum on commercial surveillance and data security and I made a public comment that you can find below.
I think the community focused on SSI should collaborate together on some statements to respond to the the FTC advance notice of proposed rulemaking related to this and has a series of 95 questions (in federal register or on the FTC site) that it invites written public comment on by October 21st. Here is a 3 page fact sheet about what they are focused on.
The Federal Trade Commission (“FTC”) is publishing this advance notice of proposed rulemaking (“ANPR”) to request public comment on the prevalence of commercial surveillance and data security practices that harm consumers. Specifically, the Commission invites comment on whether it should implement new trade regulation rules or other regulatory alternatives concerning the ways in which companies collect, aggregate, protect, use, analyze, and retain consumer data, as well as transfer, share, sell, or otherwise monetize that data in ways that are unfair or deceptive.– federal register
Here are my Comments:
Thank you, My name is Kaliya Young and my online handle is “Identity Woman” – I have been working for 20 years on the challenge of how people can control and represent their digital selves online with dignity and be empowered. I co-founded the Internet Identity Workshop in 2005 and continue to convene it every 6 months.
A lot of of the questions put forward relate to regulating these “bad things” happening by companies to people. I also encourage the FTC to take a forward looking approach by consider the work of values based technical communities working on alternative mechanics for data sharing between consumers and companies.
Two projects I advise Dazzel Dao and JLINX are seeking to end surveillance capitalism via open standards and open source tools to:
- Give people tools collect of data that they generate in the digital world
- Being able organize and get value from THEIR data from a range of sources
- and ways to share data under the consumer’s control with companies they trust in with new mechanisms to technically withdraw consent for having the information.
Rule making should support these positive constructive efforts of ethical technologists.
The risk of technology are often not seen until it is too late – I want to bring the Commissioners attention to a key issue that they could help with under the rule making related to data security as it relates to digital wallets – needed for the exchange and sharing of data between consumers and companies via protocols like Verifiable Credentials.
There is a very real risk that because two companies control the mobile handset operating systems – Apple and Google – the will work to limit access to the APIs within the phone preventing any wallets created by other companies working well.
This doesn’t have to happen and the risk of it happening will be reduced if the FTC gets involved to ensure a level playing field for wallet makers – and ensuring consumers will have a choice of who they trust with the sensitive data about who they transact with across the digital world. Thank you.