Corporate America Is Building Its Own Surveillance State. Will the FTC Stop It? thumbnail

Corporate America Is Building Its Own Surveillance State. Will the FTC Stop It?

Image for article titled Corporate America Is Building Its Own Surveillance State. Will the FTC Stop It?

Photo: Jenny Kane (AP)

Americans are used to hearing about what a great country they live in—how lucky they are to have been born in, or to have immigrated to, the United States. “American exceptionalism”—a phrase, funnily enough, coined by Joseph Stalin—is an idea that, on the whole, is still embedded in the country’s collective identity. But even if Americans’ trademark optimism amid the post-war boom and in the years after the Great Inflation befit a nation singularly flush with opportunity and wealth—at least, for its white citizens—the idea that America is “exceptional” today, in the good sense, is best construed as a Pollyanna mindset rather than an honest reflection of its status on the world stage. Of the many dozens of so-called “developed” countries, America has the dubious honor of leading in metrics such as gun-related homicides, CEO compensation, military spending, healthcare expenses, obesity rates, childhood poverty, and a per capita incarceration rate—not to mention an overall number of incarcerated citizens—to name a few.

Thanks in large part to lobbying rules aptly described as “legalized bribery,” and its penchant for picking empty-shirted loaf-abouts to fill seats in Congress, there is another metric by which America has of late excelled: The near-constant surveillance of its own citizens by virtually any walking wad-of-cash so inclined. Beyond the most notable example set by Europe, a slew of high-to-upper-middle income countries including Portugal, Canada, Australia, and Brazil have passed nationwide laws aimed at shielding their people from precisely the kind of rampant data abuse that today underpins a not-so-insignificant chunk of the American economy. Some countries whose residents already enjoy the protections offered by Europe’s GDPR even have their own national privacy laws and the power to take unilateral action against corporate malefactors—which, by strange coincidence surely, always seem to be U.S.-based.

On the other hand, the U.S. agency at least abstractly tasked with protecting Americans’ privacy, the Federal Trade Commission, also happens to be the one most routinely referred to as “toothless.” The reasons for why it is so thusly maligned are varied: It has a privacy-enforcement staff no bigger than an MLB baseball team; an annual budget equivalent to that of a Midwestern state capitol; and its ability to financially “punish” (to get hyperbolic) multibillion-dollar corporations for even the most blatant acts of deception require first an act of recidivism. That said, the only proof of its shortcomings one really needs is a rudimentary grasp of the status quo: rampant, nonconsensual collection of people’s personal data by companies who publicly admit to doing so because, in the end, that’s the best way to attract the other companies, government agencies, and private individuals who might have an interest in buying it.

While in years past there have been repeated calls to erect a new bureaucracy to protect consumers, some notable legal experts have argued the FTC is already equipped, at least on paper, to dissuade privacy violators—should Congress ever decide to adequately fund and man the agency. Three university professors of information privacy law argued in print two years ago that: “In theory, the FTC has a broad enough jurisdiction and charge to handle diverse issues often labeled as ‘privacy,’ such as algorithmic manipulation and accountability.” Very recently it took action against a San Francisco-based photo storage company that deceived its own users (read: lied) by using their photos as fuel for a facial recognition algorithm. Not only was the company ordered to delete its ill-gotten data, the algorithm built upon it was also ordered destroyed.

Not everyone agrees with these esteemed experts. Not a week later, the former director of the FTC’s consumer protection bureau wrote for the New York Times: “[I]n fact, the F.T.C. lacks both the legal authority and resources to be fully effective in this area.” Attempts to pass comprehensive privacy legislation that would actually equip the agency have been completely ignored by both Democratic and Republican leaders, who notably, in the wake of the infamous Equifax breach of 2017, in which some 145 million people were compromised, held a series of public hearings lambasting a group of limp executives on TV before proceeding to do absolutely nothing useful.

G/O Media may get a commission

On Thursday, a coalition of more than 50 civil and pro-privacy rights organizations released an open letter asking the FTC to take action against what they deem “industry-wide data abuse,” hoisting up Amazon—a private surveillance company that also sells books and other goods online—as their primary culprit. It is “not possible,” they wrote, for Amazon, Earth’s largest online retailer, “to garner meaningful consent” from the people whose data it collects on a massive scale, “as people can’t know or judge the far-reaching future harms” of that collection. “Furthermore, Amazon’s power forces users with no bargaining power to accept onerous and objectionable terms of use, such as granting Amazon the right to use data taken from their private lives for biometric data and AI training.”

Among other actions, the groups requested the FTC pursue an outright ban on facial recognition technology—such as the kind sold by a little-known company called Clearview AI, which has boasted of scraping billions of images of people off social media without their consent and handed low-level street cops the ability to search its database from personal mobile devices without the knowledge of their superiors. Because the people whose privacy Clearview violated weren’t actually Clearview customers, there’s doubt the FTC’s purview even extends to such flagrant acts of piracy.

In December, FTC Commissioner Rohit Chopra kicked off a speech before a virtual crowd at privacy forum hosted online due to covid-19, “I’ll begin by saying that I believe the current state of facial recognition is flawed and dangerous,” adding: “I support the actions taken by many cities in the United States that have instituted outright bans and moratoria.” Chopra would later ask: “Are we going to allow powerful technology firms to experiment on us without regard to invasion of privacy and harmful discrimination?”

The answer is decidedly, “maybe.”

Reached by Gizmodo on Thursday, the FTC declined to say whether it supported a ban against facial recognition or whether it would even consider one. Asked whether it believed it even had the authority to do so, a spokesperson replied, “We don’t have any comment.” So while authorities in other countries are busy taking aggressive steps to guard their data against incorporated vampires, Americans are for now left to wonder whether they’ll be saddled with their own exceptionality yet again, drained of any semblance of self-ownership thanks to a feckless government too lame and corrupt to protect them.

Drop your comment right here.