Simons Cautions Against Naming Executives as Defendants
The FTC should be wary of regularly naming executives in complaints because it results in more litigation, fewer resources and fewer cases, Chairman Joe Simons told reporters Wednesday. Earlier, at a House Consumer Protection Subcommittee hearing, lawmakers discussed the agency’s possible settlement with Facebook. Critics urged the FTC to name CEO Mark Zuckerberg and hold him individually accountable for privacy violations.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
It’s “certainly” an option to hold an executive liable, if he or she knowingly violates the law, Simons said, without addressing any case. In addition to being named, the person could be subject to a civil penalty, injunctive relief and certification requirements, Simons said. He emphasized the associated risks: “You really have to think about what’s the right balance.”
A point of contention arose during opening remarks from ranking member Cathy McMorris Rodgers, R-Wash., who questioned the need to grant the FTC rulemaking authority under a new privacy law: “It should not be transformed from a law enforcement agency to a massive rulemaking regime.”
Chair Jan Schakowsky, D-Ill., described that as “more than a note of caution” about rulemaking authority. “We will hopefully be able to work that out,” Schakowsky told reporters after the hearing.
During the hearing, Simons asked members to “please” not grant the agency “broad” rulemaking authority. Instead, the FTC needs targeted rulemaking authority modeled after a statute like the Children’s Online Privacy Protection Act. The last thing the commission wants is for Congress to “dump the question on us,” Simons said, cautioning against politicizing the agency. Social value judgments should be made by elected officials, not federal agencies, he said.
House Commerce Committee ranking member Greg Walden, R-Ore., agreed after the hearing that Congress should “do the heavy lifting.” Asked if the agency needs more than about 40 staffers working on privacy issues, a point Democrats echoed throughout the hearing, Walden told us the agency, more than anything else, needs “clear direction.” Every agency “is going to say, 'I can figure out a way to spend'” more, he said.
Asked by Rep. Darren Soto, D-Fla., Simons declined to disclose a dollar amount for a potential settlement with Facebook. Commissioner Rohit Chopra urged the agency to look at corporate leadership when investigating privacy violation: For some firms, fines seem like parking tickets, and the FTC can’t change behavior unless it’s targeting decision-makers who clearly violate the law with real penalties. Asked after the hearing if he plans to add to his agency’s team of about 40 privacy staffers, Simons said he will if it gets more resources.
Simons was asked about his decision not to hire a chief technologist. It was one of the first things he considered when he started as chairman. He credited the decision with an odd organizational structure that would have left the chief technologist without a staff. The Consumer Financial Protection Bureau also has its own technologist, Simons said. Instead of hiring a chief technologist, he opted to create the agency’s tech competition task force (see 1902280077), to have “more boots on the ground” for related investigations.
Simons and Commissioner Rebecca Kelly Slaughter agreed the agency could use more than five technologists. They educate attorneys and identify experts outside the agency, Simons said. Using funds to consult experts on a case-by-case basis allows the agency to be nimble in addressing various technical issues, Commissioner Noah Phillips said.
Like Simons, Commissioner Christine Wilson backed civil penalty authority and “targeted” Administrative Procedure Act rulemaking authority. She also listed some unintended consequences of the EU’s general data protection regulation, including what she said is a decline in investment in tech startups and small businesses, related to compliance costs.
Pre-emption of state privacy laws is necessary to provide industry with “clarity,” Phillips said. He aired competition concerns about having a state patchwork of laws, which larger corporations can comply with easier than small businesses.