When Federal Trade Commissioner Julie Brill steps down March 31 after a six-year run in her post, marketers and privacy advocates will say farewell to an assertive, well-informed advocate for consumer protections. They will, of course, have different reactions to that.
Ms. Brill, who said this week that she is joining law firm Hogan Lovells as a partner and co-director of its Privacy and Cybersecurity practice on April 1, was nominated to the commission in 2010 by President Obama. Even before she joined the FTC, Ms. Brill was expected to be a strong proponent of data privacy and security, having made privacy protection a focus of her work throughout her career. She had previously served as chief of consumer protection for the State of North Carolina and earlier was an assistant attorney general in Vermont, testifying before Congress at hearings related to consumer protection and financial data privacy. She was also co-chair of the National Association of Attorneys General Working Group on Privacy.
Ms. Brill's departure comes as the FTC's fellow watchdog, the Federal Communications Commission, has proposed consumer data privacy rules for internet service providers and mobile operators, new jurisdiction for the FCC as a result of the agency's adoption of net-neutrality rules for broadband last year.
While some have suggested that the FCC oversight weakens the FTC, Ms. Brill told attendees at a Georgetown Institute for Public Representation and Center for Privacy and Technology Symposium on Privacy and Net Neutrality in November 2015 that the FCC's expanded role was a benefit.
"The Open Internet Order makes the FCC a brawnier cop on the privacy beat," she said, "and I welcome its enhanced presence on the scene."
As FTC commissioner, she frequently reminded the marketing and data industries that the commission was not only monitoring their practices but well aware of innovations rapidly advancing data collection and use.
Data brokers are 'taking advantage'
In 2013, Ms. Brill stunned marketers and the data industry by declaring at a Computers, Freedom and Privacy Conference in Washington that data brokers were "taking advantage of us without our permission."
She wanted Congress to legislate an initiative she called "Reclaim Your Name," which would establish technical controls allowing people to access the information that data collectors store about them, control how it is shared and correct it when necessary. The suggestion took the Direct Marketing Association by surprise.
In the same speech she implied that the FTC believes mobile device IDs are indeed personally-identifiable, a contention that marketers often resist. "Information linked to specific devices is, for all intents and purposes, linked to individuals," she said.
Ms. Brill reasserted the call for a Reclaim Your Name program in an October 2013 Ad Age guest column. "Data brokers, marketers and other companies that join the big-data stampede while ignoring basic privacy principles do so at their own peril," she wrote.
Data collection conundrum
Lots of companies gather data without any clear reason, simply because they might have use for it down the road, Ms. Brill said during an Advertising Week panel in September 2014. "That's really punting the problem," she said.
Internet of things
Ms. Brill also used her tenure to call for caution as marketers begin to weave the so-called Internet of Things into consumers' lives, urging companies to incorporate privacy-by-design in connected devices. "Engineers and technologists will have to ensure that connected devices build in privacy from the start," she wrote in her Ad Age column, "collecting the minimum of data necessary to make a device function, and creating a consumer-friendly dashboard that explains the data the device collects, the uses of the data and who might see the data."
Sharing can't be forced
In April 2012 she warned companies that taking without asking isn't very nice. "What is all the fuss, then, about privacy in this space?" she asked during a Broadband Breakfast Club event. "Aren't users voluntarily jumping into the social media stream, choosing to reveal their information, clamoring to share more and more? I'll tell you who can answer that question: Any parent who has watched in horror as her child grabs a toy from a sobbing playmate, claiming, 'But he wasn't sharing.' Taking is not sharing; sharing can't be forced. Many privacy problems online arise when companies forget that basic principle of the playroom."
Sloppiness not acceptable
Even marketers and data handlers that espouse privacy principles need to make sure they execute, Ms. Brill made clear. "We're going after the players who share online data sloppily," Ms. Brill said in March 2013 at a Direct Marketing Association's conference. She cited successful prosecutions of mobile device maker HTC America, the Path social-networking app and others.