There’s one debate over privacy in Congress and another at the Federal Trade Commission, but the two are tightly linked, former FTC acting chair Maureen Ohlhausen told Protocol — and not in a way that’s good for the agency’s plans.
Ohlhausen, a Republican, is now co-chair of a group that represents internet service providers, and she testified at a House hearing Tuesday on the bipartisan, bicameral privacy proposal currently under consideration. Although the measure still faces headwinds in the Senate, Ohlhausen said she thinks lawmakers are much closer to an agreement than when she left the FTC in 2018. She also said that, with some tweaks, the measure would have a lot more to offer the business sector than the status quo, despite the complaints from some powerful lobbying interests.
The conversation kept returning to the FTC, however, and for Ohlhausen, many of her concerns about where privacy rules could go revolve around the agency where she also spent more than a decade as a staffer. She sees danger in current chair Lina Khan’s push for the FTC to undertake a privacy rule-making, as much to companies that use consumer information as to the agency itself. Khan has said she’s trying to reinvigorate an FTC that’s long let consumers down and deferred to big business, but Ohlhausen repeatedly joined Khan’s critics in urging her to stick to punishing companies one at a time, bring GOP commissioners back into decision-making and address staff discontent.
This interview has been edited for length and clarity.
You've testified in Congress about privacy legislation a few times over the last couple of years. How did this hearing rate?
I think it's enormous progress. We have a lot of different people representing different aspects of the ecosystem. They are generally supporting the bill. And we also saw a lot of bipartisan agreement, bicameral agreement. We can see progress from the first time I testified on this after I left the FTC. You can see that there has been this movement of more people getting on board, more different pieces coming together.
Preemption and consumer lawsuits have been the biggest fissures for years now, but lawmakers have mostly found compromises there. What did you hear at the hearing that seemed it might be among the toughest things for lawmakers to come together on now?
You can see some of the issues involving the definitions. So [issues could arise on] the definition of “algorithm,” because that's very broad. I mean, the definition is “a computational process including” — not “limited to” — “one derived from machine learning or artificial intelligence techniques, that makes or facilitates a decision or facilitates human decision making with respect to covered data.” That's really broad, because those other things don't limit it. It says it includes them. I think that's one of the concerns, that it can be extremely burdensome if you need to do one of these [algorithmic] impact assessments for every computational process you do on data that helps a human decision.
And then the other [potential issue] was on sensitive covered data. Several members mentioned we need to preserve the business model that has allowed all these free, incredible services to be available to consumers. Targeted advertising seems to be explicitly allowed with opt-out, but some of the definitions of sensitive data make it unclear, because it seems like it would actually require opt-in. I think there was an understanding that you don't want to break a business model. You want to give additional protections there, and maybe you want to change it. But it has been a source of, I think, enormous consumer benefit and competitive benefits.
A lot of the folks who are testifying along with you were suggesting fixes. But we’re also seeing the Chamber of Commerce more or less opposing this. It kind of represents business writ large. Do you think the business community is going to try to stop it?
I think the business community really wants this to pass. The position that the Chamber put forward, I wasn't hearing that from the Republican committee members. All the witnesses represented different constituencies, some of them other business constituencies. They were generally positive on it. They weren't saying, “Oh, rip this up and start over.” They were saying, “Well, you know, watch out here, clarify that, don't go too far here.” But no sense of general opposition.
There are concerns about some of the actions the FTC has been taking, and what it might do given very open-ended authority, but I've always said the way forward is for Congress to give the FTC clear direction. This bill really does that. FTC leadership wants to engage in very broad rule-making. But I think this bill is much more: Congress makes those hard cuts, [gives] clear guidance. The FTC has the enforcement role and the more limited role of filling in some of the details under congressional direction.
[The bill] needs some tweaking, but I think it really is a good path forward. I do think there is a lot of business support for it. I think they would rather have this bill than some sort of open-ended FTC rule-making. I think the expectation from some who want to push that [rule-making] is that they will somehow be able to put all these new restrictions in there. The FTC only has the authority Congress gave it. They shouldn’t be a legislature.
Chair Khan did a bunch of media interviews last week, and when she and I talked, she seemed to be particularly interested in regulating data, maybe even if Congress goes ahead with this law.
If this bill passes, I think it would be kind of odd for the FTC to go off on its own and do some separate rule-making. I think you've gotten pretty clear direction from Congress about where the boundaries are, where Congress has made the decision on balancing consumer rights and the beneficial uses of data. I would hope the FTC wouldn't go forward. They’re going to have enough to do under this bill.
The other thing is, when I was acting chairman for about a year and a half, we did plenty of privacy enforcement. It had to be bipartisan because it was just me and Terrell McSweeny: one Republican and one Democrat. Rule-making is not the only path. The FTC can proceed through case-by-case enforcement like it has, which I think has been fairly effective.
It's also possible that there might be some limited rule-making that Republicans would support, and you've seen that already in some other consumer protection areas. It's possible that Chair Khan wants to go down this road, but there are a lot of risks and opportunity costs. If you're doing [rule-making], you're not bringing enforcement cases. We've seen a big drop-off in enforcement in her first year, and it's not because she didn't have a majority. I didn't have a majority, and enforcement did not fall off. Maybe she'll continue down that road, but I'm hopeful Congress passes this bill and then the FTC just moves forward on implementing the bill.
People talk a lot about Khan’s tenure producing an unusually partisan commission. Do you think that's right? It's not as if there have never before been party-line votes, debates or stinging dissents.
I think this is very different. [During my time,] we got a lot done. There were a few things we disagreed on. We agreed to disagree, and we moved forward. And we kept up a high level of enforcement. Staff was very happy, and that was at a time when there was a lot of anxiety: What's the Trump administration going to do? What we're seeing now is changes to reduce the ability of other commissioners to get information to participate in things. I haven't seen that before. I was at the commission for six and a half years; I was in the majority for three months. But it was always very, very functional. I didn't feel, when I was in the minority in the Obama administration, that I was cut off. The chair’s office runs things, but it was on a much more collegial basis. And I think you see that reflected also in how the staff has responded. There's lots of reports about career staff saying, “The chair doesn't talk to us. We don't get an opportunity to weigh in.” I'm not in the building, but I think that reflects a different management style than we've ever seen at the FTC previously.
I wonder if you could talk about some of the external threats that the FTC is facing. I'm thinking of the Axon case coming up to the Supreme Court. It seems like, by next year, the justices may well say that companies facing the FTC’s internal, court-like system can challenge the whole process in federal court and make the FTC go through a sort of pre-litigation litigation.
I used to say, “Avoid doing things that unite your enemies.” The FTC is a small agency with a vague statute. When it stuck generally to case-by-case enforcement on the antitrust side, and seeking redress in limited cases against fraudsters, it got a lot of support. Congress was happy. We brought cases that big companies didn't like, not saying that we didn’t. We challenged things, but the current FTC is pushing into saying, “Well, we now want to take on much more of a regulatory role. We want to do rule-making.” It's at a time also where the fundamental structure of agencies like the FTC is being re-examined. The FTC is facing a lot of headwinds in that area, and it needs to be careful. People say, “The FTC can do this, and they can do that, and all they risk is losing that case.” And I say that's absolutely not true. They gambled on disgorgement and lost big [at the Supreme Court], because it brought together enough people saying, “There aren't enough guardrails on this. It's not rooted in the statute.” That's kind of what I see here: concern about pushing against all these boundaries that will put the entire structure of the agency at risk. Pushing these aggressive theories at a time when the agency’s foundational structure is being questioned just creates a dangerous possibility that the agency loses more than just that case.
