Blog Posts By:

Ed Mierzwinski,
Senior Director, Federal Consumer Program

Today, 7 member groups of the European Consumer Organization (BEUC) asked each of their national Data Protection Authorities to investigate Google Android's smartphone locational data collection practices following an investigative report by the Norwegian Consumer Council (Forbrukerrådet) finding that Google may be in violation of the new European GDPR privacy law. All the groups are members of the U.S. PIRG-backed TransAtlantic Consumer Dialogue, which itself  followed up on the report and EU actions with a letter to the U.S. Federal Trade Commission. Meanwhile, as the Senate prepared for an afternoon FTC oversight hearing today where Facebook may be a focus, we joined leading groups in a separate letter to complain to the FTC about its biased staff report that adopts unsubstantiated industry claims in defense of an FTC call to the administration for weak baseline privacy choices. 

Next year, a highly-anticipated privacy and data rights battle will occur in Congress. Powerful special interests from Google to Facebook are responding to the new European General Data Privacy Regulation (GDPR) by seeking to quash any similar effort to protect U.S. consumers while simultaneously seeking to preempt a new California privacy law before it takes effect in 2020. Will we continue as data collector products, not their customers, or will we gain control over our own financial DNA? The state PIRGs are in this one; guess which side we're on. Today we joined 34 leading groups in issuing shared Privacy Principles.

This guest post from Nathan Acks of the State PIRG Internet Security team offers background on the latest Facebook breach and what you can do.

Ten years ago this weekend the collapse of investment bank Lehman Brothers marked the massive financial collapse of 2008. Millions of Americans lost homes, jobs and trillions of dollars in retirement savings. Today, the financial collapse hasn't been forgotten, it's being ignored by Congress and Wall Street.

On Thursday, 13 September, the House Financial Services Committee is to consider the latest in a long series of data security and data breach bills that Congress takes up at the request of the banks. These Trojan Horse bills come riding in with few, if any, protections riding in the saddle, but massive elimination of stronger state laws hidden in the belly of the beasts. The proposal, HR6743, the Consumer Information Notification Requirement Act (Luetkemeyer (MO)), might also be called the “Equifax Protection Act.”

We've joined leading consumer, civil rights, labor and older American organizations in a comment letter urging the Securities and Exchange Commission (SEC) to strengthen its proposed "Regulation Best Interest" intended to ensure that all broker-dealers and other individuals and firms offering investment advice act do so in a fiduciary capacity, or in the best interest of their investor-clients. (Right now, it doesn't).

We've joined complaints that two behemoth firms are in violation of Federal Trade Commission privacy rules. In the first, U.S. PIRG joins the Electronic Privacy Information Center and other groups claiming that a number of Facebook's practices - particularly, its use of facial recognition techniques without consent -- violate a previous 2011 privacy order. The facial recognition practice may also violate PIRG-backed Illinois law. Second, we join the Center for Digital Democracy's filing alleging that Google's YouTube collects information about kids in violation of the Children's Online Privacy Protection Act (COPPA). And we haven't forgotten about Equifax.

This month, Scott Tucker, a payday lender who used his proceeds to fund a LeMans racing team, was sentenced to 16 years in jail on federal racketeering and other charges.   Last fall, his former business partner Charles Hallinan, known as the Philadelphia Main Line "godfather" of payday lending, was also convicted of federal racketeering charges. Tucker and Hallinan's main business model? Their claim that their payday loan enterprises were for the benefit of Native American tribal partners and therefore subject to tribal immunity. The authoritative public interest law firm Public Justice speculates: "Tribal Immunity" may no longer be a Get-Out-of-Jail Free Card for payday lenders." It's about time.

With the departure yesterday of director Richard Cordray from the Consumer Financial Protection Bureau, we don't doubt that the President has the authority to nominate a new director of the Bureau. But the President's assertion later that day that he can and would appoint his own temporary or acting director -- at odds with the plain language of two laws --  places the bureau's leadership in crisis.

Like clockwork, after any big data breach is disclosed, powerful special interests seek to turn the problem into a bigger problem for consumers by  using it as an opportunity to enact some narrow federal legislation that broadly eliminates state data breach notice, state data security and other privacy protections.  I testified yesterday in the House warning of their Trojan Horse efforts, which not only take away existing laws, but deny any new laws, even on new problems identified.