The Federal Trade Commission’s (FTC) Bureaus of Consumer Protection and Economics will host a workshop to examine consumer injury in the context of privacy and data security on Dec. 12, 2017. Consumer injury is often difficult to quantify generally and especially challenging when there are allegations of a privacy or data security breach or other types of unauthorized access to personal information. The FTC’s workshop will explore how to measure accurately such injuries; what frameworks might be used to assess different injuries as well as how consumers and businesses evaluate the benefits and costs associated with providing, collecting and using personal information.
As announced in its public notice the FTC is seeking public comment to aid its analysis of these issues.
- What are the qualitatively different types of injuries from privacy and data security incidents? What are some real life examples of these types of informational injury to consumers and to businesses?
- What frameworks might we use to assess these different injuries? How do we quantify injuries? How might frameworks treat past, current, and potential future outcomes in quantifying injury? How might frameworks differ for different types of injury?
- How do businesses evaluate the benefits, costs, and risks of collecting and using information in light of potential injuries? How do they make tradeoffs? How do they assess the risks of different kinds of data breach? What market and legal incentives do they face, and how do these incentives affect their decisions?
- How do consumers perceive and evaluate the benefits, costs, and risks of sharing information in light of potential injuries? What obstacles do they face in conducting such an evaluation? How do they evaluate tradeoffs?
The comments will likely inform the agenda and the discussion of topics at the workshop. We will post the agenda and speakers, as well as links to the comments when they become available.
Comments can be submitted online until October 27, 2017.