Smart speaker users are concerned about privacy and hacking but trust the companies providing the technology, said Edison Research and NPR. About 58 percent of smart speaker owners worry hackers could be using their smart speaker to access their home or personal information, but 54 percent trust the companies that make smart speakers to keep their personal information secure. Tom Webster, Edison senior vice president, said last week on a webcast that a lot of smart speaker owners are “resigned to the fact everything is listening, everything is keylogging, getting our information all the time anyway -- so maybe this isn’t all that different.” Joel Sucherman, NPR vice president-new platform partnerships, said consumers’ willingness to trade off a certain amount of personal data is “an extension of a handshake agreement” to give up some privacy for “functionality that makes my life better.” He compared the compromise to smartphone owners' willingness to allow Google Maps “to know exactly where I am … because I can get there now.” Study participants interviewed in Los Angeles, St. Louis and Richmond, Virginia, showed little concern about trading privacy for smart speaker benefits. One respondent indicated resignation: “I feel like the world we live in right now, we don’t really have privacy. We may feel like we do, but we don’t.” Of smart speaker owners, 4 percent own a smart speaker with a screen only vs. 69 percent with audio only and 27 percent who owned both. Interest in video is growing in devices such as Amazon’s Echo Show and Google’s Home Hub, said Webster: Twenty-nine percent of smart speaker adopters showed interest in a screen-based device, twice that of non-smart speaker owners. Screen-based smart speakers are driving discovery and seen as easier to use, Webster said. NPR originally viewed smart speakers with displays as companion products to audio, said Sucherman, but as voice assistants are increasingly built into other devices, such as Amazon’s Fire TV, that will open opportunities for “pure video and other creative uses of visual and audio accompaniment.”
Responding to reports that carriers sold customers’ real-time data location, the California Senate Energy, Utilities and Communications Committee cleared AB-523 with no member voting nay at a hearing livestreamed Tuesday. Wireless carriers oppose the bill but want to keep working with author Assemblymember Jacqui Irwin (D) as the bill moves to the Judiciary Committee, testified CTIA Government Affairs Counsel Steve Carlson. In talks with Irwin, CTIA agreed to an opt-in for customer location information and proposed other tweaks, but the latest amendments “go well beyond what we had hoped and had been discussing with the author,” Carlson said. The Assembly passed AB-523 in May by a wide margin (see 1905290016). Committee members at the hearing also unanimously cleared AB-911 to establish a mechanism for Californians to voluntarily provide vital health and safety information for first responders if 911 is called. The information would be kept confidential. Chairman Ben Hueso (D) supports the concept but shares the American Civil Liberties Union’s concern that the data could be used for racial profiling, he said. Assemblymember Freddie Rodriguez (D) hopes to address that issue in the Judiciary Committee.
Sens. Jerry Moran, R-Kan., and Richard Blumenthal, D-Conn., are open to moving forward with their own privacy bill, given uncertainty about the Senate Commerce Committee’s privacy working group (see 1906270053), three lobbyists told us separately. Ranking member Maria Cantwell, D-Wash., doesn’t believe the working group is the best way to reach consensus and is reportedly looking to negotiate bilaterally with Chairman Roger Wicker, R-Miss. That’s despite months of talks between Wicker and the original members: Moran, Blumenthal and Sen. Brian Schatz, D-Hawaii. Offices for the six involved in the group’s talks, including Senate Majority Whip John Thune, R-S.D., didn’t comment. Moran and Blumenthal are prepared to move forward regardless of the group's makeup, one tech lobbyist told us. Another said this signal from Moran and Blumenthal could be a negotiating tactic to bring the entire group to the table. The two remain committed to reaching consensus on privacy, especially given the group’s work this session, a Senate Republican lobbyist said. Moran “has been a great partner, and the work has been really substantive,” Blumenthal told reporters last week. “Other Republican and Democratic members of the committee have made immense” contributions, and “I’m still very hopeful.” Asked if he will move forward with Moran independently, Blumenthal said, “I’m not going to speculate about the future.”
Rural telecom providers are raising privacy concerns about the Universal Service Administrative Company, NTCA told the FCC, according to a document posted Wednesday to docket 17-287. USAC wants to compel providers' employees to share personally identifiable information (PII) if they interact with a Lifeline representative accountability database. Recently USAC said it will require date of birth, last four digits of a Social Security number, home address and email address from employees who perform Lifeline accountability verification efforts on behalf of their companies. NTCA is concerned USAC hasn't given telecom providers assurances about what measures it's taking to secure the PII. NTCA supports FCC efforts to curb fraud and abuse, but it believes those concerns should be addressed to independent sales agents and contractors rather than employees of service providers, the group said. ITTA raised similar concerns earlier this month (see 1906140022).
The Privacy and Civil Liberties Oversight Board voted to start three oversight projects. PCLOB said Wednesday it will review FBI searching data obtained under Foreign Intelligence Surveillance Act Section 702, examining "procedures and technology used to record queries and ensure compliance with applicable rules." Another initiative will review use of facial recognition and other biometric technologies in aviation security, and the third deals with airline passenger name records. The three reviews were approved unanimously by PCLOB members, a spokesperson emailed us. Parts of Section 702 expire at year's end (see 1906260033).
The FTC should penalize Google for allegedly violating the children’s privacy law (see 1906190045), Sen. Ed Markey, D-Mass., and consumer groups wrote the agency separately Tuesday. Markey urged the agency to halt Google’s data collection of users under 13 and to delete all related data, as a result of alleged Children’s Online Privacy Protection Act infractions. He asked the agency to subject the company to yearly audits and force it to implement mechanisms ensuring the platform follows proper age requirements. He asked the commission to make sure any new Google products aimed at children are reviewed independently for compliance. The Campaign for a Commercial-Free Childhood and Center for Digital Democracy urged similar remedies, in their letter. The groups recommended the FTC make Google “remove all channels in the Parenting and Family lineup, as well as any other YouTube channels and videos directed at children, from YouTube.” An agency spokesperson confirmed receipt of the letters. The company didn’t comment.
Reps. Debbie Dingell, D-Mich., and Gwen Moore, D-Wis., raised concerns, in a letter to FCC Chairman Ajit Pai, that the private, real-time location information sold by carriers could be used by domestic violence perpetrators to track down victims. “Abusers and stalkers often exploit technology to gain access to their victims’ location through GPS tracking and other cell phone apps, forcing victims to get new phones or wipe their current ones when they are trying to leave these dangerous situations,” they wrote. “We were extremely troubled to read about the ease with which wireless customers’ real-time location data can be acquired. … We urge you to take this matter seriously and to protect real-time location data to the fullest extent allowed under law, because domestic violence victims, victims of sex trafficking, and individuals in sensitive locations are at risk.” In May, Commissioner Jessica Rosenworcel sent letters to CEOs of the major carriers asking what they're doing to make sure real-time location information they collect isn’t being sold to data aggregators (see 1905010167). Commissioner Geoffrey Starks has also raised concerns (see 1902080056).
Sens. Mark Warner, D-Va., and Josh Hawley, R-Mo., introduced legislation Monday requiring “data harvesting companies” to disclose how consumer data are monetized and valued. The Designing Accounting Safeguards to Help Broaden Oversight and Regulations on Data (Dashboard) Act would apply to commercial data operators, like social media platforms, with more than 100 million monthly active users. Operators would have to file annual reports detailing “the aggregate value of user data they’ve collected, as well as contracts with third parties involving data collection.” The bill would implement user rights to delete data. The legislation would empower the SEC “to develop methodologies for calculating data value.” The premise that consumers are getting the short end of the bargain with online platforms by sharing data for free services is incorrect, said Information Technology and Innovation Foundation Vice President Daniel Castro. Sharing data, which can be offered to multiple companies, isn’t the same as paying monetary fees for service, he continued. But he agreed with Hawley and Warner that if a bill moves forward for calculating data value, the SEC is the right agency. American Enterprise Institute scholars Will Baird and Jim Harper criticized a separate tech-related bill from Hawley (see 1905200036), saying the Do Not Track Act would allow consumers to “block online companies from collecting any data beyond what is indispensable to the companies’ online services.” The legislation would “create regulatory headaches” for users, operators and industry while failing to increase user privacy, they wrote. The bill, aimed at improving online user experience, would also “mandate one of the most universally despised features of the internet: the pop-up” in order to inform users of a do not track option, they said.
The House Communications Subcommittee will mark up the compromise version of the Stopping Bad Robocalls Act (HR-3375) Tuesday afternoon, the House Commerce Committee said Friday. The bill combines language from an earlier version (HR-946) and other measures the House Communications Subcommittee examined in April (see 1904300212). HR-3375 would in part clarify the definition of a robocall and clarify exemptions to the Telephone Consumer Protection Act. It would also direct the FCC to issue rules requiring carriers to offer opt-out robocall blocking and caller ID services to consumers for free; increases to three years -- and in some cases, four years -- the statute of limitations for illegal spoofing; and would increase FCC ability to impose forfeitures against illegal robocallers (see 1906200061). The markup will begin at 2 p.m. in 2123 Rayburn, House Commerce said.
Smart TV viewership data collected by way of Gracenote automatic content recognition (ACR) is one of several signals that goes into the calculation of the company’s Video Popularity Score metric, emailed a Gracenote spokesperson Thursday to our question on data privacy. Gracenote announced Video Popularity Score Wednesday (see 1906190052) to help customers deliver discovery experiences where viewers are “connected to the movies and TV shows they want with the least amount of friction." Viewership is measured through a proprietary algorithm that analyzes consumption data covering linear TV, VOD and over-the-top from Nielsen Total Content Ratings, movie box office data from Gracenote and additional raw data from third-party sources, said the company. Awareness is calculated based on social media conversation measurement from Nielsen Social Content Ratings combined with engagement data from outside sources. The spokesperson told us viewing information is “fully anonymized and cannot be linked to Personally Identifiable Information. As with all ACR implementations on Smart TVs, users must opt in to privacy policies during the set-up process to enable the functionality,” he said. Users can activate or deactivate ACR “at any time,” he said.