The Copyright Office should renew and expand right to repair-related exemptions under the Digital Millennium Copyright Act, the FTC and DOJ said in joint comments announced Thursday. The CO is considering renewing exemptions to the DMCA’s prohibitions against circumvention of technology protection measures that control access to copyrighted content. Renewing and expanding the repair-related exemptions would “promote competition in markets for replacement parts, repair, and maintenance services, as well as facilitate competition in markets for repairable products,” the agencies said. Enforcers support the renewal of an exemption “related to computer programs that control devices designed primarily for use by consumers for diagnosis, maintenance, or repair of the device and expanding it to include commercial and industrial equipment,” they said.
FTC Chair Lina Khan on Friday welcomed newly confirmed Commissioners Andrew Ferguson and Melissa Holyoak (see 2403070072), saying she looks forward to working “vigorously” with them on competition and consumer protection issues. Khan also welcomed the Senate's reconfirmation of Commissioner Rebecca Kelly Slaughter. Senate Commerce Committee Chair Maria Cantwell, D-Wash., said Congress expects the full commission to “prioritize pressing issues, such as bringing transparency to rising prescription drug costs, enforcing online privacy, cracking down on junk fees and returning money to victims of fraud.”
Six Big Tech companies must fully comply with the Digital Markets Act, the European Commission said March 7. It designated Apple, Alphabet, Meta, Amazon, Microsoft and ByteDance "gatekeepers" under the DMA in September, subjecting them to new rules for core platform services. Now they must show they're complying with the act and how. For example, they must submit independently audited descriptions of how they're profiling consumers. Full compliance means EU businesses that depend on the six gatekeepers to reach their customers "will enjoy new opportunities," the EC said. These include fair treatment and a level playing field when they compete with gatekeepers' services on their platforms; being able to request interoperability with gatekeepers' services to offer innovative new services; and being able to sell their apps through channels other than gatekeepers' app stores. End users will also benefit, the EC said, by, among other things, not being locked into platforms' default choices for app stores and services and having more control over their data by being able to decide whether the gatekeeper can link their accounts. The EC "will not hesitate to take formal enforcement action" in cases of non-compliance, it said. The European Consumer Organisation urged the EC to enforce the measure "promptly and effectively." In February, the EC found that Apple's messaging service iMessage and Microsoft's online search engine Bing, web browser Edge and online advertising service Microsoft Advertising didn't qualify as gatekeepers. On March 1, Booking, ByteDance and X notified the EC that their services potentially meet DMA thresholds; an EC decision is due by May 13.
The FTC’s case against Amazon and Alexa data privacy practices shows tech innovation isn't an excuse for companies to ignore privacy obligations, FTC Chair Lina Khan said Wednesday. Companies can’t retain user data “forever” just because it could be useful to AI training models in the future, she said during FTC PrivacyCon. Amazon in June agreed to pay more than $30 million to settle several allegations, including FTC claims the company violated privacy law when it retained children's voice and geolocation data despite parents requesting deletion. The rise of AI motivates companies to “vacuum up” user data, so “rules of the road” are “more essential than ever,” said Khan. AI presents a moment of “opportunity” with “tremendous risk,” and companies shouldn’t be “racing to the bottom” with business models that entrench data surveillance, automate discrimination and turbocharge fraud, she said. The FTC in other cases has made clear that selling certain data is “presumptively off-limits,” including data related to location, health and browsing history, she said. Commissioner Alvaro Bedoya added, this FTC won’t hesitate to seek outright bans on specific commercial practices that violate user privacy. He noted that in at least three instances recently, the commission banned companies from engaging in specific conduct as part of proposed settlements. This included the FTC’s December settlement banning Rite Aid from conducting facial surveillance for five years. The FTC’s January settlement banned InMarket from selling or licensing precise location data, and February’s banned Avast from selling browsing data for advertising purposes. If a company violates consumer privacy, the FTC will “seek the strongest protections for consumers” to end the practice, said Bedoya. Commissioner Rebecca Kelly Slaughter noted agency staff’s recent business guidance on enforcement against mass data collection practices. The bottom line, she said, is that “unfettered data collection can easily put you in violation of the FTC Act.”
President Joe Biden in his State of the Union address should push for a federal privacy law to settle the debate over myriad privacy proposals around the country, Computer & Communications Industry Association President Matt Schruers said Wednesday. “While states and Congress have expressed interest in a range of measures to protect younger users online, many of the goals could best be solved with consistent federal rules -- rather than inconsistent state initiatives, some of which violate federal law,” he said. Sen. Marsha Blackburn, R-Tenn., announced her guest for the State of the Union will be Gail Flatt, a Tennessee mother whose 14-year-old daughter committed suicide “due to social media harms.” Blackburn called for passage of the Kids Online Safety Act, which she introduced with Sen. Richard Blumenthal, D-Conn. “Far too many young people have fallen victim to social media’s dark and addictive rabbit holes, while Big Tech not only ignores the problem but takes great lengths to exploit users’ data at any cost,” Blackburn said.
President Joe Biden should urge Congress to pass a comprehensive federal privacy law during his State of the Union address Thursday, the Open Technology Institute said Tuesday. Legislation like the House Commerce Committee’s American Data Privacy and Protection Act (see 2310180051) “remains the most effective way to protect all Americans,” OTI said. The ADPPA would be a good foundational step toward regulating AI, OTI added. The organization urged Biden to work with Congress on legislation that holds tech companies accountable for automated decisions driven by social media algorithms. The Algorithmic Accountability Act (see 2309210048) would help “hold companies accountable for automated decision making by requiring impact assessments and increased transparency,” said OTI.
Apple must pay more than $1.95 billion for abusing its dominant position in the market for distribution of music streaming apps to iPhone and iPad users through its App Store, the European Commission said Monday. Specifically, it found Apple violated EU antitrust law by barring app developers from telling iOS users about alternative and cheaper music subscription services available outside the app ("anti-steering provisions"). Apple said the EC failed to find any "credible evidence of consumer harm," but the European Consumer Organisation (BEUC) cheered the move. The EC noted that Apple is the sole provider of an app store where developers can distribute their apps to iOS users in the European Economic Area, and it controls every aspect of the iOS user experience and sets the terms and conditions developers must comply with to be present on the App Store. Apple's anti-steering provisions amount to unfair trading conditions in breach of EU law, are not necessary or proportionate for the protection of Apple's commercial interests in connection to the App Store or Apple's smart mobile devices, and negatively affect the interests of iOS users, who can't make informed decisions on where and how to buy streaming subscriptions, the EC said. That conduct, occurring for nearly 10 years, may have caused many iOS users to pay much higher prices for streaming subscriptions and has led to nonmonetary harm, as users either had to engage in a cumbersome search to find other services or never subscribed to a service because they couldn't find the right one on their own. The massive fine took into account the duration and gravity of the antitrust infringement as well as the company's total revenue and market capitalization. In addition, the EC included a lump sum to the basic penalty, serving as a deterrent. Apple slammed the decision, saying Spotify lobbied the EC for it and was its biggest beneficiary. Spotify "has a 56 percent share of Europe's music streaming market -- more than double their closest competitor's -- and pays Apple nothing for the services that have helped make them one of the more recognizable brands in the world. A large part of their success is due to the App Store." Despite that, Spotify wants to embed "subscription prices in their app without using the App Store’s In-App Purchase system. They want to use Apple’s tools and technologies, distribute on the App Store, and benefit from the trust we’ve built with users -- and to pay Apple nothing for it." Moreover, it said, the decision came just before the Digital Markets Act is effective, on March 7. "Apple is set to comply with the DMA in days, and our plans include changes to the rules challenged here. What’s clear is that this decision is not grounded in existing competition law. It’s an effort by the Commission to enforce the DMA before the DMA becomes law." BEUC said the decision, along with effective enforcement of the DMA, "should help consumers benefit from more competitive and better digital services.”
Walmart’s purchase of Vizio could “exacerbate concentration, data hoarding and privacy concerns,” so the FTC and DOJ should heavily scrutinize the $2.3 billion deal, Demand Progress and consumer advocates said Monday in a letter to the two agencies. The American Economic Liberties Project, the Center for Digital Democracy, the Electronic Privacy Information Center, the Open Markets Institute and Public Citizen signed the letter. Walmart’s proposal for acquiring Vizio’s advertising network will further allow Walmart to exploit consumer data for financial gain, they said. Vizio’s track record of violating user privacy by excessive tracking increases the privacy risks, they said. The deal will also allow Walmart to self-preference its new TV products, they said.
Colorado should pass a bill expanding its right-to-repair statute to cover digital electronic equipment like cellphones, the FTC said Thursday. Consumer Protection Bureau attorney Christine Todaro testified before the House Business Affairs Committee in support of HB 24-1121. Introduced in January by Reps. Brianna Titone (D) and Steven Woodrow (D), the bill expands Colorado’s right-to-repair law, which was last amended in 2023 to include farm equipment. The latest iteration would cover cellphones manufactured since July 2021 and other consumer electronic devices manufactured since July 2015. The FTC supports the latest bill because it protects consumers’ access to “cost-effective repairs and advances the numerous benefits that flow from increased competition in repair markets,” said Todaro. The bill awaits committee passage in both chambers.
Meta is violating the EU data protection law by requiring users to pay for ad-free service or consent to the use of their personal data, eight European consumer groups alleged Thursday. Meta didn't immediately comment. The groups, from the Czech Republic, Denmark, Greece, France, Norway, Slovakia, Slovenia and Spain, are European Consumer Organisation (BEUC) members. In complaints filed with their national data protection authorities (DPAs), they charged the tech giant with failing to comply with GDPR principles of fair processing, data minimization and purpose limitation. Moreover, they said Meta has no valid legal basis to justify the massive data sweep it carries out on Facebook and Instagram users because the choice it gives them can't lead to free and informed consent. "Meta has tried time and time again to justify the massive commercial surveillance it places its users under," said BEUC Deputy Director-General Ursula Pachl. "Its unfair 'pay-or-consent' choice is the company's latest effort to legalise its business model." In recent years several DPAs have tried to force Meta to change the legal basis for collecting and processing people's data, and the company's "last resort" is to obtain users' consent for those activities by offering them the choice to either pay to see a supposedly ad-free service or consent to the company's full commercial surveillance with ads, BEUC said. Asked why BEUC didn't file the complaint with the DPA in Ireland, where Meta is headquartered, a spokesperson said the organization wanted to involve national data protection authorities that can then take ownership of the issue when those authorities transfer the matter to the Irish authority. In addition, he said, BEUC wanted to involve its members because they know the procedural rules of their own DPAs and to maximize coverage of the issue to show that it affects all Europeans.