Continue reading on DataGuidance with:
Free Member
Limited ArticlesCreate an account to continue accessing select articles, resources, and guidance notes.
Already have an account? Log in
USA: FTC publishes report on data practices of social media and video streaming services
On September 19, 2024, the Federal Trade Commission (FTC) published a report entitled 'A Look Behind the Scenes: Examining the Data Practices of Social Media and Video Streaming Services.'
The report provides information on data practices of Social Media and Video Streaming Services (SMVSS), advertising and targeted advertising, automated decision-making, practices relating to children and teens, and concerns related to competition.
Data practices
The report outlines that many companies collected and indefinitely retained data from and about users and non-users, including information about activities both on and off SMVSS. The information included information input by users themselves, information gathered passively or inferred, and information purchased about users from data brokers relating to household income, location, and interests. The FTC notes that data practices were inadequate and that:
- data minimization policies were often vague or undocumented;
- many companies lacked written retention or deletion policies; and
- some companies did not delete data in response to user requests, and instead de-identified data or only deleted some data.
Targeted advertising
In addition, the report provides that many companies relied on selling advertising services to other businesses based on the personal information of users. The FTC details that many companies used privacy-invasive tracking technologies such as pixels which transmit sensitive information about users' actions to the SMVSS that use them. The FTC alleges that targeted advertising practices raised serious privacy concerns.
Automated decision-making
Notably, the report outlines that there was widespread application of artificial intelligence (AI) on users' and non-users' personal information. Specifically, the report notes that AI was used for content recommendation, search, targeted advertising, and inferring personal details about users. Overall, the report clarifies that there was a lack of access, choice, control, transparency, explainability, and interpretability relating to the use of automated systems. Organizations were also noted to have inconsistent and inadequate approaches relating to the monitoring and testing of the use of automated systems.
Children's data
Companies were also found to have failed to adequately protect children and teens, especially teens not covered by the Children's Online Privacy Protection Rule (COPPA Rule). The report stipulates that many organizations attempted to avoid liability under the COPPA Rule by asserting that there are no child users on their platforms because children cannot create accounts.