booktv, 48 hours of book programming begins saturday morning at eight eastern through monday morning at eight eastern. nonfiction books all weekend every weekend right here on c-span2. .. >> a procedural vote scheduled for 5:30. it would provide $150 million in

economic assistance and impose sanctions on russia. also on the agenda in the senate this week, a bill to extend unemployment insurance and a measure to repeal the current formula for medicare payments to doctors. the house returns at noon eastern with legislative business at 2:00. nine suspension bills are on the agenda, one includes a measure to allow individuals to make tax-deductible donations for 2013 through april 15th of year. votes are not expected in the house until 6:30 p.m. eastern. you can watch live coverage of the house on c-span and the senate on c-span2. >> c-span, created by america's cable companies 35 years ago and brought to you today as a public service by your televisioning provider. television provider. >> host: and joining us this

week on "the communicators" is the chairwoman of the federal trade commission, edith ramirez, thanks for being with us, we appreciate it. what, when it comes to telecommunications, what's the ftc's responsibility in that area? >> guest: well, peter, let me just start off by thanking you to have me on the show, it's great to have an opportunity to talk about the important work of the federal trade commission. and before with i turn to your question, let me just explain that we at federal trade commission have a dual mission which is to protect american consumer ands to promote competition, and we do that in a couple of different ways, main ways. the first is that we are a civil law enforcement agency, so we bring lawsuits against companies that engage in unfair or deceptive acts or practices or engage in unfair be methods of competition. we also engage in policy and research work to study industries and to promote best practices and also advocate for

laws that we think are needed. and as to your specific question, what i can tell you is that we're really interested in protecting consumers when it comes to the entirety of the mobile ecosystem. and so by that i mean that we are interested in what app developers are engaging in, what platforms are doing, uprating systems, mobile app stores, and so, again, we insure that american consumers are protected and that there's a competitive landscape. >> host: pad dam chairwoman, in a recent speech in other have been yous you've talked about the internet of things. what do you mean by that? >> guest: well, you know, one of the things that i've been very interested in doing is that we do a great deal to protect the privacy of american consumers and insuring that consumers have as much control as possible over the collection and use of their

personal data. and i'm very interested in making sure that the ftc stays current and stays abreast of emerging technologies. the internet of things being one of them. and what that refers to is that today we see all sorts of everyday devices increasingly becoming connect today the internet and being able to communicate with each other and communicate with consumers. and so you see connected cars, you see connected devices, appliances, and what that means is that it has very different -- many implications for consumers. it can bring both a great deal of benefits for consumers but also raises some privacy implications that we are concerned about. and in particular i think there are three, what i see as three privacy challenges when it comes to the internet things. the first one being that there's a tremendous amount of information that's being collected by these devices that

are connected to each other, connected to the internet. also the information that's being collected there is the potential for that information to be used in ways that consumers may not anticipate. and, third, the other issue is that when you collect vast amounts of information about consumers, the issue of data security becomes increasingly important, how does that information, is that information being protected? whenever you have something that's connected to the internet, it raises the potential that someone, a hacker or identity thief, could potentially access that information and use it in malicious ways. >> host: well, haven't we signed over a lot of our privacy to big data, to some of these big companies? >> guest: well, you know, at the ftc we think that's not, that shouldn't be the case, that consumers really ought to have control and there ought to be greater transparency over how

companies are using the personal information of consumers. and so we advocate three broad principles when it comes to privacy generally. the first one being what we would have known in the privacy world as privacy by design, and what that means is that we encourage companies to from the very outset when they're conceiving of new products and services to really think hard about the privacy implications of what they're doing and to think hard also about how much information is really needed to deliver the product or service that they aim to deliver so that if they can minimize the amount of data that's collected, that would be best, and you just need to think about what those implications are. second hi, we also advocate what we call or refer to as a simplified notice. we want companies to communicate to consumers what information's being collected, how it's being

used so that consumers have, again, control over their personal information. anden then the third major principle is the idea of transparency. a lot of what is happening happens in the background, happens in black box, and consumers may not necessarily be aware of the extent of the collection of information and that, from our perspective, creates an issue. and we'd like to have companies, again, be more open about what their privacy practices are and their data practices are. >> host: well, joining our conversation with the chairwoman of the federal trade commission is lynn stanton who's a senior editor with "telecommunications reports." >> when you talk about privacy by be design, a lot of these apps, the designers of the app didn't design the entire app. they take off the shelf pieces of software, and ten they're not themselves -- then they're not themselves aware of all the information that software's collecting. what kind of responsibilities do

they have and does the ftc have the kind of tools it needs to deal with an ecosystem like that, where there's all these pieces that come together; the device, the software, the service provider like verizon or at&t? how do can you deal with all of these pieces? >> guest: i think that's a very important point that you're making and, yes, the ecosystem itself is very complex, and there are a number of different players. i think what we need to do is we have jurisdiction over a good number of those players, not all of them. we do not have jurisdiction over common carrier services, for instance be, and by that i mean that there is an exception to our authority under the ftc act which means that we don't have jurisdiction over what would be traditional voice services, for example. we actually think that that particular exception to our authority is quite outdated given the blurring of lines that you see today, for example, when

you're using a smartphone. so we have, the commission has for some time now been advocating that that exception be removed so that we actually have jurisdiction over the full ecosystem and provide american consumers complete protection. but we are looking at app developers, we are look at device manufacturers, and we bought cases across the ecosystem to try to insure and encourage companies to be looking at these issues and to make sure, number one, that they aren't enpaging in -- engaging in unfair or deceptive practices. for instance, if the company ends up making a promise about i how they will be handling consumer information, assuring consumers their information will be secure, we expect them to actually fulfill that promise. and if they don't, then we would have jurisdiction to bring a law enforcement action. just one example of that is that we brought an enforcement action against htc america, a device manufacturer, because they add certain security flaws in their

software that ended up leading to the disclosure of personal information, and so we took action against that. but we feel that all the players in the ecosystem do have a role to play here, and we're going to be on guard through our enforcement authority to take action where appropriate. but then also at the same time we have this policy and research function where we encourage best practices. we've been looking at various new, emerging technology. the internet of things, we actually held a workshop on that last fall to learn more about these technologies and also encourage best practices by companies. >> typically in the past consumer information has been things the consumer's provided to the company or maybe things that they learned about them, like their payment history. so your name, your address, numbers associated with accounts and whether you were paying them on time. but with this new ecosystem, they know where you are, they

know who you call, they know which apps you use, they know how things interact with each other. your heart rate maybe if you've got one of these wear able devices. >> sure. >> does it require a different approach, kind of information? does the ftc's authority cover these new kinds of information? thinking of information as financial and health and different cat goes like that, in children, of course, especially. are there sensitive kinds of information that aren't realized are sensitive as these devices learn so much about us? >> guest: so a couple of things to note if response to your question. first, i think, the fcc's been engaged in the arena of privacy and data security for some time now, so to a certain extent why don't we call it, it falls under the rubric of big data. and by that i mean today you have this ubiquitous collection

of just vast amounts of information. you now also have analytics, the new tools that can be used to process that information and allows companies to make sure -- so in many respects the issues i'm talking about today are issues that we confronted in the past, but now the fact that the amount of information that a's being gathered is of a significantly greater magnitude does raise just a qualitative difference because, again, it's just so much information that's being -- but it's not entirely dissimilar to issues we've been dealing with in the past. i think one thing that you're, i believe you're getting at is that sometimes you can aggregate what's seemed to be benign which was and then make decisions that one might consider to be sensitive. one example in this area is an example that was reported in the media where you had, target had

some analytical tools that they were able to determine based on the purchase of a particular individual, were able to determine that she was, in fact, pregnant because she was purchasing things like unscented lotion, for example. so that, i think, can raise concerns depending on what inferences are being drawn. so these are issues that i think companies have to think hard about, and we're tackling in a variety of ways including making sure that companies abide by relevant laws. and this can also lead to manager that's referred to as discrimination bilal brit m. and, again, how is that information being used. one thing that we argue is that we are analyzing, ask we've been conduct -- and we've been conducting a study over the last year of data brokers. and these are companies that aggregate information from both online and offline sources and

then sell that information to companies who then use it for a variety of purposes. we are reaching a conclusion to our study, and we hope to be issuing a report fairly soon. then we're going to be making certain recommendations. one of those includes making sure companies abide by self-reporting act, the fcra which we do report, so we've been vigilant in that arena, making sure that companies abide by that. but i think there are other implications, and we're thinking hard about those, and we're asking companies to think hard about this how this information is being used. >> host: chairwoman ramirez, do you feel that the private companies are cooperating with where you're trying to go, and do you feel that the ftc has enough enforcement tools at this point in. >> guest: let me address the first question, and i do believe that companies are now and in the last several, few years in particular understand that

consumers do care a great deal about their privacy, and i believe that many of them are reacting and responding to that by both making sure that their policies and their practices insure greater privacy for consumers. so i do think that the marketplace is responding to that. i think more needs to be done in that area, and so we do advocate, again, best practices and where our enforcement authority may apply, we will take action. i personally believe that there needs to be federal legislation be this this arena -- in this arena because i think be more does need to be done. we have an approach here in the united states where we take a federal approach to the protection of private information, consumer information. we have certain laws that apply to financial information, we have laws that apply to health information, and we at the ftc have done, i think, a good job of using our tort under the ftc act to enhance privacy

protections, but i think more needs to be done. and i would, i favor a comprehensive federal law in this arena and am supportive of that. >> host: lynn stanton. >> support of not just data privacy, but data security legislation. >> guest: absolutely. >> that legislation tends to focus on obligations to protect and after the fact punishments the if you don't, but for consumers it would be much better if the breaches never happened, if they wouldn't have to deal with the fact that they were exposed to identity theft and other issues. why haven't companies done more up to this point given the public relations night pairs that these kinds of -- nightmares that these kinds of exposures take and also financial obligations that may occur in doing credit protection and what not? >> guest: so i think you're hitting an important point, which is the companies do need to be doing more at the front end. you mentioned data security which i haven't yet spoken too much about. we are looking at the front end.

under our authority what we expect of companies is that they provide reasonable and put in place reasonable security measures to protect the consumer information that they use as part of their business operations. be -- we do find, as you're suggesting based on our experience and enforcement work we've done in this area, we find that many companies are still not putting in place appropriate security measures to protect the consumer information that they maintain, that they collect and that they use. that experience that we have is backed up by day data. verizon, for example, releases an annual report analyzing data breach incidents and finds that a lot of the intrusions that you see really are the result of sort of low difficulty hacking, basically. so, and what that tells me is that there's a lot more that companies need to be doing as a

general matter. and we're doing what we can through our enforcement authority, but also encouraging companies. we brought a security case, but really what we're trying to do with our enforcement board is alert companies of their obligations to provide adequate security. there's another area where as a bipartisan commission we unanimously have endorsed and support legislative action in this arena, have asked congress to enact both a robust data security law, also would have strong data breach notification requirements. we're also asking for civil penalty authority for the ftc so that we can have greater deterrence in this arena. we'd also like to get jurisdiction over nonprofits which we currently lack, and we do find that nonprofits are

subject to and have seen breaches in this area. so, clearly, more work needs to be done in that area. and then we also ask for some apa rulemaking authority to allow us to implement any such law. >> host: you are watching "the communicators" on c-span. our guest this week is the chairwoman of the federal trade commission, edith ramirez. she's a lawyer, she's a harvard law grad, and she served as one of the editors of the harvard law review prior to joining the ftc in 2010, she's been the chairwoman since 2013. lynn stanton of "telecommunications reports" is a senior editor there. >> hi. we were talking about data security, legislation. in the reality the political prospects for getting that passed anytime soon aren't that great. any legislation is a slim bet really at this time, and there are few issues that state authority enforce, they may prove to be stumbling blocks. given the authority that you have right now, have you at all

looked into the idea of one of these multistakeholder processes that the commerce department has been using with respect to privacy, and now they've picked up one for patent online notification issues? do you think that's an area that maybe working with consumer stakeholders and corporate and other stakeholders that have access to all this data could be a good approach? >> guest: absolutely. i think that self-regulation generally so long as you have a robust standard that's developed through something like a multistakeholder process, i think that's very important, and i absolutely sport that. we at the commission have long supported it. again, so long as you have a robust standard and if you have an enforcer, a backstop enforcer such as the ftc, then i think that can with very important work to complement the enforcement work and other work that we do at to the agency, absolutely. >> host: chairwoman ramirez, what kind of work to you do with the fcc on these types of

issues? >> guest: we collaborate very close by -- closely with the fcc in a number of area, and that includes enforcing the do not call rule. we work closely together with the fcc generally given our respective authority in this ecosystem so, yes, with do work with them on a regular basis. >> you had mentioned common carrier earlier. over at the fcc, the companies that are considered common carriers are looking to transform their networks into internet protocol networks which under current fcc regulation aren't considered to be common carrier networks. do you see that as changing the implications and the interactions between you and the fcc in terms of the internet ecosystem and you having sort of greater enforcement authority potentially over the kinds of services and that'll be over the

top and, therefore, internet non-common carrier services than you have this the past? >> guest: i don't think anything that can change. my view and the point that i make when i talk about eliminating the common carrier exemption is that we just feel that we want to be able to apply the rules that we enforce, the laws that we enforce over the entire ecosystem so that everyone has the same rules of the road. in terms of concurrent jurisdiction, i think that we have a very good relationship with the fcc, and i think each of us have a slightly different but equally important role, and we work very closely with them to insure that we each use our resources effectively in these areas. so, you know, my view is that we can certainly continue to do that, and we'll see how things, you know, develop over time. but i see each agency as having significant and important roles in this ecosystem. >> host: what is a privacy score and why is that becoming significant?

>> guest: well, i think by that you mean a company sort of giving themselves a privacy score? well, i think maybe what's going on is this issue about communicating in some simple way to consumers what approximates are being afforded -- what protections are being afforded and how they can basically get more information to distinguish between and turn shade between different -- differentiate between different companies in terms of their privacy and data practices. i think, again, we advocate what we call simplified choice. we don't support any particular means, but there has been talk in this arena. again, how do we communicate or how can companies communicate to consumers in some easy and understandable way how privacy protective they are? and i think that's what you're referring to, and there are talks about how one can go about

that. >> host: edith ma'am rez, recently in in "the new york ti" barry steinhardt was quoted, the founder of friends of privacy usa as saying the u.s. is basically the wild west of privacy. do we have different standards here than the rest of the world? >> guest: we do have different standards than, for example, european laws. and i think for some time there has been a misimpression, let's say, from the european perspective about how americans feel about privacy. let me also just say by way of background that the federal trade commission in addition to all of domestic work that we do, we also engage internationally and very deeply with counterpart agencies around the world, and that includes data protection authorities around the globe whose mission is to protect privacy, citizens' privacy. so i think it's an impression.

i think we, actually, at the ftc have been engaging with our counterparts to let them know that americans care very deeply about privacy and that while we have a different legal system and we may not maybe have, look at privacy in quite the same way that others do in europe, for example, we do care very deeply about it, and we're serious about it. and i think the work that the ftc has engaged in in that area is very much demonstrative of that and is evidence of that. and in addition, the fact of the matter is that around the world you see very different approaches. and so to me, when you're talking about international, you're talking about the issue at the international level, one issue that we care about is how do these various systems interoperate? because the reality is that different can jurisdictions, there are different cultures of privacy. in addition to the different legal regimes and legal approaches to privacy. and so the question becomes

given those differences how can these systems work together in a way that provides effective and robust protection for consumers. that's what we ultimately care about, and bunch that it's a global -- and given that it's a global economy and a service provider or a company may be using service providers i know that are in different parts of the world, that issue about how do you interoperate becomes quite critical. our view is we need to develop systems in order to make sure there is interoperability and there are these minimum and sufficiently robust standards so that companies can and data can cross borders but do so in a way that's safe and privacy protected. >> host: lynn stanton. >> you have the safe harbor agreement with the european union that's designed to insure that a individual's expectations of privacy under their home government's rules are protected when they, when a company takes the data outside that country.

and there's opinion a lot of pushback -- there's been a lot of pushback in the wake of revelations about nsa collection. even though those rules weren't designed to protect government observation or surveillance, but there seems to have been some concern that allowing u.s. companies to take data out would expose them more so to those kinds of government be, or our government intelligence operations. you've recently had brought some enforcement actions against companies that claimed to be own serving -- observing the safe harbor but had not finished their recertification or recertified themselves. was that in a way designed to try and protect the safe harbor protections for european citizens? >> guest: let me just provide a little bit of background about how that program works. it is a program that's administered by the department of commerce. the ftc is the enforcer, and it is design toed to allow u.s.

companies to transfer data from europe to the u.s. and, yes, over the years there have been certain concerns voiced about how robust the program is. we think it's a necessary tool that works well and provides an important function given, of course, the significant trade relations between, commerce relations between the u.s. and europe. but we also have heard the criticisms and concerns that have been expressed by our european colleagues, and in our view even though the program is working and we think well overall, we do understand that clearly, you know, some companies may not be fully complying, and certainly we expect to take action and will take action in those situations. the way the program's initially conceived we were, the ftc was expected to receive referrals from europe whenever there was any concern about a company

maybe not complying with the program. it turns out we ended up receiving very few referrals, and that was one of the reasons why we haven't taken many actions. when we started hearing a few years back some concerns, we on our own started to take the initiative, and whenever we look at issues, we want to also assure there's compliance with the safe harbor framework. we have brought now close to 25 cases in that arena, so we are making sure we do everything we can to make sure that the program works well. we are also in the conversation with the european commission over how the program can be improved and made more robust, and we're doing that jointly with the department of commerce. >> host: and, unfortunately, we are out of time. lynn stanton, "telecommunications reports," and edith ramirez, chairwoman of the federal trade commission. please come back to "the communicators." >> guest: thank you, peter. thank you, lynn. >> thank you.

>> c-span, created by america's cable companies 35 years ago and brought to you today as a public service by your television provider. >> president obama begins a trip to europe and the middle east this week. today he's in the netherlands for meetings with the prime minister and the chinese president. in the evening, a meeting with g7 world with leaders for talks on ukraine. on tuesday the president visits the world forum to participate in the national security summit and later in the day he'll travel to brussels where on wednesday he'll meet with belgium's prime minister before attending the european union/u.s. summit. on thursday president obama visits the vatican to see pope francis and hold meetings with italy's president and prime minister. on friday he travels from rome to riyadh, saudi arabia, for a meeting with king abdullah.