governors. >> c-span, greeted by america's cable companies 35 years ago and brought to you today by a public service through television provider. >> joining us this week is the chairwoman of the federal trade commission, edith ramirez. we appreciate it. when it comes to telecommunications, what is the ftc's responsibility in that area? >> let me start off by thanking you for letting me be on the show. it is a great opportunity to talk about the important work of the federal trade commission. let me explain that we at the federal trade commission had a dual mission which is to protect american consumers and to promote competition. we did that in a couple of different ways. we are civil law

enforcement agency so we bring lawsuits against companies that engage in unfair or deceptive acts or practices or engage in unfair methods of competition. we engage in policy and research work and to promote best lawsices and advocate for that we think are needed. weyour specific question, are interested in protecting consumers when it comes to the entirety of the mobile ecosystem. by that i mean that we are interested in what developers are engaged in, what platforms stores,g, mobile app device manufacturers. we ensure that american consumers are protected and there is a competitive landscape. in otherecent speech

venues, you talk about the internet of things. what do you mean by that? >> one of the things i have been interested in doing is we do a great deal to protect the privacy of american consumers and ensuring that consumers have as much control as possible over the collection and use of their personal data. i am very interested in making sure the ftc and and stays abreast of emerging technologies. the internet of things being one of them. what that refers to is that today we see all sorts of everyday devices increasingly becoming connected to the internet and being able to communicate with each other and communicate with consumers. you see connected cars, you see connected devices and appliances. it has very different implications for consumers. they could bring a great deal of but alsofor consumers

raises some privacy implications that we are concerned about. threeticular, there are privacy challenges when it comes to the internet of things. the first one being that there was a tremendous amount of information being collected by these devices that are connected to each other and the internet. also, the information that is being collected -- there is the potential for that information to be used in ways that consumers may not anticipate. third, the other issue is that when you collect a vast amounts of information about consumers, the issue of data security becomes increasingly important. how does that information -- is that information being protected? we have so may things connected to the internet, the potential thiefomeone or identity could potentially access that information and use it in

malicious ways. we signed over a lot of our privacy to big data to some of these big companies? >> we think that should not be the case that consumers ought to have control and they're off to --bitter transparency greater transparency of how companies are using the personal information of consumers. we advocate three broad principles when it comes to privacy. the first one being what is known in the privacy world as privacy by design. what that means is that we encourage companies from the very outset when they are considering conceiving new services to really think hard about the privacy implications of what they are doing and to think hard about how much information is really needed to deliver the services they aim to deliver so that if they can minimize the amount of data that

is collected, that would be best. advocate whatlso we call order for to as simplified notice. to communicatees with consumers how their information -- what information is being collected, how it is being used so that consumers have control over their personal information. the third major principle is the idea of transparency. a lot of what is happening happens in the background, happens in the black box and consumers may not necessarily be aware of the extent of the collection of information. from our perspective, that creates an issue and we would like to have companies be more open about what their privacy practices are. --turning our conversation 20 our camp -- our conversation is lynn stanton.

could talk about the three principles. when we talk about privacy by design, a lot of these apps, the designers take off the shelf pieces of software and they may not be so aware of all the things that software is collecting. what kind of responsibilities do they have and of the ftc have the kind of tools it needs to control a system like that where there are so many pieces involved to design the software? how do you do with all those pieces? >> i think it is important point that you are making. complexystem is very and there are a number of different players. to -- we have jurisdiction over a number of those players, not all of them. we do not have jurisdiction over common carrier services. there is mean

exception over authority and the ftc act which means that we don't have jurisdiction over what would be traditional voice services. we actually think that particular exception to our authority is quite outdated given the bordering of lines that you see today when you're using a smart phone. the commission has been advocating that exception be removed, that we actually have jurisdiction over the full ecosystem and provide american consumers complete protection. we are looking at developers. we're looking at device manufacturers and we have brought cases across the ecosystem to try to ensure and encourage companies to be looking at these issues and to make sure that they are not doing deceptive practices. if the company ends up making a promise about how they will be handling consumers information,

ensuring that the information will be considered -- secure, we actually expect they will to fill that promise and if they don't, we will bring law enforcement action. manufacturer has certain security flaws in the software that ended up needing the disclosure of personal information so we took action. we feel all the players in the ecosystem have a role to play and would be on guard through our enforcement authority to take action where appropriate. at the same time, we have this policy and research function where we encourage best practices. we have been looking at various new emerging technologies. theey held a workshop on internet of things last fall to learn more about these technologies and also encourage best practices by companies. >> in the past, consumer

maybe things they learn about life their payment history. they have your name, address. it is this new ecosystem. they know where you are, who you call, which apps you use. they know things interact with each other. if you have one of these wearable devices, your heart may be. does it require a different approach when these kinds of -- does the ftc's authority cover these kinds of information? these are sensitive information that we may not even realize are sensitive. first, i think the ftc has

been engaged in the arena of privacy for some time now. it falls under the rubric of begin. ig data. you have this collection of vast amounts of information today and you now also have new tools that could be used to process the information and allows companies to make sure it is from them. the issues that i am talking about today are issues that we confronted in the past, but now the fact that the amount of magnituden is greater does raise a difference because it is so much information. dissimilarntirely with issues in the past. one thing that you are getting

at is that sometimes you can aggregate what seems to be benign pieces information. one example in this area is the example that was reported in the media where you had -- target had some analytical tools that they were able to determine based on the purchase of the particular individual were able to determine that a woman was pregnant because she was purchasing things like unscented lotion. that could raise concerns depending on how what inferences are being drawn. those are issues that i think companies have to think hard about. we are tackling in a variety of ways including making sure that companies abide by relevant laws. it could lead to something that is referred to as discrimination by algorithm.

how is that information being used? one thing that we are doing is that we are analyzing and conducting a study over the last year on data brokers. these are companies that aggregate information from both online and off-line sources and sell that information to companies who use it for a variety of purposes. toare reaching a conclusion our study in hoping -- and hoping to issue up a report fairly soon. those include making sure the the reportinge by act. we have been vigilant. there are other implications and we are thinking hard about this and we are asking the companies to think hard about how this information is being used. >> you feel that the private companies are cooperating with

what -- where you are trying to go and do you feel that the ftc has enough enforcement tools? >> let me address the first question. i do believe that companies are now in the last few years understand that consumers do care a great deal about their privacy. i believe that many of them are responding to that by both making sure their policy and the practices ensure greater privacy for consumers. i do think that the marketplace is responding to that. i think more needs to be done in to do -- so we have best practices. i believe that needs the federal legislation in this arena. i think more needs to be done.

we have an approach where we take a federal approach to the protection of private information. we have certain laws that apply to financial information and health information. we have done a good job at using our authority under the ftc act to enhance privacy protection but i think more needs to be done. i favor a comprehensive federal law and this arena -- in this arena. >> you support legislation for data security. most of that legislation tends to focus on obligations to protect the after-the-fact punishments but you don't protect the data that you have. bettersumers it will be if this never happens, if they didn't have to do with the fact that their data is out there. why haven't companies done more up to this point given the public relations nightmare that

these exposures take and also financial obligations that may incur? think you are hitting an important point which is the companies need to be doing more. we actually look at data security which i have not spoken to much about. under our authority, will be to put in companies place reasonable security measures to protect consumer information that they use as part of their business operation. we do find, as you are suggesting, based on experience, we find that companies still are not putting in place appropriate security measures to protect the consumer information that they maintain, that they collect and use. ist experience that we have backed up by data. a reporteleases

analyzing data breach incidents and find a lot of the intrusions that you see are the result of low difficulty. therehat tells me is that is a lot more that companies need to be doing and we are doing what we can. --are encouraging companies what we are trying to do with our enforcement work is to alert companies of their obligations to provide adequate security. there is another area as a commission weekend unanimously of legislation action in this arena. strong data breach

notification requirements. we are asking for civil penalty authority for the ftc so that we can have greater deterrence in this arena. we would like to get jurisdiction over nonprofits which we currently lack and we do find that nonprofits are subject to breaches so more work needs to be done. for authority to allow us to implement -- our guest this week as the chairwoman of the federal trade commission, edith ramirez. she is a harvard law grad. she served as one of the editors of the harvard law review prior to joining the ftc in 2010. she has been the chairwoman since 2013. lynn stanton is a senior editor there. >> we are talking about data

security and legislation. prospects of getting that passed soon is not that great. there are a few issues of authority to enforce. given the authorities that you have right now, have you looked into the idea of these prophecies that the commerce department is doing an effective privacy and now they have one for patents and notification issues. is an think data security area where working with consumer stakeholders and corporate and other stakeholders that have access to the data would be a good approach? -- ashink self-regulation long as you have a robust standard that is developed is very important. i absolutely support that.

robust as you have standard and if you have an i amcer such as the ftc, going to think that will be very important work to complement the enforcement work that we do. >> what kind of work do you do with the fcc on these types of issues? >> we collaborate very closely with them and a number of different areas and that includes enforcing the do not call rule. we work very closely together. authorityrespective in this particular ecosystem, we do work with them on a regular basis. >> you mentioned the common carriers. over at the fcc, the companies that are considered common carriers are looking to transform the networks which under current fcc regulation are considered to be failure

networks. that and the implications and interactions between you and the fcc in terms of the system -- you have greater enforcement authority over the kinds of services and andloping over the top noncommon carrier services that you have in the past. >> i don't see anything changing. in the point that i make when i talk about eliminating the common carrier exemption -- we feel that we want to be able to apply the rules that we enforce over the entire ecosystem so that everybody has the same rules of the road. in terms of jurisdiction, i think we have a really good relationship with the fcc and i think each of us have a slightly different but equally important roles. we work very closely with them to ensure that we use our

resources effectively in this area. my view is that we can certainly continue to do that and we will see how things develop over time. i see each agency having their own important roles. >> what is a privacy scorn why that becoming significant? mean, companies are giving themselves a privacy score? is the what is going on issue about communicating in some way to consumers what protections are being afforded and how they can get more information to distinguish between companies in terms of their privacy and data practices. we advocate what we call some bona fide choice. we don't support -- what we call simplified choice.

there has been talk in this arena about how do we communicate or how can companies communicate to consumers in some easy way of how privacy protected they are. there are talks about how we can go about that. >> recently in the new york -- barry was quoted steinhardt was quoted as saying that the u.s. is basically the wild west of privacy. do we have different standards than the rest of the world? >> we do have different standards than european laws. i think for some time there has been a misimpression from the european perspective about how americans feel about privacy. that may say by way of brack in additionkground, to the domestic work we do, we

also engaged internationally and very deeply with counterpart agencies around the world. that includes data protection authorities around the globe whose mission is to protect privacy. ftcink we actually at the have been engaging with our counterparts to let them know that americans care very deeply about privacy. while we have a different legal have --nd we may not may not look a privacy quite the same way that others do in europe, we do care very deeply about it and we are serious about it. the work we have engaged in an area is very much demonstrative of that fact. in addition, the fact of the matter is that around the world you see very different approaches. when you are talking about

issue at the, the international level, the issue the reality is- different jurisdictions, there are different cultures of privacy. in addition to delivering legal regimes and approaches to privacy. is howstion that comes can the systems work together in a way that provides effective and robust perfection for consumers? that is what we care about. it is a global economy and a that is invider different parts of the world, that issue about how you operate becomes critical. we need to develop systems in order to make sure there is operability and there is sufficiently robust standards so data cananies can --

cross borders but do so that it is safe and privacy protected. union isropean ensuring that individuals expectation of privacy are protected when a company takes the data outside that country. there has been pushed back from european stakeholders in the wake of the road -- of the revelations of the nsa. butrnment surveillance, there has been concern about allowing u.s. companies to take european data out. recently taken some action against companies who claim to be observing the safe harbor, that have not finished their certification. is that design to try to address

these concerns in europe about how the safe harbor protections are for european citizens? >> the me give more background about the safe harbor framework. it is a program that is administered by the department of commerce. the ftc is the enforcer. it is designed to allow u.s. companies to transfer data from europe to the u.s. yes, over the years there have been certain concerns voiced about how robust the program is. we think it is a necessary tool that works well and provides an important function given the significant trade relations between u.s. and europe. we have heard the criticisms and concerns that has been expressed by our european colleagues. in our view, even though the program is working well, we do

some companies may not be fully compliant and we expected take action and will take action in those situations. the way the program was ftcially conceived, the was expected to receive referrals from europe whenever there was any concern about a company not complying with the program. we ended up receiving very few referrals and that was one of the reasons why we haven't taken many action when we started hearing a few years back about concerns. we started taking initiative on our own and whenever we look at issues we want to ensure that there is compliance. close to 25ght cases in that arena so we are making sure that we are doing everything we can to make sure the program works well. we are also in conversation with european commission over how the program can be improved.

we are doing that jointly with the department of commerce. >> we are out of time. ramirez,ton and edith chairman of the federal trade commission. please come back. >> thank you. >> c-span, created by america's cable companies 35 years ago and brought to you today as a public service by your television provider. >> the acting director of the white house's national drug control policy will testify about the president's budget next week on capitol hill. he spoke to the lieutenant governors association about the scripture and drug abuse -- prescription drug abuse. this is 25 minutes.

>> good morning. i am the lieutenant governor of oklahoma and chair of the national lieutenant governors association. good morning and thank you all for being here. day and very busy first a great evening last night. this morning, we welcome a very distinguished guest. the acting director michael botticelli of the national drug control policy office. too many of our states are facing a growing tide of opiate overdoses. drug use ingle with our various communities. we thank the acting director for making the lieutenant governors one of the first groups he is speaking with in his new role at the helm of this office. willie forward to hearing your thoughts on how to address these issues. these join me in welcoming

acting director. [applause] >> but i really want to thank you for having opportunity to come and talk with you. i have not been in a state or community over the past time that i have been doing this work that hasn't been impacted by significant drug-related issues. one of the things that we talk about is just kind of scratching the surface of any major issue that you have in your state, whether it is child welfare, whether it is medicaid, whether it is correction cost. you will find that drug issues are beneath that. it is an issue that i think we all have interest in today. you