Credit: Campaign_Creators
Digital privacy has been at the center of a social and political firestorm ever since Facebook’s dealings with Cambridge Analytica, which involved the collection of personal data without consent, was made public in 2018. And Meta isn’t the only big tech enterprise peddling data to monied third parties. With this, the US Federal Trade Commission (FTC) is looking into regulating the controversial practice, possibly resulting in new rules to protect the privacy and information of internet users.
The FTC notes that many companies participate in commercial surveillance. These firms harvest data and monitor the digital activities of their clientele, including their purchase histories, the websites and physical establishments frequently visited, and interactions with peers and loved ones. After which, the data is analyzed and leveraged to create profiles. To monetize, these companies sell the consumer profiles on the opaque market, use them for targeted campaigns, or apply behavioral ads on profiled consumers.
In response, the FTC commercial surveillance initiative is delving into setting rules and limits on how companies collect data and the types of data they collect. These intend to address loopholes or the lack of legislation that firms exploit to indiscriminately harvest consumer data. The agency requests the public to participate in the dialogue and help it shape new regulations.
The FTC also took aim at the lax data security practices being applied by companies, which have indirectly paved the way for the increasing number of data breaches. According to the Identity Theft Resource Center, the number of data breaches in the first quarter of 2022 grew by 14%, year-over-year. And the latest cybersecurity statistics reveal that the average cost of a data breach is a staggering $4.35 million.
How Does This Affect SaaS Companies?
The possible new regulations stemming from the FTC commercial surveillance initiative can have a profound effect on the data collection practices of SaaS companies. After all, today’s software solutions contain large volumes of customer and market data. In fact, many have already been subjected to the general data protection regulation (GDPR) imposed by the European Union. This compels EU companies to enter contracts that guarantee sufficient protection of consumer data. In addition, companies should inform data subjects on how data is processed and used.
The FTC could use the EU regulation as a basis for imposing new rules, on top of the contributions of the public, since it promotes transparency and holds companies accountable for the consequences of their data practices. Moreover, the GDPR—in regard to companies transitioning to new standard contractual clauses—takes effect at the end of the year, possibly coinciding with the upcoming plans of the FTC. The agency could concoct something similar to enforce global uniformity of data practice regulations.
SaaS companies should closely follow updates on the FTC’s decision on commercial surveillance regulation and keep an eye out for new rules. Lawyers can be hired to help them fully understand the upcoming regulations’ requisites and the consequences of breaking them. Acts that possibly infringe on the rights of digital consumers will have to be axed or pivoted, particularly those that don’t ask for their consent. Furthermore, companies should also ensure that the third parties they deal with are also compliant with the regulations so as not to breach customers’ trust.
The imposition of new regulations will be a challenge for SaaS vendors. Certain sacrifices will have to be made. But at the end of the day, the reward is the trust and protection of customers. This will enable them to transact with their preferred SaaS providers over long periods.
Why is FinancesOnline free?
Leave a comment!