Editor’s note: This blog is the second of PRIVATE WiFi’s #CyberSAFE Leaders Series. Every Friday during National Internet Safety Month this June we will publish a feature story highlighting the work of a leader in the world of cyber safety. This week we profile Maureen Ohlhausen. She is a Commissioner with the Federal Trade Commission (FTC) and has broad experience in the areas of online privacy and consumer information protection.
FTC Commissioner Maureen Ohlhausen has spent her entire career focused on Internet privacy, data protection, and cybersecurity practices. An accomplished attorney, public speaker, and “big data” expert, she also finds time to maintain an active social media presence on Twitter.
Here are four reasons you should know more about this intelligent, tenacious leader implementing real change for enhanced Internet safety in Washington, DC, and beyond:
1. She’s a frequent speaker and noted expert in the debate over privacy and big data.
As Ohlhausen pointed out in a keynote speech at a “Future of the Internet” forum, she is “both amused and frustrated by some of the voices in the privacy debate.” The FTC is charged with protecting one constituency: consumers. But “certainly not all consumers are the same, and the privacy debate is a great example of an issue on which there are differing views on the right level of protection for consumer data.”
So what is big data? Some criticize the term as a meaningless buzzword, but as Ohlhausen pointed out in another keynote address recently — at the “Privacy Principles in the Era of Massive Data” at Georgetown University — data has three parts that need to be examined: it’s large volume; significant variety, and high velocity.
Ohlhausen suggested that, “many big data concerns are also concerns for traditional ‘small data’ and are already familiar to the FTC. Without adequate security safeguards, any data, big or small, can fall into the wrong hands. Recent reports of data breaches at retailers and other businesses obviously raise serious concerns.”
2. She’s a highly accomplished attorney fighting for consumer privacy.
The FTC has been actively enforcing basic data security requirements to address consumer harm and has brought more than 50 data security cases. Recently, in FTC v. Wyndham, a federal district court confirmed that the FTC has authority to protect consumers from unfair data security practices by bringing such cases.
While some recent “big data” breaches are very large in scale, this is not a new development. For example, in 2009 the FTC investigated a data breach at Heartland Payment Systems, where hackers stole more than 130 million credit card numbers.
“Most of the cases have focused on failures to take even basic precautions, even basic steps,” Ohlhausen said in a recent interview with blogger and radio journalist Hugh Hewitt.
“So for example, not having a firewall, or not having a password, we’ve brought suits against companies that keep the word ‘password’ as their password, or who take data… A lot of this is online, but not all of it is online. So a lot of the steps that we are asking companies to take are basic and simple steps that would do a lot to help protect consumers’ personal information,” she added.
3. She thinks Congress can pass legislation to protect consumers when hackers steal their data online.
At the State of the Net Wireless conference, Ohlhausen said she was “somewhat optimistic” about the prospect of a bill, after a series of headline-grabbing data breaches in recent months.
“I think there has been continuing interest in Congress and I think some of these big data breaches have kept the energy up behind it. It’s very difficult. Congress, obviously, has a lot on its plate.”
4. She wants to protect your data in the cloud.
A significant part of the FTC’s work is protecting Americans’ privacy as more and more data moves into the cloud. While the cloud enables parties in different geographical locations to contribute in real time to the same product, this “distributed computing” environment means that countries must work together to achieve their consumer protection policy goals, Ohlhausen advises.
“Finding ways to work together to promote international trade in information and data services while protecting the privacy of consumers – a concept that differs by jurisdiction – is critical to unlocking the full economic benefits of cloud computing and other cross-border data flows,” she said in a speech at the 2014 Cloud Computing Conference.
Preventing Consumer Fraud
Ohlhausen’s mission is to help consumers detect and avoid fraud. What are some easy steps you can take today?
- First, if a company contacts you and asks for personal information, but you’re not sure that you’re dealing with the real thing, find another way to contact the legitimate business and ask.
- Second, don’t provide your credit card or bank account number unless you are actually paying for something.
- Third, your Social Security number should not be necessary unless you are applying for credit. You can always say no, or at the very least, ask why it’s even needed.
- Fourth, be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that you know the business already has on record.
- Fifth, remember that any time you store data on the Internet — or in “the cloud” — you are at risk for a cyberattack. Always use strong passwords and be on the lookout for phishing schemes.