As reported on the Privacy and Information Security Law blog, on January 23, 2017, the FTC released a Staff Report (the “Report”) on cross-device tracking technology that can link multiple Internet-connected devices to the same person and track that person’s activity across those devices. The Report follows a November 2015 workshop on the same subject and is based on information and comments gathered during that workshop.

The Report explores how cross-device tracking technology works, its benefits and challenges, self-regulation efforts by the technology industry with respect to cross-device tracking and FTC recommendations for addressing concerns about this technology.

The Report reflects four overarching recommendations:

  • that companies engaged in cross-device tracking be transparent about their use of the technology;
  • that such companies offer consumers a choice about how their cross-device activity is tracked;
  • that companies refrain from engaging in cross-device tracking on sensitive topics (e.g., health, financial and children’s information); and
  • that companies take necessary security steps to protect the data they collect in the process of tracking consumers’ activity across devices.

In a concurring statement on the Report, FTC Commissioner Maureen K. Ohlhausen said, “today’s report does not alter the FTC’s longstanding privacy principles but simply discusses their application in the context of a new technology.” The Commission voted 3-0 to issue the Report.