Senators Urge FTC Action on Consumer Neural Data, Signaling Heightened Scrutiny
In a letter dated April 28, 2025, a group of US senators urged Federal Trade Commission (FTC) Chair Andrew Ferguson to examine and address the privacy risks associated with the growing market for consumer devices capable of collecting neural data – information potentially revealing an individual’s thoughts, emotions or subconscious cognitive responses. Neurotech devices may be implanted in the brain or worn by a person, in the form of headbands, helmets or earbuds. They detect brain activity, such as electrical activity, blood flow and oxygenation, and can derive private information about a person from the data collected.
Citing the unique sensitivity of this data, the letter explicitly calls on the FTC to:
- Leverage its existing powers under Section 5 of the FTC Act to investigate neurotechnology companies that may be engaging in unfair or deceptive acts or practices.
- Invoke Section 6(b) of the FTC Act to study companies in the space and whether they are transferring data to foreign governments.
- Clarify how existing FTC privacy standards apply to neural data.
- Enforce the Children’s Online Privacy Protection Act (COPPA) to protect the privacy of children’s neural data.
- Initiate a rulemaking process with respect to neural data.
- Ensure that neurotechnologies are subject to disclosure and transparency standards, even when data is de-identified or anonymized.
The senators’ interest in whether neural data is being transferred to foreign governments mirrors the apparent concern of the Montana Legislature, whose mental privacy bill is on its way to Montana’s governor for signature. Montana’s bill would, among other things, prohibit neural data from being stored in certain countries and prohibit neural data from being stored in any countries outside the US, absent consumer consent.
The senators also expressed concern about military uses of neural data.
This direct Senate appeal elevates the potential for FTC investigations focused on neural data practices. Companies developing, deploying or utilizing consumer neurotechnologies, or processing consumer neural data, should interpret this as an indicator of heightened compliance expectations and regulatory risk. In light of this increased focus, companies involved with consumer neural data should proactively review and potentially enhance their data governance frameworks. Specifically, companies in the space should assess whether they:
- Provide clear, accessible information to users about how their neural data is collected, used, stored and shared.
- Ensure consent mechanisms are clear, specific, transparent and go beyond standard privacy policy disclosures to address the unique nature of neural data.
- Implement robust information security policies and procedures specifically tailored to the heightened sensitivity of neural information.
Cooley special counsel Brett Weinstein also contributed to this alert.
This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.