Internet providers such as Comcast and Verizon could face stiffer regulations on how they collect and share information about their customers under new online privacy regulations proposed Thursday by the Federal Communications Commission.
The proposal by FCC Chairman Tom Wheeler calls for broadband providers to more clearly disclose how they collect information about their customer’s Internet browsing and other online activities.
Coming nearly a year after the FCC voted 3-2 in favor of net neutrality rules that gave it much greater oversight over broadband providers, the online privacy proposal, if approved, would likely represent a significant milestone.
“Consumers should have effective control over how their personal information is used and shared by their broadband service providers,” a factsheet about the proposal says. “Telephone networks have had clear, enforceable privacy rules for decades, but broadband networks currently do not.”
Particularly, Mr. Wheeler’s proposal includes a series of opt-in and opt-out provisions for different uses of customer data by broadband providers. For example, it would prohibit
It also aims to improve the security of that information, including the requirement that Internet providers disclose a breach of their data to customers within 10 days.
The five-member panel is set to vote on the rules on March 31, but the long-anticipated proposal has already attracted controversy.
Privacy advocates hail the effort as a necessary dose of sunshine on the vast amounts of information Internet providers collect about what their customers do online, while cable companies say it goes too far.
“Given the central role the Internet plays in our daily lives and the amount and sensitivity of the data we share online, consumers need to be put in the driver’s seat,” says Katharina Kopp, director of privacy and data at the Center for Democracy and Technology, in a statement. “The FCC proposed actions today are an important first step. It’s good to see the FCC seize this rare and important opportunity to protect the privacy of broadband consumers."
But the Internet providers say that it would unfairly penalize them when websites such as Google also use customer data to generate so-called targeted advertising. The companies instead support the approach of the Federal Trade Commission, which now regulates online privacy by banning practices that it finds to be “unfair or deceptive.”
“Given the realities of this complex market, there is no basis for treating [Internet service provider] data as somehow ‘proprietary’ or subjecting ISPs to unique privacy requirements,” wrote Bob Quinn, AT&T’s senior vice president for regulatory affairs in a blog post before the proposal was announced. “Consumers expect and deserve consistent privacy protections for their online data, regardless of which company is collecting it and the technology used to collect it."
The proposal is also likely to be controversial within the FCC itself. The agency’s two Republican commissioners voted against the net neutrality rules last February.
“The FCC is doubling down on its misguided and broken Net Neutrality decision by imposing troubling and conflicting ‘privacy’ rules on Internet companies,” FCC Commissioner Michael O’Rielly, who voted against the net neutrality rules last year, said in a statement.
He described the agency’s approach to net neutrality as “reckless,” saying the FCC lacked “expertise, personnel or understanding” necessary to regulate online privacy.
But privacy advocates say the tougher regulations are a necessary step as some Internet providers have also moved into the business of online advertising.
“[Broadband] providers pose a unique and heightened risk to privacy for their subscribers, because of the unusually comprehensive and detailed data to which they have access in the course of offering broadband service,” wrote Harold Feld, senior vice president at Public Knowledge, in a white paper released last month.
The proposed rules take aim at that issue. For example, customers of Verizon’s Fios Internet service could receive information about the company’s mobile data plan because it is an affiliated service.
But the company — which was recently found to be tracking customers using so-called “super cookies” that couldn’t be deleted — wouldn’t be able to share that information with AOL, a media site it purchased last year, the New York Times reports.
Mr. Wheeler said his ultimate goal was to improve transparency for consumers about what information was being collecting by Internet providers.
“When these companies were operating as phone companies, the information generated by a phone call couldn’t be released unless the consumer said so,” he said in an interview with tech site The Verge before the proposal was unveiled. “You’ve got to ask yourself the question: why is the information generated by an Internet search different?”