Five ISP trade groups have put pen to paper questioning the need for the recently proposed FCC rules for broadband providers, saying they are against regulations specifically aimed at ISPs. They believe that consumer information should be protected based on the sensitivity of the data collected, rather than introducing new regulations specifically for the businesses that collect, store, or use those data.
Extensive Set of FCC Rules for ISPs Proposed
An extensive set of rules for ISPs have been proposed following the reclassification of broadband as a regulated, common carrier service. The FCC wants to give broadband customers greater choice and control over how their personal data are used. If the proposed FCC rules for broadband providers are passed they would severely limit how ISPs could use consumer data without first obtaining permission from their customers.
FCC Chairman Tom Wheeler has proposed that consumers should opt-in to the use of their personal data by their ISPs. Currently, ISPs are not required to obtain permission from their customers before they use or share their personal data. The proposed FCC rules for broadband providers would change this, and require consumers to opt-in before ISPs would be permitted to use or share their data for certain purposes.
Under the proposed regulations, data could still be used by ISPs to help them deliver a broadband service that consumers signed up for, for billing purposes, to market improvements to their services, or for other internal reasons on an opt-out basis. However, the new rules would require an opt-in from customers for data use for all other purposes.
Proposed FCC Rules for Broadband Providers Would Require Data Breach Notifications to be Sent to Customers
The proposed FCC rules for broadband providers would also require ISPs to notify consumers about breaches of their personal data. Wheeler has proposed that broadband providers notify consumers of a breach of personal data within 10 days of the discovery of a breach, far faster than is required by laws in the 40 states that have introduced legislation covering breaches of personal information.
Telecoms companies are extensively regulated and their ability to use data collected on consumers is limited. They are not permitted to repurpose or sell data collected from phone activity for example. However, the same rules do not currently apply to broadband providers, even though the data collected from Internet searches and online activity can reveal a great deal about individuals.
The new rules would improve consumer privacy, although trade groups such as USTelecom and CTIA have questioned the need for stricter regulations. They argue that consumers are able to protect their privacy by using VPNs or encryption if they are concerned about their privacy and the sharing of their data. The FCC has said that consumers should not have to rely on those services in order to protect their privacy.
However, privacy groups are calling for change, as under current regulations, American consumers do not have any privacy when they go online. An extensive amount of data is being collected on them via their online activity by their ISP. Those data are being used by ISPs in marketing strategies and as part of advertising partnerships and broadband providers are extensively tracking and profiling users. They argue that consumers need to have a greater say in how their data are being used.
The new proposed FCC rules for broadband providers will be debated during the next meeting on March 31. If approved the rules would be open for a period of public comment.