On April 3rd, 2017, United States President Trump signed a Congressional resolution repealing certain regulations that would have required U.S. Internet service providers to acquire customer permission prior to collecting, using, or selling information about customer browsing habits and history. The repealed regulations were passed by the FCC 5 months earlier.
What Needs to be known about Broadband Internet Privacy in the United States:
There are still rules and regulations regarding Broadband Internet Privacy.
Thee FCC still has the authority to take action against an ISP that commits unreasonable or illegal business practices. The Federal Trade Commission, or FTC, can take action as well when a company acts deceptively or does something illegal. However, there are still questions about the FTC’s authority due to a recent ruling by the U.S. federal court that found the FTC has no jurisdiction regarding broadband companies – the case involved AT&T – all due to the 2015 Net Neutrality rules putting that authority under the FCC.
Advocates of security and privacy make it clear that FCC’s new rules simply set expectations of conduct by ISP but enforcement is on an after-the-fact basis. Most residential and mobile ISPs have voluntary privacy policies. As Congresswoman Marsha Blackburn put it, “Companies have a financial incentive to handle your personal data properly because to do otherwise would significantly impair their financial standing..”
The FCC tried to pass the regulations for a good reason.
The former Chairman of the FCC, Tom Wheeler, tried to raise broadband consumers’ privacy protection with the new rules which give them more choice in how exactly their personal data might be used. Those rules had also required internet providers to maintain at least an industry standard level of data security to protect the privacy of consumers. Without those rules an ISP could potentially undermine cyber-security by using consumer data. This is due to the fact that internet use is encrypted and that ISPs must decrypt and re-encrypt it for the sole purpose of collecting data which leads to weaker security and a heightened vulnerability to being hacked.
Other companies have already been collecting and selling your data.
Facebook has been collecting demographic data and other data from user profiles for years which help them deliver ads which make advertisers the most income in return. Google has been doing the same thing for much longer and on an even larger scale. However, it should be noted that Google and Facebook are both voluntary free services while ISPs are paid and often the only choice a customer has so privacy should be respected.
Broadband internet customers should stay informed.
Sadly, because of the Congressional Review Act, on it’s own the FCC is not allowed to propose similar privacy regulations. However, senators have already made promises that legislation requiring the FCC to create stronger broadband rules will be introduced which would then allow the FCC to re-open the issue.
Members of Congress could also get legislation passed that defines the roles of the FTC and FCC more distinctly. FCC Chairman Ajit Pai has said he is trying to work with the FTC to develop a framework of comprehensive and consistent privacy.
As more and more companies provide residential and mobile broadband, the privacy issue is sure to remain convoluted and confusing.