The Federal Communications Commission (FCC) has its hands in various aspects of the internet. Some of its consumer-centric actions have sprouted strong roots, while others have been pared back or shutdown altogether. Led by Chairman Tom Wheeler, the FCC is back at it again, this time in an effort to fight for the privacy of U.S. internet users.
Wheeler is calling for internet service providers (ISPs) to obtain express consent from its customers before they siphon web browsing data and other private information to share with advertisers (or other potentially lucrative deals with third-parties).
FCC Charirman Tom Wheeler
“Seldom do we stop to realize that our Internet Service Provider – or ISP – is collecting information about us every time we go online,” writes Wheeler. “The problem is, there are currently no rules in place outlining how ISPs may use and share their customers’ personal information.”
Wheeler goes onto provide an overview of what sort of information your ISP is able to obtain from your daily browsing habits, and how that information could be valuable to its partners. “[Your ISP has a] broad view of all of your unencrypted online activity – when you are online, the websites you visit, and the apps you use. If you have a mobile device, your provider can track your physical location throughout the day in real time,” Wheeler continues. “Even when data is encrypted, your broadband provider can piece together significant amounts of information about you – including private information such as a chronic medical condition or financial problems – based on your online activity.”
Under the FCC’s proposal, your ISP would have to properly notify customers about the type of information that is collected, how that information is shared and used, and provide a list of the companies that would be privy to that information.
The FCC goes on to state:
In addition, ISPs would be required to obtain affirmative “opt-in” consent before using or sharing sensitive information. Information that would be considered “sensitive” includes geo-location information, children’s information, health information, financial information, social security numbers, web browsing history, app usage history, and the content of communications such as the text of emails. All other individually identifiable information would be considered non-sensitive, and the use and sharing of that information would be subject to opt-out consent.
In the past, AT&T has employed a controversial pay-for-privacy model in some GigaPower markets around the country. Customers who gave up their privacy were given a discount on service, making their monthly cost for 1Gbps internet $70 per month. Customers who valued their privacy, however, were forced to pay an additional $29 per month for that privilege. After plenty of backlash and regulatory pressure, AT&T recently dropped the practice.
For its part, USTelecom, which represents the country’s top ISP’s including big names like Verizon, issued the following statement in response:
Consumers are best served when privacy rules are clear and consistent across the entire internet. We are pleased that the FCC has recognized the importance of providing consumers with a common expectation of privacy without regard to service or platform, and that the sensitive nature of the information being shared should be the determining factor in what is afforded increased protection. We are concerned, however, that the commission, which has no expertise with regard to determining the content of speech, is now attempting to redefine what consumers may regard as sensitive. In this regard, consumers would be better served if the FCC were to defer to the expertise of the FTC in this area, and the two agencies were to pursue a uniform approach.
The FCC commissioners will vote on the proposal on October 27th.