FCC Signals It's No Longer Going To Nap On Broadband Privacy Issues
from the selling-everything-that-isn't-nailed-down dept
The FCC this week informed broadband ISPs that the agency is no longer going to be napping at the wheel when it comes to broadband-related privacy enforcement. In a new enforcement advisory posted to the FCC website (pdf), the FCC said that with ISPs now classified as common carriers under the new Title II based net neutrality rules, the FCC's going to be taking a long hard look at improving broadband privacy protections. While the actual rulemaking process is still being worked on, the FCC will be leaning on Section 222 of the Communications Act, historically used to protect Customer Proprietary Network Information (CPNI) on phone networks.ISPs have already started complaining the FCC's imposing draconian, ancient regulations on the modern Internet, and such rules will saddle them with all manner of new costs. Of course it should be noted that most of these privacy protections are fundamental common sense -- and in some cases things most ISPs are already doing. They range from from requiring that ISPs keep private consumer data encrypted when being stored on servers, to not sharing consumer data with third parties without the explicit consent of consumers. The FCC shockingly found that absent such protections, things don't work out well for consumers:
"The Commission has found that absent privacy protections, a broadband provider’s use of personal and proprietary information could be at odds with its customers’ interests and that if consumers have concerns about the protection of their privacy, their demand for broadband may decrease."Of course ISPs have grown pretty comfortable with regulators that couldn't care less about (or lacked the authority to police) broadband privacy abuses. One case in point is Verizon's recent decision to manipulate wireless traffic to create new, undeletable super cookies. Despite the fact it took security researchers two years to find Verizon's zombie cookie and another six months for Verizon to even seriously acknowledge a problem, the telco has historically tried to argue greater privacy protections aren't needed for broadband and wireless because "public shame" will keep the company honest.
Many users also might recall how ISPs have long sold user clickstream data to third parties, but have historically denied that they collect any of this data whatsoever. Similarly, AT&T has been charging its gigabit fiber users a $44-$66 fee if they want to opt out of having their traffic snooped on via deep packet inspection. In both instances regulators simply couldn't have cared less. Obviously having regulators do absolutely anything at all to protect broadband user privacy is a pretty unsettling change for a industry awash in regulatory capture.
While the FCC hasn't yet solidified the rules for modern broadband networks, it is telling ISPs that it can reach out to the FCC if they have any questions about how the FCC intends to interpret the rules in the snoopvertising age moving forward:
"Although no broadband provider is in any way required to consult with the Enforcement Bureau, the existence of such a request for guidance will tend to show that the broadband provider is acting in good faith. The application of Section 222 offers an opportunity for broadband customers to increase their demand for broadband by knowing that their privacy is well-protected. In that goal, the Enforcement Bureau believes its interests and those of the great majority of broadband providers are firmly aligned."While I know there's an amazing amount of cognitive dissonance (my own head included) forged by the idea that a government so horrible on surveillance issues could possibly do anything good on the privacy front, the FCC's recent track record of actually giving a damn about consumer issues is encouraging. It's as if the FCC has awoken form a long, deep slumber, and after fifteen years of being an empty-headed bobble head doll, has suddenly started caring about issues like broadband competition, massive, billion-dollar telecom industry scams and state protectionist telecom laws.
None of this is to suggest FCC over-reach on privacy is impossible, but based on Wheeler's behaviors of late it seems likely the FCC's just looking to impose some common sense ground rules. Still, there will certainly be no limit of handwringing among ISPs how some basic broadband privacy protections will destroy the Internet. You know, just like the net neutrality rules are obviously doing.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: consumer protection, data breaches, fcc, privacy, section 222, title ii
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re: BentFranklin
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re: Tom Wheeler's looking less and less like a dingo every day...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"not sharing consumer data with third parties without the explicit consent of consumers"
That "without the explicit consent" is all that lets Google operate by gathering data from nearly every web-site without any notice at all. No one by any known way except staying entirely off the internet can avoid ALL of Google's spying and tracking: most don't know how deep it goes -- and those who get money from Google believe that its good.
Techdirt's views aren't uniformly anti-corporate and pro-consumer: they won't call for any pro-consumer "neutrality" to be applied to Google.
[ link to this | view in chronology ]
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
[ link to this | view in chronology ]
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
How I hate that contemptible "share" when it's a commercial transaction that the public has a right to regulate so much as we like.
No, I demand that YOU prove your claims. Google is only entity that can prove itself innocent, but should be assumed guilty just from known abilities. To say the least, it's an interested and therefore unreliable witness.
[ link to this | view in chronology ]
Re: Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Where exactly do you live? Because that's not how we do things in the USA, even for people who have been accused of doing things far worse than what Google's been accused of.
[ link to this | view in chronology ]
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
How I hate that contemptible "share" when it's a commercial transaction that the public has a right to regulate so much as we like.
No, I demand that YOU prove your claims. Google is only entity that can prove itself innocent, but should be assumed guilty just from known abilities. To say the least, it's an interested and therefore unreliable witness.
[ link to this | view in chronology ]
Re: Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Since you're apparently Googlephobic, I'll provide a Yahoo! search for you to start with:
https://search.yahoo.com/search?p=how+do+google+ads+work
Or how about Bing?
https://www.bing.com/search?q=does+google+sell+personal+information
[ link to this | view in chronology ]
Re: Re: Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
[ link to this | view in chronology ]
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
[ link to this | view in chronology ]
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Now, I don't say this will nor that the FCC has that in its scope, only that the principle in a pro-consumer regulatory milieu would logically also apply to Google,
[ link to this | view in chronology ]
A delight
On the substance, great news of course!
[ link to this | view in chronology ]