In 'Decisive' Step for Consumers, FCC Proposes New Privacy Rules for ISPs
"Given the central role the internet plays in our daily lives and the amount and sensitivity of the data we share online, consumers need to be put in the driver’s seat."
The Federal Communications Commission (FCC) on Thursday proposed new rules that regulate how Internet Service Providers (ISPs) can use and share customer data, which privacy and technology advocates called a "decisive step to protect consumers."
The proposed rules (pdf), to be voted on at the commission's March 31 meeting, would require ISPs to disclose how users' online activity may be collected and require them to increase safeguards against hacking and identity theft, or other unauthorized breaches.
It's the FCC's first major regulatory undertaking after its vote in February 2015 designating the internet to be a public service. By reclassifying ISPs as utilities under Title II of the Communications Act, the FCC was required by law to create privacy rules for them.
Providers will still be able to use customer data or share it with affiliates to market other communications services, but the rules would give users the ability to opt out of such programs--and if the ISPs want to use customer data for any other purpose, they would have to obtain "affirmative 'opt-in' consent" from users.
"Given the central role the internet plays in our daily lives and the amount and sensitivity of the data we share online, consumers need to be put in the driver's seat," said Katharina Kopp, director of privacy and data at the Center for Democracy and Technology, an advocacy group. "Giving individuals the opportunity to affirmatively consent to uses of their broadband data for purposes unrelated to providing communications services is fair and will give them some much needed control."
ISPs have an "unobstructed view" of users' unencrypted activity on the internet, FCC chairman Tom Wheeler noted in a fact sheet on the proposal. Even when activity is encrypted, the providers can still see what websites users visit and how long they spend on them.
"When consumers sign up for internet service, they shouldn't have to sign away their right to privacy," Wheeler wrote.
Another advocacy group, the Electronic Privacy Information Center (EPIC), noted that the focus on ISPs "misses a vast amount of data collection activities by other service providers" such as search engines, social media platforms, and other websites, and urged the commission to establish a broader framework of guidelines based on the code of fair information practices.
However, according to the FCC, websites like Facebook and Twitter are under the jurisdiction of the Federal Trade Commission (FTC), which cannot create rules for online privacy.
Still, the new rules are "a decisive step to protect consumers," said Meredith Rose, a staff attorney at Public Knowledge, a digital rights group. "This is an issue which touches the life of every connected consumer, and we are pleased to see the chairman taking a stand on such a critical topic."
Gaurav Laroia, a policy counsel at Free Press, said in a statement, "Congress was wise to require that the FCC maintain special privacy protections for customers of all common carriers. It's crucial for the FCC to modernize these protections and apply them to broadband."
"As the gatekeepers to the internet, ISPs like AT&T, Comcast and Verizon are uniquely positioned to access almost all of our internet traffic, including information about the sites we visit and the messages we send," Laroia said. "That's especially true when internet users aren't encrypting their conversations or taking other steps to protect themselves from prying."
Following the March 31 vote, the FCC will open the rules to public comment. The approval process is expected to take several months.
Urgent. It's never been this bad.
Dear Common Dreams reader, It’s been nearly 30 years since I co-founded Common Dreams with my late wife, Lina Newhouser. We had the radical notion that journalism should serve the public good, not corporate profits. It was clear to us from the outset what it would take to build such a project. No paid advertisements. No corporate sponsors. No millionaire publisher telling us what to think or do. Many people said we wouldn't last a year, but we proved those doubters wrong. Together with a tremendous team of journalists and dedicated staff, we built an independent media outlet free from the constraints of profits and corporate control. Our mission from the outset was simple. To inform. To inspire. To ignite change for the common good. Building Common Dreams was not easy. Our survival was never guaranteed. When you take on the most powerful forces—Wall Street greed, fossil fuel industry destruction, Big Tech lobbyists, and uber-rich oligarchs who have spent billions upon billions rigging the economy and democracy in their favor—the only bulwark you have is supporters who believe in your work. But here’s the urgent message from me today. It’s never been this bad out there. And it’s never been this hard to keep us going. At the very moment Common Dreams is most needed and doing some of its best and most important work, the threats we face are intensifying. Right now, with just two days to go in our Spring Campaign, we're falling short of our make-or-break goal. When everyone does the little they can afford, we are strong. But if that support retreats or dries up, so do we. Can you make a gift right now to make sure Common Dreams not only survives but thrives? There is no backup plan or rainy day fund. There is only you. —Craig Brown, Co-founder |
The Federal Communications Commission (FCC) on Thursday proposed new rules that regulate how Internet Service Providers (ISPs) can use and share customer data, which privacy and technology advocates called a "decisive step to protect consumers."
The proposed rules (pdf), to be voted on at the commission's March 31 meeting, would require ISPs to disclose how users' online activity may be collected and require them to increase safeguards against hacking and identity theft, or other unauthorized breaches.
It's the FCC's first major regulatory undertaking after its vote in February 2015 designating the internet to be a public service. By reclassifying ISPs as utilities under Title II of the Communications Act, the FCC was required by law to create privacy rules for them.
Providers will still be able to use customer data or share it with affiliates to market other communications services, but the rules would give users the ability to opt out of such programs--and if the ISPs want to use customer data for any other purpose, they would have to obtain "affirmative 'opt-in' consent" from users.
"Given the central role the internet plays in our daily lives and the amount and sensitivity of the data we share online, consumers need to be put in the driver's seat," said Katharina Kopp, director of privacy and data at the Center for Democracy and Technology, an advocacy group. "Giving individuals the opportunity to affirmatively consent to uses of their broadband data for purposes unrelated to providing communications services is fair and will give them some much needed control."
ISPs have an "unobstructed view" of users' unencrypted activity on the internet, FCC chairman Tom Wheeler noted in a fact sheet on the proposal. Even when activity is encrypted, the providers can still see what websites users visit and how long they spend on them.
"When consumers sign up for internet service, they shouldn't have to sign away their right to privacy," Wheeler wrote.
Another advocacy group, the Electronic Privacy Information Center (EPIC), noted that the focus on ISPs "misses a vast amount of data collection activities by other service providers" such as search engines, social media platforms, and other websites, and urged the commission to establish a broader framework of guidelines based on the code of fair information practices.
However, according to the FCC, websites like Facebook and Twitter are under the jurisdiction of the Federal Trade Commission (FTC), which cannot create rules for online privacy.
Still, the new rules are "a decisive step to protect consumers," said Meredith Rose, a staff attorney at Public Knowledge, a digital rights group. "This is an issue which touches the life of every connected consumer, and we are pleased to see the chairman taking a stand on such a critical topic."
Gaurav Laroia, a policy counsel at Free Press, said in a statement, "Congress was wise to require that the FCC maintain special privacy protections for customers of all common carriers. It's crucial for the FCC to modernize these protections and apply them to broadband."
"As the gatekeepers to the internet, ISPs like AT&T, Comcast and Verizon are uniquely positioned to access almost all of our internet traffic, including information about the sites we visit and the messages we send," Laroia said. "That's especially true when internet users aren't encrypting their conversations or taking other steps to protect themselves from prying."
Following the March 31 vote, the FCC will open the rules to public comment. The approval process is expected to take several months.
The Federal Communications Commission (FCC) on Thursday proposed new rules that regulate how Internet Service Providers (ISPs) can use and share customer data, which privacy and technology advocates called a "decisive step to protect consumers."
The proposed rules (pdf), to be voted on at the commission's March 31 meeting, would require ISPs to disclose how users' online activity may be collected and require them to increase safeguards against hacking and identity theft, or other unauthorized breaches.
It's the FCC's first major regulatory undertaking after its vote in February 2015 designating the internet to be a public service. By reclassifying ISPs as utilities under Title II of the Communications Act, the FCC was required by law to create privacy rules for them.
Providers will still be able to use customer data or share it with affiliates to market other communications services, but the rules would give users the ability to opt out of such programs--and if the ISPs want to use customer data for any other purpose, they would have to obtain "affirmative 'opt-in' consent" from users.
"Given the central role the internet plays in our daily lives and the amount and sensitivity of the data we share online, consumers need to be put in the driver's seat," said Katharina Kopp, director of privacy and data at the Center for Democracy and Technology, an advocacy group. "Giving individuals the opportunity to affirmatively consent to uses of their broadband data for purposes unrelated to providing communications services is fair and will give them some much needed control."
ISPs have an "unobstructed view" of users' unencrypted activity on the internet, FCC chairman Tom Wheeler noted in a fact sheet on the proposal. Even when activity is encrypted, the providers can still see what websites users visit and how long they spend on them.
"When consumers sign up for internet service, they shouldn't have to sign away their right to privacy," Wheeler wrote.
Another advocacy group, the Electronic Privacy Information Center (EPIC), noted that the focus on ISPs "misses a vast amount of data collection activities by other service providers" such as search engines, social media platforms, and other websites, and urged the commission to establish a broader framework of guidelines based on the code of fair information practices.
However, according to the FCC, websites like Facebook and Twitter are under the jurisdiction of the Federal Trade Commission (FTC), which cannot create rules for online privacy.
Still, the new rules are "a decisive step to protect consumers," said Meredith Rose, a staff attorney at Public Knowledge, a digital rights group. "This is an issue which touches the life of every connected consumer, and we are pleased to see the chairman taking a stand on such a critical topic."
Gaurav Laroia, a policy counsel at Free Press, said in a statement, "Congress was wise to require that the FCC maintain special privacy protections for customers of all common carriers. It's crucial for the FCC to modernize these protections and apply them to broadband."
"As the gatekeepers to the internet, ISPs like AT&T, Comcast and Verizon are uniquely positioned to access almost all of our internet traffic, including information about the sites we visit and the messages we send," Laroia said. "That's especially true when internet users aren't encrypting their conversations or taking other steps to protect themselves from prying."
Following the March 31 vote, the FCC will open the rules to public comment. The approval process is expected to take several months.