Privacy advocates are vowing to fight a potential rollback of the Federal Communications Commission’s broadband privacy rules after the Senate voted Thursday 50-48 to pass a joint resolution dismantling protections.
“With today’s vote, Senate Republicans have just made it easier for American’s sensitive information about their health, finances and families to be used, shared, and sold to the highest bidder without their permission,” said Senator Edward Markey (D-Mass.), a member of the Commerce, Science and Transportation Committee.
Markey and others say dismantling online privacy protections created by the FCC’s 2016 Broadband Privacy Order by way of the Congressional Review Act doesn’t just terminate the FCC’s privacy rules but also prevents the agency from creating similar privacy protections in the future.
For weeks broadband companies had been lobbying to nullify the enforcement of consumer privacy protections scheduled to take effect this month. Federal officials approved the privacy rules in October that would prevent companies such as Verizon, Comcast and Time Warner Cable from collecting and selling information about individuals such as websites visited and apps used without first getting consumer consent to do so.
The Internet and Television Association, a cable industry lobbying group, had long argued that current rules put ISPs at a disadvantage over web services such as Google, Twitter and Facebook that were regulated by the FTC and weren’t beholden to the same restrictive privacy rules as the FCC placed on them.
“The FCC’s regulations were not only onerous, but also singled out ISPs with overly restrictive privacy responsibilities. Meanwhile, the Internet’s giant edge providers were exempt despite having access to similar, if not more, consumer data for their commercial use,” said Matthew Polka, president and CEO of American Cable Association, which represents smaller ISPs.
Privacy advocates at the Electronic Frontier Foundation said they would fight lawmakers from giving ISPs “even creepier ways to track and profit off of your every move online.” It points out that even Google and Facebook can’t access everywhere you go online, as ISPs would be able to.
Privacy experts warn that ISPs would have the ability to go beyond collecting data on browsing history. Data collection capabilities include deep packet inspection of web traffic that would allow an ISP to determine location, name, age and shopping records.
The House of Representatives will get a chance to vote on the Congressional Review Act next week where it is expected pass.
The measure has the support of newly appointed FCC Chairman Ajit Pai and is seen as an in line with President Trump’s overall deregulation goals. For his part, Pai has sided with ISPs stating that FCC privacy rules were unduly burdensome on ISPs compared to FTC privacy restrictions placed on Facebook and Google. Pai has also been a harsh critic of Net Neutrality rules arguing when the FCC classified ISPs as a public utilities or common carriers the government went too far.
Pai has argued the FCC will still be able to regulate ISPs’ privacy policies using Title II, Section 222 of the Communications Act. Privacy advocates point out that Section 222 does not mention the protection data tied to web browsing and app usage.
“Due to the way Congress plans to repeal the FCC’s privacy rules, there’s going to be a lot of legal uncertainty about whether or not the FCC will be allowed to do anything related to ISPs and privacy in the future,” wrote the EFF last week. “In other words, it’s not clear if you’ll be at the mercy of your ISP or not, and by the time the courts figure it out, your ISP will have already had the chance to do some pretty creepy things.”
Under the Obama administration, former FCC Chairman Tom Wheeler said ISPs had to ask permission to track customers and were required use “reasonable measures” to protect consumers against hackers and data breaches. Those measures were scheduled to go into effect at the end of the year. Incoming commissioner Pai delayed the rules.
On Thursday, in a joint statement by the FCC commissioner Mignon Clyburn and FTC commissioner Terrell McSweeny both presented a dissenting viewpoint. “This legislation will frustrate the FCC’s future efforts to protect the privacy of voice and broadband customers. It also creates a massive gap in consumer protection law as broadband and cable companies now have no discernible privacy requirements. This is the antithesis of putting #ConsumersFirst. The House must still consider this legislation. We hope they recognize the importance of consumer privacy and not undermine the ability of Americans to exercise control over their sensitive data.”