The FCC’s notice of proposed rule making is the next step to implementing their Open Internet Order, whereas the Commission claimed jurisdiction of how ISPs handle online privacy as common-carrier telecommunications services.
Digital rights and consumer groups have been urging the FCC to start drafting online privacy rules towards consumer protection since 2015.
In March,
has circulated the NPRM to ensure consumers can make informed choices about how, and whether or not their data is used and shared by their ISP provider.
The proposal will adopt online privacy requirements of the Communications Act to today’s most significant communications technology- broadband Internet access.
Advocate Groups Pro-FCC Online Privacy Plan
During the conference call of reporters with a coalition of advocacy groups, namely, the CFA, EPIC, Public Knowledge, ACLU, and the Free Press, the coalition welcomed the FCC’s proposed online privacy rules.
The plan is out to use its net neutrality powers to enforce strict l
imits on what ISPs can do with customer-usage data.
With the rise of internet users, broadband providers sensibly have access to a massive database involving online customer habits, such as the websites they visit, when they get to the sites, and what they do.
As of today, most consumers are already aware that internet companies track and employ data for targeted marketing, and know that it’s not mere coincidence that something they browsed through earlier would appear in a banner advertisement on the next site they visit.
But do you know what you agree to when you sign up for broadband services?
It’s exactly what the FCC is up to, with the online privacy proposal built upon three core principles: choice, transparency, and security.
Primarily, customers are given the right to exercise informed control by having the choice to opt-in or out. ISPs are entailed to tell customers what information is being collected, under what circumstances they will share it with affiliate companies and third parties, and how they would go about doing it.
Broadband providers must take responsibility for the protection of customer data wherever it is stored and across their networks.
The proposed FCC mandate goes beyond requiring ISPs to secure data and send out online privacy notices, including the customer’s right to know when their data has been compromised due to vulnerabilities or a data breach.
Broadband providers would have to adopt risk-management assessments; personnel training programs, appointing a senior manager for due diligence, and robust customer authentication requirements, among many other conditions.
Rethinking Needed on a Flawed Approach
What’s meant to be an effective control over how personal information is used and shared proves to be an inefficient, ineffective, and imbalanced set of online privacy rules.
A coalition of groups made up of the USTelecom, CTIA – the Wireless Association, Consumer Technology Association, and the WISPA suggest the FCC rethink this proposal.
They cite how it is based on a flawed premise, breaking off from the White House’s uniform privacy framework and potentially leading to economic and technological problems, and most importantly, affecting consumers.
The trail of information that users create when accessing the internet is highly valuable and plays a significant role in shaping future online interactions and transactions.
Eliminating customer data sale to advertisers is the Broadband online privacy rule’s primary focus, but only to ISPs and not edge providers.
These are the two companies in the business of collecting, analyzing, or selling data to advertisers.
Broadband ISPs supply internet access, while edge providers supply the actual content that consumers are accessing online.
The regulation does not cover edge providers like search engines, social networks, operating systems, and email, and thus can continue to collect and market data.
The problem lies in the fact that this new online privacy rule is likely to create confusion among consumers, as they might mistakenly believe that they are protected them across all or most of their online activities.
Debra Berlyn, the privacy advocate, suggests that the FCC seek partnership and guidance from the FTC.
They are experts in the field who have long handled the complex world of online privacy and kept up with changes in a well-established framework of privacy rules for decades.
Chairman Wheeler promised to review the proposal, listen and learn from the public as well as ISPs before enforcing the said rules.
The best course seems to be to abandon this flawed approach for a more consistent one that consumers need for full online privacy protection.