Last fall, the FCC adopted a new privacy framework that would allow broadband consumers to have a much bigger say into what happens to their data as it passes through internet providers’ cables. The Senate has just voted to kill those protections, before they went into effect.
FCC’s Privacy Rules
Over the past few years AT&T, Verizon, and Comcast have all tried to track users across the web and collect certain data about their browsing usage without permission. This data could have then be either exploited by the internet providers themselves or sold to other data brokers and advertising companies.
The previous FCC leadership believed that this was too much of an overreach and that there needed to be some ground rules that give internet users much more control over their data. As such, the FCC came up with a privacy framework that would:
- Require internet service providers (ISPs) to ask for permission before collecting sensitive information such as content of communications, precise geo-location, financial information, and more
- Allow users to opt-out of giving ISPs non-sensitive information such as email addresses
- Only allow ISPs to collect basic service information without which the service couldn’t be provided without any kind of consent from their customers
- Notify customers within 30 days that their data has been stolen in a data breach
Criticism From Internet Service Providers
The ISPs didn’t seem to like these privacy protections at all. One of their initial criticisms of the FCC’s initially proposed privacy rules was that there were already some privacy rules from the FTC, and that the FCC’s new privacy rules would make things too complex. The telecom industry lobbyists suggested that the FCC should just adopt the FTC’s privacy rules for the sake of consistency.
This request came after AT&T had already expressed some concerns about putting ISPs under the FTC’s jurisdiction. At the time, it thought the FTC was the more aggressive agency when it came to enforcing privacy and other broadband rules.
However, as the FTC chair previously said, the FTC privacy rules weren’t all that strong and that improvements were needed. These improvements were brought by the FCC’s new privacy rules--the same rules that were killed by the Senate today.
Overturning FCC’s Privacy Rules May Be Permanent
According to Fight For The Future’s (FFTF) “Save Broadband Privacy” website, Congress had 60 days to decide whether the FCC’s privacy rules would go into effect via the Congressional Review Act.
The act not only allows the Senate to overturn FCC rules but also permanently bans the FCC from trying to pass the same rules again. That means the FCC won't be able to implement the same privacy protections again in the future, and that the only way to do it would be through a new law.
In an FFTF article published right after the vote, the group said that the elimination of the FCC's privacy rules will allow ISPs to:
- Monitor and sell all your location data, search history, app usage, and browsing habits to advertisers without your permission
- Hijack your search results, redirecting your traffic to paying third parties
- Insert ads into web pages that would otherwise not have them
The FFTF also shared a list of Senators who voted for the bill, and the vote seems to fallen on partisan lines, with Republicans voting to gut the privacy protections while Democrats voted to keep them.
The House will still need to vote on a similar bill, which would then be merged and sent to President Trump for signing. In other words, there may still be some hope that the gutting of the FCC’s privacy framework could be stopped, especially because the House has been a little more privacy-oriented than the Senate in the past few years. However, this would probably still require people to contact their representatives and ask them to vote to keep the FCC’s privacy protections.