TrustArc Blog

Privacy Protections for Broadband ISP Consumers Uncertain

March 24, 2017

Last fall Chairman Wheeler put together a proposal that would help provide universal privacy protection principles to individuals’ personal information collected by broadband Internet Service Providers (ISPs), namely: choice, transparency, and security. Approved by the U.S. Federal Communications Commission, the rules  would implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs.

The rules separate the use and sharing of information into three categories and include clear guidance for both ISPs and customers about the transparency, choice and security requirements for customers’ personal information:
Opt-in:  ISPs are required to obtain affirmative “opt-in” consent from consumers to use and share sensitive information. The rules specify categories of information that are considered sensitive, which include precise geo-location, financial information, health information, children’s information, social security numbers, web browsing history, app usage history and the content of communications.
Opt-out:  ISPs would be allowed to use and share non-sensitive information unless a customer “opts-out.” All other individually identifiable customer information – for example, email address or service tier information – would be considered non-sensitive and the use and sharing of that information would be subject to opt-out consent, consistent with consumer expectations.
Exceptions to consent requirements:  Customer consent is inferred for certain purposes specified in the statute, including the provision of broadband service or billing and collection. For the use of this information, no additional customer consent is required beyond the creation of the customer-ISP relationship.

Today the US Senate voted on a Joint Resolution of Disapproval on these rules:

Providing for congressional disapproval under chapter 8 of title 5, United States Code, of the rule submitted by the Federal Communications Commission relating to “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services”.

Resolved by the Senate and House of Representatives of the United States of America in Congress assembled, That Congress disapproves the rule submitted by the Federal Communications Commission relating to “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (81 Fed. Reg. 87274 (December 2, 2016)), and such rule shall have no force or effect.

The resolution will move on to the US House of Representatives. We will provide updates at that time.

 

Subscribe to Blog