FCC Signals It's No Longer Going To Nap On Broadband Privacy Issues
from the selling-everything-that-isn't-nailed-down dept
The FCC this week informed broadband ISPs that the agency is no longer going to be napping at the wheel when it comes to broadband-related privacy enforcement. In a new enforcement advisory posted to the FCC website (pdf), the FCC said that with ISPs now classified as common carriers under the new Title II based net neutrality rules, the FCC’s going to be taking a long hard look at improving broadband privacy protections. While the actual rulemaking process is still being worked on, the FCC will be leaning on Section 222 of the Communications Act, historically used to protect Customer Proprietary Network Information (CPNI) on phone networks.
ISPs have already started complaining the FCC’s imposing draconian, ancient regulations on the modern Internet, and such rules will saddle them with all manner of new costs. Of course it should be noted that most of these privacy protections are fundamental common sense — and in some cases things most ISPs are already doing. They range from from requiring that ISPs keep private consumer data encrypted when being stored on servers, to not sharing consumer data with third parties without the explicit consent of consumers. The FCC shockingly found that absent such protections, things don’t work out well for consumers:
“The Commission has found that absent privacy protections, a broadband provider?s use of personal and proprietary information could be at odds with its customers? interests and that if consumers have concerns about the protection of their privacy, their demand for broadband may decrease.”
Of course ISPs have grown pretty comfortable with regulators that couldn’t care less about (or lacked the authority to police) broadband privacy abuses. One case in point is Verizon’s recent decision to manipulate wireless traffic to create new, undeletable super cookies. Despite the fact it took security researchers two years to find Verizon’s zombie cookie and another six months for Verizon to even seriously acknowledge a problem, the telco has historically tried to argue greater privacy protections aren’t needed for broadband and wireless because “public shame” will keep the company honest.
Many users also might recall how ISPs have long sold user clickstream data to third parties, but have historically denied that they collect any of this data whatsoever. Similarly, AT&T has been charging its gigabit fiber users a $44-$66 fee if they want to opt out of having their traffic snooped on via deep packet inspection. In both instances regulators simply couldn’t have cared less. Obviously having regulators do absolutely anything at all to protect broadband user privacy is a pretty unsettling change for a industry awash in regulatory capture.
While the FCC hasn’t yet solidified the rules for modern broadband networks, it is telling ISPs that it can reach out to the FCC if they have any questions about how the FCC intends to interpret the rules in the snoopvertising age moving forward:
“Although no broadband provider is in any way required to consult with the Enforcement Bureau, the existence of such a request for guidance will tend to show that the broadband provider is acting in good faith. The application of Section 222 offers an opportunity for broadband customers to increase their demand for broadband by knowing that their privacy is well-protected. In that goal, the Enforcement Bureau believes its interests and those of the great majority of broadband providers are firmly aligned.”
While I know there’s an amazing amount of cognitive dissonance (my own head included) forged by the idea that a government so horrible on surveillance issues could possibly do anything good on the privacy front, the FCC’s recent track record of actually giving a damn about consumer issues is encouraging. It’s as if the FCC has awoken form a long, deep slumber, and after fifteen years of being an empty-headed bobble head doll, has suddenly started caring about issues like broadband competition, massive, billion-dollar telecom industry scams and state protectionist telecom laws.
None of this is to suggest FCC over-reach on privacy is impossible, but based on Wheeler’s behaviors of late it seems likely the FCC’s just looking to impose some common sense ground rules. Still, there will certainly be no limit of handwringing among ISPs how some basic broadband privacy protections will destroy the Internet. You know, just like the net neutrality rules are obviously doing.
Filed Under: consumer protection, data breaches, fcc, privacy, section 222, title ii
Comments on “FCC Signals It's No Longer Going To Nap On Broadband Privacy Issues”
In other news, Fedex announced it will cost $44-$66 more to send a package if they are not permitted to open it and make copies.
Re: BentFranklin
hahahaha good one and love your handle 🙂
Wow. This is unexpected, but welcome. Tom Wheeler’s looking less and less like a dingo every day…
Re: Tom Wheeler's looking less and less like a dingo every day...
@Mason Wheeler: Don’t worry — a (giant corporate) baby will eat him soon enough. Then we can get back to SOP like the public wants us to.
“Bout damn time!!!
"not sharing consumer data with third parties without the explicit consent of consumers"
Would kill Google! Now, I don’t say this will nor that the FCC has that in its scope, only that the principle in a pro-consumer regulatory milieu would logically also apply to Google, and would sink its “business model” based on unlimited spying and tracking for individually targeted advertising. Otherwise it has no advantage over prior mass advertising.
That “without the explicit consent” is all that lets Google operate by gathering data from nearly every web-site without any notice at all. No one by any known way except staying entirely off the internet can avoid ALL of Google’s spying and tracking: most don’t know how deep it goes — and those who get money from Google believe that its good.
Techdirt’s views aren’t uniformly anti-corporate and pro-consumer: they won’t call for any pro-consumer “neutrality” to be applied to Google.
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
You’re mistaken about Google’s practices, as many of the Google data tracking criticisms are. Google doesn’t share your individual, identified data with third parties. Google keeps that data in house and uses it to match up your data with ads that will likely be topical for you. Everyone keeps saying that Google is sharing data, but no one ever provides evidence for this claim.
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Right, Google doesn’t “share” date, it sells it!
How I hate that contemptible “share” when it’s a commercial transaction that the public has a right to regulate so much as we like.
No, I demand that YOU prove your claims. Google is only entity that can prove itself innocent, but should be assumed guilty just from known abilities. To say the least, it’s an interested and therefore unreliable witness.
Re: Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Assumed guilty until proven innocent?
Where exactly do you live? Because that’s not how we do things in the USA, even for people who have been accused of doing things far worse than what Google’s been accused of.
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Right, Google doesn’t “share” date, it sells it!
How I hate that contemptible “share” when it’s a commercial transaction that the public has a right to regulate so much as we like.
No, I demand that YOU prove your claims. Google is only entity that can prove itself innocent, but should be assumed guilty just from known abilities. To say the least, it’s an interested and therefore unreliable witness.
Re: Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
No, Gwiz and you are making the accusation that Google provides identifiable information to third parties as a part of their ad business. They don’t. They don’t sell it. They don’t share it. They don’t provide it. Since you’re asserting that they do, you need to provide proof that they do.
Since you’re apparently Googlephobic, I’ll provide a Yahoo! search for you to start with:
https://search.yahoo.com/search?p=how+do+google+ads+work
Or how about Bing?
https://www.bing.com/search?q=does+google+sell+personal+information
Re: Re: Re:2 "not sharing consumer data with third parties without the explicit consent of consumers"
That’s not Gwiz, it’s Blue impersonating him. Gwiz is smarter and more knowledgeable than that.
Re: Re: Re: Re:
out_of_the_blue just hates it when due process is enforced.
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
I find claims that the FCC is going to somehow apply Title II to Google’s search service to be more than a little absurd.
Re: "not sharing consumer data with third parties without the explicit consent of consumers"
Please, explain if you will how Google, which is a search/advertising company, falls under the same rules being imposed on ISP’s. Now, Google Fiber would fall under the rules, sure, but the majority of Google’s services would not.
Re: Re: "not sharing consumer data with third parties without the explicit consent of consumers"
READ THE OP.
Now, I don’t say this will nor that the FCC has that in its scope, only that the principle in a pro-consumer regulatory milieu would logically also apply to Google,
A delight
F..k my face this article was well written. Congrats to the author. Please have this piece as the standard for future posts. (Not saying that previous ones were bad though…)
On the substance, great news of course!