Studies show that Americans are more worried than ever about data privacy and security on the internet. Every time you go online, you reveal a lot of information about yourself: what you browse, where you shop and what you buy, which apps you use, your overall interests. That gives your ISP or internet service provider—a cable company such as Comcast, or a telephone company such as AT&T or Verizon—a lot of information about you. They can track, collect, and share this data with outside companies, including marketers. Although almost everyone agrees that consumers deserve privacy online, there is a dispute brewing as to how that privacy is protected and by whom.
Determined to be relevant in the digital economy, last fall, the Federal Communication Commission created its own, radically different set of privacy regulations targeting ISPs, subjecting them to a different and more restrictive set of regulations than their online advertising rivals and social media outlets. Prior to the presidential election last fall, former FCC Chairman Tom Wheeler put in place privacy rules to be rolled out in three phases. In short, the new rules would have required internet service providers and phone companies to take "reasonable" steps to protect customers' information from theft and data breaches, and provide notifications if they did occur.
These new FCC broadband privacy rules have taken a beating in the last couple of weeks. Under the leadership of its new chairman, Ajit Pai, the FCC recently voted to block one of several broadband privacy rules approved last year to protect consumers' online activities. Pai claims that the stricter regulations on ISPs should be placed on hold until the FCC reconciles how they fit with the Federal Trade Commission's regulation of other parts of the internet. Congress is also taking action. Senator Jeff Flake (R-AZ) introduced a joint resolution with the sponsorship of nearly two dozen Senate Republicans that would nullify the new broadband privacy.
Opponents in the broadband industry argue, like Pai, that it is unfair for the new rules to hold ISPs to stricter standards than internet companies such as Amazon, Google, and Netflix, which also collect and monetize consumer data. Those providers follow the FTC's less stringent requirements. Consumer groups see it differently. They argue that ISPs should be held to higher standards because of the unique position they are in, sitting between the consumer and the entire internet.
There are other FCC privacy rules still scheduled to be implemented later in 2017. One requires ISPs to inform its customers what information was collected, how it used that data, and which other companies were given access to it. Right now, none of that information is available to consumers. Another rule would also require consumers to consent before an ISP could use, share, or sell your "sensitive" personal data. However, it seems to only be a matter of time before these rules are on the cutting room floor as well.