Tuesday, April 18, 2017


Congress recently overturned online privacy rules created by the Federal Communications Commission (FCC) that would have applied to broadband providers like Comcast and Verizon who operate as internet service providers (ISPs).

The overturned rules were adopted last October under the Obama administration and had not yet gone into effect.  They would have required ISPs to obtain customer consent in advance – otherwise known as opt-in consent – before using or sharing sensitive information, including precise location, financial, and health information, social security numbers, web browsing history, app usage, and the contents of communications. The rules would have allowed ISPs to use less sensitive information (such as email addresses), unless customers specifically opted out or indicated that such use was not permitted. The ISPs would also have been required to clearly explain their privacy practices and implement best practices to maintain data security.

The media were quick to attack this reversal by the new Trump administration and, in some cases, to suggest that our right to privacy online was being lost. The Minneapolis Star Tribune published a cartoon of an elephant with a rake (Republican) chasing a naked Uncle Sam whose genitalia were covered by a leaf embossed with “Internet Privacy”.  Channel 9 Fox News covered the FCC rule reversal as the end of privacy protections for any online activities.  If the media were to be believed, it appeared the sky was falling relative to online privacy.

But, here’s the true news: While the new FCC rules would have given consumers stronger privacy protection- or at least the right to say no to the collection and use of our data, we never really had much online privacy. ISPs have always been able to monitor network traffic, see what websites we visit, and share this information with advertisers.

The Federal Trade Commission (FTC) – not to be confused with the FCC – is the government agency responsible for general privacy enforcement against ISPs and websites, including social media platforms such as Facebook.  But since the broadband carriers have been viewed more like telephone networks, they currently fall under the FCC regulations as common carriers. Thus, the Obama administration’s efforts to create new privacy rules would only have applied to ISPs regulated by the FCC. Comcast and Verizon did not like this uneven playing field in the business of data monetization and lobbied hard for the reversal.

The FTC does not require Facebook or Google to obtain prior opt-in consent from consumers before collecting and using their information. Consumers can opt-out of certain data collection and use, but rarely do so. Facebook and Google have generally been satisfied with this approach. The FCC rules would have clearly placed more restrictions on businesses regulated by the FCC than those covered by the FTC.

Some privacy advocates are concerned that by not implementing these stricter rules, ISPs governed by the FCC may engage in more intrusive data collection and marketing activities. But the bottom line is that we never had much privacy online and if you participate in any online activities it is up to you to take what limited steps you can to limit or restrict what information you share.

No comments :

Post a Comment