The Federal Communications Commission has just made it easier for broadband providers to sell their customers’ personal information.
The agency, on Wednesday, voted to stay the new set of rules it put in place last October under former FCC chairman Tom Wheeler. Those rules, which would have gone into effect today, would have forced companies like AT&T, Comcast or Verizon to obtain consent from their subscribers before sharing their data with paying third-parties.
Under the FCC’s new Republican chairman Ajit Pai, however, a 2-1 vote put the original ruling on hold.
Under the rules championed by Wheeler, Internet service providers (ISPs) would also have to notify customers of the types of information they collect, explain how and for what purpose the data is collected and identify with whom they share the data. Also, the ruling would have forced ISPs to provide such information when a customer signs up for service.
The dissenting voice, Commissioner Mignon Clyburn, called the reversal of the original order irresponsible. She laid out her thoughts on the matter in a lengthy statement.
In this Order, the majority fells a tree to ostensibly prune a branch. Rather than interpret a duly-adopted, flexible rule in a manner that would be consistent with the majority’s understanding of its proper scope, they have chosen to gut the rule entirely. If the problem with the data security rule is, for example, the ability of the Commission to look to other Congressional mandates for guidance, then simply issue interpretive guidance that narrows the scope of the rule. In another context, the majority allowed rules to go into effect with a letter of intent not to enforce until the rules were modified. So my question is why does the same approach not work here?
The painful answer is this: Because with the new FCC, the ends justify the means. This Order is but a proxy for gutting the Commission’s duly adopted privacy rules—and it does so with very little finesse.
Pai, in a joint statement with Federal Trade Commission chairman Maureen K. Ohlhausen, said the rules did not provide the necessary “comprehensive and consistent framework” to be effective.
“Americans care about the overall privacy of their information when they use the Internet, and they shouldn’t have to be lawyers or engineers to figure out if their information is protected differently depending on which part of the Internet holds it,” they said, adding that jurisdiction over broadband providers’ privacy and data security practices should be returned to the FTC.
“Until that happens, however, we will work together on harmonizing the FCC’s privacy rules for broadband providers with the FTC’s standards for other companies in the digital economy,” Pai and Ohlhausen said, adding that the rule was not “consistent with the FTC’s privacy framework” and would remain in place “only until the FCC is able to rule on a petition for reconsideration of its privacy rules.”