The Chairman of the Federal Communications Commission (FCC) has proposed a set of Internet consumer privacy regulations that would be applicable to providers of wireless and broadband internet services (such as Comcast, Verizon, etc.) (collectively, “ISPs”), akin to current regulations imposed on telephony services. If approved, the proposed regulations would represent some of the most stringent standards enacted by a regulatory agency in the technology sector. In sum, the proposed mandates would require that ISPs employ minimum data security standards and significantly limit what they are able to collect about their customers, as well as how that information is shared with third parties. Currently, ISPs can automatically collect all unencrypted information relating to any customer activity that takes place over its network, including with respect to devices connected to the network, such as surfing habits, app usage and location, to create a unique consumer profile—a valuable asset for online advertisers seeking to tailor their marketing campaigns based on consumer behavior. Under the new regulations, ISPs would be required to obtain their customers’ consent before sharing certain personal information, including with third party online marketers and advertisers. Many ISPs have been vocal against the imposition of any increased regulation in the privacy sector, arguing that data collection by ISPs should not be subject to higher scrutiny than the practices of other web-based service operators, such as Facebook, where targeted advertising is often a central component of their respective business operations. Companies that operate on the Internet but do not provide access to the Internet are currently monitored by the Federal Trade Commission (FTC) and do not fall under the umbrella of the FCC.
The proposed regulation comes on the heels of the FCC’s settlement with Verizon for $1.35 million over the company’s failure to notify its customers of its use of “supercookies” (cookies that track a customer’s online behavior and cannot be deleted at the same time that a user deletes regular cookies) and Apple’s public feud with the U.S. government over the production of unencrypted consumer data. Given the changing privacy landscape and political discourse around the subject, other regulatory bodies may follow the FCC’s lead and demand increased protection for consumer data. If you have any questions or concerns as to how the FCC or FTC regulations may affect the operation of your business, please do not hesitate to contact us.