A coalition of online privacy and civil rights advocacy groups Wednesday welcomed the Federal Communications Commission’s controversial plan to regulate privacy protections for the customers of broadband internet providers.
But a coalition of industry groups opposed to the proposed FCC rulemaking pushed back with a blog post.
On a conference call with reporters, the advocacy groups — the Consumer Federation of America, Public Knowledge, the Electronic Privacy Information Center, Free Press and the ACLU — welcomed the FCC’s plan, unveiled in March, to use its powers over so-called common carriers to impose strict limits on what they can do with customers’ data.
“We live in an era where personal information is worth money,” said Jay Stanley of the ACLU’s Speech, Privacy and Technology Project. “And the more personal the information is, the more money it’s worth. For-profit companies have a fiduciary duty to their shareholders, and they do not leave money lying on the ground when it can be harvested.”
Because broadband internet service providers, or ISPs, actually haul internet traffic, they have access to huge amounts of data about their customers’ online habits — which websites they visit and when, and what they do there.
At issue is the sale of such data to advertising or other companies to allow them to target their products at particular consumers. For example, a consumer who visits a website about France might receive targeted adverts for flights to Paris.
“Access providers exploit their bottleneck position to collect nearly every detail about who we talk to, what we do and say online, and thanks to location tracking, where we do it,” said Gaurav Laroia, policy counsel at Free Press. “Without the protections that the FCC is proposing, even the savviest consumer will be unable to fully protect their online privacy.”
The proposed rule is built around what FCC Chairman Tom Wheeler has called “three core principles — choice, transparency, and security.”
It would require ISPs to tell their customers what information they collect, whether and how they share it with third parties like advertising companies, and how customers can opt out of that sharing.
The proposal would permit ISPs to use consumer data to sell other services or share it with third-party marketers for that purpose. But customers would be allowed to to opt out of that, too.
But the proposed rule has proved controversial, and not just with the ISPs that it would cover. Some privacy advocates have suggested that the regulation of online privacy should be left to the Federal Trade Commission.
“Given the FTC’s deep expertise, the FCC should seek its partnership and guidance on the approach to regulating privacy online,” writes privacy advocate Debra Berlyn in an op-ed on FedScoop Wednesday.
But there was little support for that view on the conference call.
“The FTC’s current enforcement approach, based largely on notice or consent, is simply not working,” Claire Gartland, consumer protection counsel at the Electronic Privacy Information Center, or EPIC.
“The plain meaning of the law requires the FCC to do this,” Stanley added. The commission, as part of its hotly contested net neutrality rules last year, redefined ISPs as common carriers, under Title II of its authorizing statute.
“The FCC is doing what is clearly within its statutory jurisdiction,” argued Gartland. “This is a necessary outgrowth of net neutrality.”
The ISPs have also been pushing back against the proposed rule.
“The record makes clear that the best course is for the FCC to abandon its flawed approach and harmonize privacy regulation for broadband providers with the well-established and effective approach implemented and consistently endorsed by the FTC,” the Consumer Technology Association, CTIA – the Wireless Association, USTelecom and the Wireless Internet Service Providers Association wrote Wednesday, adding that this approach had “both protected consumers’ privacy and fostered unprecedented innovation, investment, and broadband adoption.”
Industry groups argue, among other things, that it doesn’t make sense to have one set of strict rules for ISPs, and another set of much looser rules — from the FTC — for other internet companies like Facebook or Google, so-called “edge providers.”
That view was ridiculed on the call Wednesday
“Industry groups have continued to argue that stronger broadband privacy protections would somehow confuse consumers and that uniform weaker standards would somehow serve their interests,” said Laroia, calling that point of view “transparently self-serving.”
But there are other criticisms of the planned rule, too.
Richard Bennett, a visiting fellow at the anti-regulation American Enterprise Institute, pointed out that users and application providers can use encryption, which masks much of the content of consumers’ traffic — though generally not its initial destination. “In most categories of apps and content, there are encrypted options; Google and Facebook encrypt all payloads, and there are media, medical, and video services that do so as well,” he told FedScoop in an email.
He also called data driven advertising “a good thing because Internet applications are supported by ad sales and we don’t want content and services to go away.”
Advocates on the call Wednesday said the FCC showed every sign of pushing ahead, despite the opposition. “This is something they want to get done … by the end of the year,” said Meredith Rose, staff attorney at Public Knowledge.
Contact the reporter on this story via email Shaun.Waterman@FedScoop.com, or follow him on Twitter @WatermanReports.