cyber securityAs expected the FCC at today’s monthly meeting voted to adopt consumer privacy rules for broadband Internet service providers. The FCC broadband privacy rules pertain specifically to providers of broadband Internet service.

“The bottom line is that it’s your data,” said FCC Chairman Tom Wheeler at today’s meeting. “How it’s used and shared should be your choice.”

FCC Broadband Privacy Rules
Key elements of the order include:

  • Broadband Internet providers must obtain opt-in consent from consumers in order to use and share “sensitive” customer information such as geo-location, financial information, health information, children’s information, social security numbers, web browsing history, app usage history and the content of communications
  • Providers would be allowed to use and share “non-sensitive” information such as email address or service tier unless a customer opts out
  • Customer consent is inferred for ISPs’ use of their data for certain purposes such as the provision of broadband or billing and collection
  • Providers will have to meet transparency requirements to provide customers with “clear, conspicuous and persistent” notice about the information they collect, how it may be used and with whom it may be shared, as well as how customers can change their privacy preferences
  • Providers also will have to engage in “reasonable” practices to secure customer data and meet “common sense” notification requirements in the event of a data breach

The vote on today’s order was not unanimous. Commissioner Michael O’Rielly argued that the rules unfairly singled out broadband providers, while other parties, including content and search providers, do not face such stringent requirements.

Noting that many customers do not “opt in” when required to do so, O’Rielly argued that, “This isn’t consumer choice. It’s recognition of consumer apathy.”

O’Rielly also expressed concern that if consumers do not opt in and continue to see advertisements based on their usage, “some will undoubtedly assume that the broadband providers are violating the privacy policies when in fact, the ads originated from third parties not subject to FCC rules.”

The FCC broadband privacy rules are quite similar to what FCC Chairman Tom Wheeler outlined several weeks ago when he circulated a draft of the order adopted today.

Image courtesy of flickr user CyberHades.