Regulators move to boost online privacy
Service providers must get users’ OK on sensitive data
WASHINGTON — Federal regulators on Thursday approved tough new rules requiring high-speed internet service providers to get customer permission before using or sharing sensitive personal data, such as web browsing or app usage history and the geographic trail of mobile devices.
Cable and wireless companies that offer broadband service would not have to first get a customer’s approval before using or sharing any non-sensitive data, such as a person’s name, address and type of data plan. Consumers would have to opt out of the sharing of that information.
But such information is limited — most customer data will be considered sensitive — and internet service The privacy regulations approved by the Federal Communications Commission will be phased in over two years. providers have not had to get permission to use or share that data. The privacy regulations approved by the Federal Communications Commission on a partisan 3-2 vote will be phased in over the next two years.
Consumer advocates applauded the agency’s action.
“As the internet has be- come ubiquitous, broadband providers have gained a unique, all-encompassing window into our daily l i ves,” said Jonathan Schwantes, senior telecom policy counsel for Consumers Union. “We think these new rules are strong, fair and necessary as we live more and more of our lives online.”
But the rules were strongly opposed by cable and wireless companies, including AT&T, which wants to expand its media empire — and its trove of consumer data — with the proposed purchase of Time Warner.
The broadband providers complained that they now will face tougher restrictions on the sharing of valuable customer data than Google, Facebook and other internet companies.
The FCC’s definition of sensitive data also includes the content of communications, Social Security numbers and information about financial activity, health or children.
FCC Chairman Tom Wheeler, a Democrat who proposed the rules, said broadband subscribers “will finally be in the driver’s seat” in deciding how their sensitive personal information is used.
“It is the consumers’ information. It is not the information of the network the consumer hires to deliver t hat i nformation,” Wheeler said. “The consumer has the right to make a decision about how her or his information is used.”
Wheeler and the two other Democrats who make up the commission’s majority, Mignon Clyburn and Jessica Rosenworcel, said consumers have fewer choices about how they access the internet — either from their home or via mobile devices — and the agency was required to enact new rules for broadband providers under the expanded authority over the companies gained under net neutrality rules adopted last year.
The FCC’s rules don’t apply to individual websites or social networks, which are overseen by the Federal Trade Commission.
The rules approved Thursday were softened from a proposal made by Wheeler in March that would have required customers to opt in before any of their personal information could be shared by their internet service provider.
After complaints from the broadband industry, Wheeler proposed distinguishing between types of information, as the FTC does. But the communications commission expanded on the FTC’s definition of sensitive data, including inf ormation about web browsing and app usage.
That was a key reason why the FCC’s two Republicans, Ajit Pai and Michael O’Rielly, said they voted against the new rules. They said broadband providers should not face tougher privacy restrictions than internet giants such as Google and Facebook.
“Consumers should not have to be network engineers to understand who’s collecting their data,” Pai said, calling the FCC’s actions “corporate favoritism.”