• by Wendy Davis , Staff Writer @wendyndavis, May 12, 2016

Like other Internet service providers, Verizon is campaigning against proposed privacy regulations that would require ISPs to obtain consumers' explicit permission before using data about their Web activity for ad purposes.

Verizon takes the position that consumers' opt-in consent should only be required for "the most sensitive use cases."

In other situations, "meaningful notice combined with opt-out (or implied) consent would protect consumers while allowing flexibility for providers to operate, innovate, and compete more effectively," the telecom said in a recent FCC filing.

Federal Trade Commissioner Maureen Ohlhausen appears to agree with the telecom that the rules should set out different standards for "sensitive" and "nonsensitive" information.

"Research in our experience shows that consumers differ in how they weigh privacy concerns in their sensitive and non-sensitive information," she told a Senate panel Wednesday.

She added that most consumers don't see the need for companies to obtain opt-in consent before collecting non-sensitive data.

Ohlhausen said "sensitive" data includes real-time location data, and information about medical conditions.

But it's worth noting that not everyone agrees on the definition of "sensitive" data. Even industry groups like the Network Advertising Initiative and Digital Advertising Alliance define "sensitive" health information differently.

The DAA considers"pharmaceutical prescriptions or medical records related to a specific individual" sensitive health data. But the NAI takes a broader view of the concept of sensitive health information, which it defines as “precise information about past, present, or potential future health or medical conditions or treatments, including genetic, genomic, and family medical history."

Advocacy group Public Knowledge -- which argues that ISPs should obtain users' explicit consent before deploying online behavioral advertising techniques -- points out a technological problem with the idea that different types of information require different privacy protections.

"Allowing an ISP to actually read the information in the customer’s bit-stream to assess whether or not the information deserves the highest level of security (opt in) rather than lesser security (opt out) would defeat the entire purpose of protecting the most sensitive information," the group says in an FCC filing made public this week. "Accordingly, only by treating all information as the most sensitive can the Commission ensure that highly sensitive information will not be compromised."