Federal Communications Commission Chairman Tom Wheeler told lawmakers today that he anticipates finalizing broadband privacy rules later this year.
Testifying at a Senate hearing, Wheeler
also hinted that the final regulations could differ from a proposal he put forward earlier this year. That initial proposal would require Internet service providers to obtain consumers' consent before
drawing on their Web-surfing data for behavioral targeting. Ad networks, online publishers and other online advertising companies, by contrast, typically operate on an opt-out basis.
While
Wheeler didn't elaborate on how the rules may evolve, he said in his prepared testimony that the Federal Trade Commission's input "has been particularly helpful."
Staff at the FTC recommended
earlier this year that Internet service providers should obtain opt-in consent before using "sensitive" data for ad targeting, and allow consumers to opt out of the use of "non-sensitive"
information.
advertisement
advertisement
Some broadband carriers have argued that they should be able to treat sensitive and non-sensitive data differently. Verizon, for instance, argued in an FCC filing that it should only be required to obtain opt-in consent for
"the most sensitive use cases."
But privacy advocates have argued against different rules for different types of data.
"A rule that varies based on sensitivity will be a much more
complex, unpredictable, and less privacy protective one," privacy expert and former FTC adviser Paul Ohm recently told the agency.
What's more, he adds, figuring out whether information is
sensitive "requires far more invasion of privacy as well as far more surveillance."
Ohm also points out that no one agrees on the definition of sensitive. (The self-regulatory organization Digital Advertising Alliance considers
"pharmaceutical prescriptions or medical records related to a specific individual" sensitive health data. But a different self-regulatory group, the Network Advertising Initiative, the NAI takes
a broader view; that group defines sensitive health data as “precise information about past, present, or potential
future health or medical conditions or treatments, including genetic, genomic, and family medical history.")
A group of 16 state attorneys general have weighed in against the Federal
Communications Commission's proposed privacy rules for broadband carriers.
In a letter to the FCC, Michigan Attorney General Bill Schuette, Texas AG Ken Paxton, Ohio's Mike DeWine and 13 other
attorneys general declare -- without offering any empirical support -- that people don't view broadband carriers differently from ad networks or other companies.
"Consumers value their privacy
and the security of their personal information, period," the attorneys general state in a letter obtained by Bloomberg BNA. "They
do not differentiate between who has access to their information in the online environment."
Despite that assertion, some assertions, consumer advocacy and civil rights groups see some obvious
differences between ISPs and other companies.
"It is alarming how much information broadband providers can collect about their subscribers. ISPs know where their customers live as well as
their personal financial information," Free Press, the Center for Media Justice and other organizations say in a new FCC filing. "They can also monitor the content that users access on the internet when that content is
unencrypted.... Their tracking and cataloguing of our lives is so invasive that it could allow them to determine -- and then profit from -- private information on subscribers' race, religious, health,
income, employment status, and political views."