The ad industry and broadband carriers lost no time praising Congress for voting to repeal sweeping privacy rules that could have restricted Internet service providers from using online behavioral advertising techniques.
“The House and Senate got it right on the ISP regulations," the Data & Marketing Association's Emmett O’Keefe said in a statement Tuesday evening, immediately after the vote. He added that the House's 215-205 vote to repeal the rules "is a signal that the current self-regulatory system works.”
The lobbying group USTelecom chimed in that repealing the privacy order will eliminate "unnecessary rules and regulations that handicap economic growth and innovation."
The organization added that it supports the privacy framework set out by the Federal Trade Commission and plans to work "on a more uniform air-tight approach to privacy that doesn’t advance a balkanized regulatory structure."
The rules that Congress voted to repeal were passed last October by a different agency -- the Federal Communications Commission. They would have required broadband carriers to obtain consumers' opt-in consent before drawing on their Web-browsing data or app usage history for ad targeting.
By contrast, the FTC recommends only that Web companies allow people to opt out of the collection and sharing of most types of online browsing data. (The FTC suggests that companies obtain opt-in consent before sharing a narrow category of "sensitive" data -- including health information and precise location data.)
If the carriers follow the FTC's approach, as they have promised to do, they will allow consumers to opt out of receiving targeted ads based on much of their online browsing history. But whether any government agency can enforce this promise remains to be seen.
The FTC currently can't prosecute common carriers like Verizon, AT&T or Comcast. And the FCC may not be able to issue new regulations mandating carriers to honor opt-outs, because Congress's vote to repeal the privacy rules also stripped the FCC of authority to issue "substantially similar" replacements.
Of course, even without regulations the FCC theoretically can still target carriers on a case-by-case basis if they violate the Communications Act by failing to protect customers' "proprietary information."
It's worth noting that even without privacy regulations, the FCC extracted a $1.35 million fine from Verizon over its use of tracking headers -- 50-character alphanumeric strings that enabled ad-tech companies to compile profiles of users and serve them targeted ads. The FTC alleged in that matter that Verizon violated the Communications Act's privacy provisions -- which require carriers to protect customers' "proprietary information" -- and violated a 2010 net neutrality rule requiring carriers to disclose their broadband management practices.