• by Wendy Davis , Staff Writer @wendyndavis, May 18, 2017

Congress's decision to repeal the nationwide broadband privacy rules appears to have spurred lawmakers in at least a dozen states to introduce new measures that would protect residents' online privacy.

This week alone, lawmakers in New Jersey and Maine proposed measures that would require broadband providers to obtain consumers' opt-in consent before sharing their Web-browsing history with third parties. The city of Seattle has already passed a similar measure, slated to take effect May 24. Last year, the Federal Communications Commission passed those rules rationwide. But they were repealed this year by the Republican-led Congress.

Now, at least one Republican on the FCC wants the agency to enact regulations that would prohibit states from enacting their own privacy rules.

"I believe states should be ... barred from enacting their own privacy burdens on what is by all means an interstate information service," Michael O'Rielly said earlier this month in a speech delivered to the American Legislative Exchange Council. "It is both impractical and very harmful for each state to enact differing and conflicting privacy burdens on broadband providers, many of which serve multiple states, if not the entire country."

But it may not be so easy for the FCC to squelch state privacy laws, according to telecom expert Catherine Sandoval, a law professor at Santa Clara University and recent member of the California Public Utilities Commission.

"That would be a very tough row to hoe for the FCC," Sandoval tells MediaPost, adding that states would likely challenge any attempts to restrict their efforts to protect residents' privacy.

One hurdle for O'Rielly is that no federal regulations currently deal with broadband privacy, thanks to Congress's decision to repeal the rules passed last year. The absence of federal regulations means that any state rules won't conflict with a nationwide framework.

Of course, even without new FCC rules, broadband providers could attempt to invalidate state privacy laws on the grounds that the federal government has preempted Internet regulation. But this argument isn't likely to carry the day either, Sandoval predicts.

She notes that California has long had laws protecting the privacy of residents.

As recently as 2014, the state amended its online privacy laws to require Web sites to state in their privacy policies whether they allow third parties to collect tracking data -- meaning information about users' “online activities over time and across different Web sites.”

It's also worth noting that the FCC recently attempted to pass regulations that would prohibit states from hindering municipal broadband initiatives. At the time, states' rights advocates complained that the agency shouldn't try to usurp decisions by state lawmakers. The FCC's rules were ultimately blocked by a federal appellate court.