[UPDATED] Law came in to effect on October 27th with considerable worries about data collection by ISPs remaining.
FCC Proposes New Opt-In Rules for ISPs
The Federal Communications Commission is proposing new rules to govern the way Internet Service Providers handle user data.
These rules concern the privacy of broadband subscribers and ISPs have consistently argued against them. According to the proposal circulated by FCC Chairman Tom Wheeler, broadband providers will be placed under stricter privacy rules than those currently set for internet sites like Facebook, Amazon and Google. These websites are governed by separate rules under the Federal Trade Commission.
As it stands now, users have to opt-out in order to disallow ISPs from sharing their private browsing data and other important information with third parties. The new rules would force ISPs to impose opt-in rules instead, meaning that users have to click “I agree” or something similar before ISPs can share their data.
Wheeler hopes to have a vote on the new rules on October 27, and it is largely expected to pass by a 3-2 vote due to the Democratic majority within the current commission.
The major players
US Internet Serve Provider AT&T, Verizon, Comcast and Charter have strongly opposed such measures. They believe there should be no different rules for ISPs and websites that collect much of the same information. Search giant Google has come out against the FCC’s proposed new rules and believes opt-in should only be required for such sensitive information as health and finance. However, Google’s support has come as no surprise seeing as Google’s advertising business would benefit greatly from an ISP partnership.
Wheeler believes these new rules are necessary and that ISPs are different from websites. In fact, ISPs can collect your information every single time you go online, whereas Facebook and Google can only take advantage of your data while you’re using their services. That means that anything you do online, no matter what, can be viewable by ISPs. They collect massive amounts of data and even when your information is encrypted, and can’t see what information you’re sending, they can still see who you’re sending it to, what time, and create a profile based on the metadata.
If the FCC approves the rules, all ISPs would need to get an opt-in consent form from consumers before they are able to use the private information. This information includes your children’s information, geolocation, health and finance information, browsing history, app usage history, and much more. ISPs would also be prohibited from denying service to any users who do not opt-in.
There’s still Pay-for-Privacy though
There is one allowance, however. The FCC will not ban “pay-for-privacy” schemes whereby ISPs are able to charge more for users who don’t opt-in, such as AT&T’s Internet Preferences. They would need to disclose information about plans and discounts that benefit users who opt-in.
The FCC has said that it will observe pay-for-privacy claims on a case-by-case basis, as ISPs should not charge exorbitant prices for users who do not opt-in.
Most importantly, the new rules wouldn’t affect social media websites and other services offered by broadband providers, nor do the rules cover government surveillance.
Although the caveats about allowing pay-to-play still remains, which could easily get out of hand, these rules are nonetheless progress in the aim of securing users’ privacy and security.
Related: What can you do to ensure your ISP is not tracking you?