Consumers should be able to expect a certain amount of privacy and recent rules adopted by the FCC are a step in the right direction. That step has also revealed some key differences between profit-driven national Internet service providers, smaller ISPs, and municipal networks. The different attitudes correspond with the different cultures, proving once again that small ISPs and munis have more than just profit in mind.
On October 27th, the FCC adopted an Order to allow ISP customers to determine how their data will be collected and used. According to the FCC, they made the decision in response to public comments about the concern for personal data protection.
The New Rules
Over the past few years, consumers have become savvy to the fact that ISPs have access to personal data and that they often sell that data to other companies for marketing purposes. Under Section 222 of Title II of the Communications Act, telecommunications carriers are bound to protect their subscribers’ private information. Because those rule are designed to change as technology changes, says the FCC and Congress, this same authority applies to private data collected by ISPs.
The FCC decided to divide the permission of use of personal information based on type, categorizing information into “sensitive” and “non-sensitive.”
Sensitive information will require ISPs to obtain “opt-in” consent from subscribers, which will allow them to use and and share this type of information:
- Precise geo-location
- Children’s information
- Health information
- Financial information
- Social Security numbers
- Web browsing history
- App usage history
- The content of communication
Non-sensitive information would include all other information and customers would need to "opt-out" in order to prevent their ISPs from collecting such data. Examples of non-sensitive personal information include service tier information.
The new rules also require providers to follow “up-to-date and relevant industry best practices” in reference to managing security...Read more