Privacy advocates plan to fight Congress' repeal of ISP privacy rules

Credit to Author: Grant Gross| Date: Wed, 29 Mar 2017 08:19:00 -0700

Privacy advocates haven’t given up the fight after Congress voted to allow ISPs to sell customers’ browsing histories and other personal information without their permission.

On Tuesday, the House of Representatives voted 215 to 205 to strike down ISP privacy regulations approved by the Federal Communications Commission only months ago. The House’s passage of a resolution of disapproval followed a Senate vote to pass the same resolution days earlier. 

President Donald Trump is expected to sign the Republican-pushed bill. But Sen. Ed Markey, a Massachusetts Democrat, said he will introduce new legislation to require the FCC to pass new ISP privacy rules.

“The Republican-controlled Congress wants broadband companies to use and sell sensitive information about Americans’ health, finances, and even children, without consent,” Markey said in a statement. 

It would be difficult for a new ISP privacy bill to pass in the Republican-controlled Congress, however.

Trump’s signature on the resolution passed Tuesday would kill FCC rules requiring broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details with third parties. 

Privacy advocates say the rules are necessary to protect broadband customers, but critics say the FCC’s rules subjected ISPs to much stronger privacy regulations than web-based companies like Google and Facebook.

The FCC has limited authority to regulate other web-based companies. The ISP privacy rules, passed in October, were “designed to benefit one group of favored companies over another group of disfavored companies,” said Ajit Pai, the new FCC chairman, a Republican who opposed the regulations.

The FCC’s sister agency, the Federal Trade Commission, can bring privacy complaints against web-based companies that aren’t ISPs, but the FTC can’t create privacy regulations. Instead, the agency typically takes action on a case-by-case basis when companies violate their own privacy promises.

Supporters of the regulations say they were necessary after the FCC reclassified broadband as a regulated service, taking privacy enforcement away from the FTC, as part of net neutrality rules in early 2015.

Trade groups representing broadband providers and some other tech companies praised the House’s vote to repeal the FCC rules. 

The House vote “to repeal the FCC’s misguided rules marks an important step toward restoring consumer privacy protections that apply consistently to all internet companies,” the NCTA, a cable broadband trade group, said in a statement. “With a proven record of safeguarding consumer privacy, internet providers will continue to work on innovative new products that follow ‘privacy-by-design’ principles and honor the FTC’s successful consumer protection framework.”

Privacy groups will continue to push to protect consumers, said Katharina Kopp, policy director at the Center for Digital Democracy. They will enlist allies in the European Union to push the U.S. to project privacy, she said. 

Some privacy advocates said they will encourage the EU to re-examine Privacy Shield, an agreement that allows companies to move customer data between the EU and the U.S., in light of the congressional vote on the ISP privacy rules.

The House vote “may be a win for ISP monopolies, but it’s a tragic loss for our democracy,” Kopp said by email. “If President Trump allows this bill to become law, his administration will place new burdens on hard-working Americans and their families –who will be at the mercy of a handful of digital giants.”

http://www.computerworld.com/category/security/index.rss