NEWS ANALYSIS: The Federal Communications Commission had already voted to withdraw data privacy rules for Internet Service Providers well before Congress voted to overturn them.
The frantic reports in the general news media about a U.S. House of Representatives vote on March 28 to terminate Federal Communications Commission rules concerning internet users’ data privacy nearly rose to the level of fake news.
Those reports claim that a whole series of protections granted by the FCC are being taken away, and that Internet users in the US are losing privacy protections. That’s not correct.
Those reports are incorrect is because the rules never took effect. They were scheduled to go into effect in April, but the FCC put them on hold. The only actual change is that now they will never take effect, whereas once it was possible that the FCC could change its and withdraw the rules on its own.
Let’s look back on how these ill-fated rules were created. One of the final actions by the outgoing FCC Chairman, Tom Wheeler was to create a set of new privacy protections that covered internet service providers. Those privacy protections were essentially a power grab by the FCC to take over administration of privacy rules that the Federal Trade Commission had always administered.
Once Wheeler left office with the outgoing democratic administration, the remaining FCC members voted to prevent the rules from taking effect. The vote by the House and the Senate to stop the rules only ensures that some future FCC can’t impose them again.
Current FCC Chairman Ajit Pai explained how it came about in a statement released after the vote by Congress. “Last year, the Federal Communications Commission pushed through, on a party-line vote, privacy regulations designed to benefit one group of favored companies over another group of disfavored companies,” Pai said.
“Appropriately, Congress has passed a resolution to reject this approach of picking winners and losers before it takes effect.”
It’s also important to note that nothing has changed in regards to your ISP selling your browsing history or other information. Previous actions by the FCC against carriers and ISPs that shared privacy information such as social security numbers are still in effect. In addition, they are still required to allow you to opt out of such sharing and they still need to make it easy for you to find out how to do that.
If you’re worried that your ISP might ignore your request to opt-out of sharing, then you can use a Virtual Private Network or the Tor browser. There are versions of Tor for Windows, macOS and Linux. Using Tor and following the included guidelines will keep your ISP and pretty much anyone else from tracking your activities.
However, someone monitoring your activity can still find out you’re using Tor and of course, the National Security Agency might be able to figure if you are up to anything illegal.
But all of that might not be necessary. Carriers and the other ISPs all seem to have privacy policies designed to protect your information. While those policies may change, it’s unlikely because privacy is, if anything, an important selling feature.
But for your business, ISP’s privacy promises might not be enough. However, by now you’ve noticed that the major carriers also have business divisions that have different rules, different agreements and even different infrastructure in some cases. As a business user, you’re in a position to insist and get the kind of privacy protections you require and the ISPs and carriers are obligated to deliver it.
If you’re really worried about your business activities being sold for marketing purposes, then you can always avoid using an ISP at all and simply buy network access to the Internet. You’ll still need to use a carrier in most cases, but your contractual agreement with the carrier will set the conditions of use and one of those can be a company-wide opt-out.
The bottom line here is that this and other problems the FCC has been facing recently are to some extent the agency’s own doing. “It is worth remembering that the FCC’s own overreach created the problem we are facing today,” Pai stated in response to the congressional action. “Until 2015, the Federal Trade Commission was protecting consumers very effectively, policing every online company’s privacy practices consistently and initiating numerous enforcement actions.”
Pai also said in the same statement that he plans to have the FCC work with the FTC to ensure the privacy of consumers in a consistent manner. “In my view, the best way to achieve that result would be to return jurisdiction over broadband providers’ privacy practices to the FTC with its decades of experience and expertise in this area.”
Meanwhile other actions that were pushed by Tom Wheeler look to be ripe for elimination by either the FCC or Congress. The most obvious of those would be to undo the change to Title II for internet providers. This change was ostensibly done to ensure net neutrality. However, what really happened is that the White House insisted that the FCC make the change, which it did, despite being an independent agency.
Prior to that, the FCC had been working with the GOP Congress to produce bipartisan legislation that would have ensured net neutrality without turning ISPs into common carriers. That common carrier status complicated the FTCs efforts to regulate privacy, which was part of the reason the Wheeler made the changes he did.
Now, you can look at the privacy change as the first step in undoing Wheeler’s actions. Reversing the Title II change, and restarting the net neutrality legislation is likely coming down the road.