The FCC will give internet service providers a year to get permission from their subscribers before ISPs can share privacy data like web browsing and app use histories with third parties for marketing purposes. The Commission released its broadband privacy opt-in Report and Order Thursday; it voted 3-2 on the item at its October 27, meeting, Inside Towers reported.
The FCC states in the document it’s applying the privacy requirements of the Communications Act “to the most significant communications technology of today—broadband internet access service.” The agency deems privacy rights fundamental “because they protect important personal interests—freedom from identity theft, financial loss, or other economic harms, as well as concerns that intimate, personal details could become the grist for the mills of public embarrassment or harassment or the basis for opaque, but harmful judgments, including discrimination.”
The change reclassifies broadband internet access service (BIAS) as a telecommunications service. The update is needed because “Broadband providers provide the “on ramp” to the internet. These providers therefore have access to vast amounts of information about their customers including when we are online, where we are physically located when we are online, how long we stay online, what devices we use to access the internet, what websites we visit, and what applications we use,” states the FCC in the document.
The agency also revised existing rules to harmonize privacy protections for voice and broadband customers. The Commission made the changes after receiving more than 275,000 comments from the public and industry.
Carriers will be required to provide privacy notices that clearly and accurately inform customers about what confidential information the carriers collect, how they use it, under what circumstances they share it, and the categories of entities with which they will share it. The agency is also requiring carriers to inform their customers about their right to opt in to or opt out of agreeing to have their confidential data shared with third parties.
Data breach notification requirements are also included. BIAS providers must notify customers, the FCC, the FBI and Secret Service “unless the carrier is able to reasonably determine that a data breach poses no reasonable risk of harm to the affected customers.”
Published November 4, 2016