New York State Backs FCC Broadband Privacy Proposal

The New York State attorney general's office came out in support of the FCC's broadband privacy proposal this week but has some suggestions for tightening the rules.

In filings on the FCC's proposal to require ISPs get the permission (opt in) of customers for most third-party sharing of their information, Kathleen McGee, chief of the state's Bureau of Internet and Technology, said that there was a need for "enhanced regulation" in the area of broadband privacy.

She echoed the FCC majority's argument that broadband service providers are the key gateway to the internet and thus to their subs' information.

"Consumers cannot avoid a BIAS (broadband internet access service) provider the way consumers can avoid (without penalty), or otherwise freely and easily choose between, search engines or other websites, or smartphone applications," McGee told the FCC, though she was preaching to the choir when it came to FCC chairman Tom Wheeler.

She also said the state had some tweaks for the proposal.

For the opt-in third-party sharing, the state wants the FCC to require that that choice be presented on initial log-ins on BIAS websites, should be obvious and not "clutter" the page or "overwhelm" the user, and to give customers an option to navigate to the privacy policy on all subsequent log-ins. It also wants an alert on the log-in landing page any time there is a change in that privacy policy.

Related: Former FTC Chair Has Issues With Opt-in Regime.

The state wants the FCC to make sure ISP transparency policies (disclosure of subs' choices and options) is as concise as possible. It also wants the FCC to require multilingual notifications of ad and sales pitches as well as disclosures.

"It would be unfair to customers to use their preferred language to persuade them to purchase a product, and then use a second language to provide critical information about the collection, use, and disclosure of their private information resulting from that purchase," McGee said.

But the state is suggesting a little more leniency in one area.

The FCC is proposing to require ISPs to notify customers within 10 days of discovering a breach of their information and to the FCC within seven days. The state says that given the process of identifying a breach can be time consuming, the FCC should instead follow the language of state breach notification laws that notice be provided "in the most expedient time possible and without unreasonable delay" within a longer set deadline.

It also says the FCC should obligate third-parties or affiliates to notify BIAS providers in the event of a breach.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.