Sen. Ed Markey (D-Mass.) put in a last-minute push for the FCC's broadband privacy proposal, which is on the agenda for an Oct. 27 vote.
Markey joined various groups also pushing for the new regulations—Public Knowledge, Center for Digital Democracy, Color of Change, Consumer Federation of America—on a conference call with reporters to urge the FCC to proceed with that vote.
Markey is also a big backer of set-top reforms that the FCC was also scheduled to vote on before the chairman pulled the item from last month's meeting.
Markey several times said the FCC needs to stay on course for the Oct. 27 vote, calling it a "critical moment" for privacy.
The senator said that just as the country has to make sure Russia doesn't compromise our privacy, no one else should.
Markey did not stay around long enough to answer a question about whether he was suggesting Russia got the info from insecure ISPs, but others on the call said they didn't think that was what he was saying.
The groups are mostly supportive of the FCC's decision to make web browsing and app use history information that ISPs must get affirmative (opt-in) consent to share with third parties for marketing or other purposes.
That is different from the information sensitivity approach to edge providers, which does not require similar opt in for Google or Facebook sharing of user data. That distinction is one that does not sit well with ISPs, who point to that disparate treatment and want the FCC to align better with the FTC.
The groups on the call suggested that was a red herring and ISPs don't really care about those edge practices.
Thanks to its reclassification of ISPs as common carriers, the FCC assumed broadband privacy regulation, which the FTC had overseen along with edge providers—the FTC is precluded from regulating common carrier privacy.
The groups said they would have preferred the FCC's original approach of making almost all third-party sharing of user info opt in, though ISPs say the FCC's proclaimed pivot to the more FTC-like sensitivity approach is about the same thing since it sweeps web browsing and app use into the category.
The groups said they were not opposed to stronger FTC regs on other parts of the internet ecosystem but say they are focused on the "special relationship" between ISPs and customers and the FCC authority over those ISPs.
The proposal also includes enhanced disclosure of what data is being shared and how, sets deadlines for breach notifications, and prohibits take it or leave it offers—share your data or don't sign up for our ISP service—though it does allow for pay-for-privacy models, which can be reviewed on a case-by-case basis.
The groups would prefer no pay for privacy and for all communications information—including IP addresses and device identifiers—to be sensitive data.
Responding to the call, the ISP-backed 21st Century Privacy Coalition cochair Jon Leibowitz took issue with the groups' and the senator's stance.
"Notwithstanding clear evidence in the record to the contrary, a few people continue to argue that ISPs have unique and comprehensive insight into consumers’ web-browsing and app-usage information. They are using this mistaken claim to urge the FCC to implement a sensitivity-based approach that looks quite different from the one backed by both the Obama Administration and the FTC.
“The FCC should not base its final broadband privacy rules on such a fundamentally flawed premise. Instead, it should more clearly adopt the approach of the FTC and Obama Administration, which more fully protects the privacy of consumers while allowing the internet to flourish.”
Leibowitz should know about that FTC regime, he is the former Obama FTC chair who oversaw that self-regulatory based, privacy by design approach.
Former House Communications Subcommittee Chairman Rick Boucher, currently honorary chair of the Internet Innovation Alliance, also saw the FCC approach as overly broad and creating a bifurcated regulatory approach.
“Consumer data is inconsistently protected when it’s not allowed to be used in certain ways by some companies but is permitted to be used in the same way by others," he said. "In line with the FTC’s model, which applies to Internet edge providers, the FCC should develop an approach to privacy for ISPs with the level of protection based on the sensitivity of the data and how it’s being used. By conforming the privacy protections across the Internet ecosystem, consumer confusion will be avoided.”