The Senate voted Thursday 50 to 48 along strongly divided party lines to invalidate the FCC's broadband privacy regulations, according to C-SPAN's televised coverage of the vote.
The FCC's privacy framework was adopted Oct. 27, 2016, against the dissents of the two FCC Republicans now in the majority. Congressional Republicans pushed for the rollback.
The resolution, S.J. Res. 34, now goes to the House, where it is also expected to be approved by Republicans there looking to unwind Obama regulatory efforts. Congress has 60 legislative days to repeal regulations under the CRA.
Senate majority leader Mitch McConnell said Thursday before the vote that the Congressional Review Act resolution would be providing regulatory relief by overturning costly, confusing and innovation-stifling regulations that did nothing to protect privacy.
FCC chairman Ajit Pai, with the help of fellow Republican Michael O'Rielly, has already stayed implementation of the data security portion of the rules, which was to have gone into effect March 2, and has signaled he wants to rewrite them or deed them back to the Federal Trade Commission if ISPs are reclassified as information service providers rather than telecoms under Title II common carrier regs (the reclassification of ISPs as common carriers meant the FCC, not the FTC, had oversight of broadband privacy since the FTC is prevented from regulating common carriers). Flake and fellow Republicans want Pai to start from a clean slate.
The FCC's regs require ISPs to get their subs' permission to share their web surfing and app use histories and other "sensitive" data with third parties for marketing and other purposes, a requirement ISPs and Republicans point out is not made of edge providers like Google and Facebook and their data collection and sharing. The rules also establish deadlines for breach notifications, require clear notification to customers of what data is being collected and how it is being used, and prevent “take-it-or-leave-it” offers—conditioning service on allowing data sharing. ISPs would also be required to take reasonable measures to secure the information.
The regs allow ISPs to provide incentives to customers for sharing that data, referred to by some as "pay for privacy," but the FCC would monitor the practice on a case-by-case basis and require heightened disclosure. It also said it would launch a new proceeding looking into the practice, which means it could ultimately decide to prevent it, though such a proceeding would be unlikely under the new chairman no matter what happens to the rules in Congress.
The no take-it-or-leave offers part has already gone into effect, the data securing requirement implementation has been stayed per above, and the balance of the regs have yet to go into effect and would not until the end of the year.
ISPs have pushed Congress and the FCC to roll back the regs, saying they were overly restrictive in relation to edge providers' privacy regulatory regime and could adversely impact the free web content model.
The vote followed heated debate that began the evening before but was dominated by Democrats bitterly opposed to the move and using words like "subvert, damage, sabotage and destroy." Sen. Ed Markey (D-Mass.) spent more than an hour over two days excoriating the Republicans for stripping consumers of online protections in service of "broadband barons" who would ride roughshod over that privacy in the interests of monetizing the data. Sen. Bill Nelson (D-Fla.), ranking member of the Senate Communications Subcommittee, also hammered Republicans over the effort.
Nelson argued that Congress should let the FCC deal with changing the rules in its current open proceeding—ISPs petitioned it to reconsider the decision after the new Administration came in—rather than use the "blunt instrument" of the CRA, which requires only a simple majority to repeal regulations passed in the last months of a previous administration and prevents an agency from approving "substantially similar" regs.
Markey warned again Thursday about smart TVs listening in to conversation—saying privacy was in danger—cited cybersecurity breaches of Yahoo! and others, and talked about Russian hacking of the election.
He said the vote was about whether consumers, not big broadband companies, had control over consumer data. He said self-regulation would allow broadband companies to write their own privacy rules and ignore "reasonable" data security practices.
Markey said net neutrality rules would be next. "We must stop this today," he said. "This will be a vote to be remembered," calling it the most important privacy vote "of all time."
On the other side, Sen. John Cornyn (R-Texas) said the CRA was an effort to undo last-minute Obama regs that hurt economic growth. He said those FCC rules were an example of the government picking winners and losers and called them bad regs that needed to be repealed.
Pai said following the vote that his goal, should the resolution be passed by the House, would be a level privacy playing field for all parts of the broadband ecosystem.