After the new FCC chair Ajit Pai and Congress, through a Congressional Review Act legislative veto signed by the president, rolled back Obama-era broadband privacy rules applying to collection and use of your personal information by Internet Service Providers (generally large telephone and cable companies) the states (and some cities such as Seattle) moved to replace protections. AT&T, Verizon and Comcast swiftly sent lobbyists out around the nation to quash or delay the efforts.
This week, Sacramento remains under siege by a phalanx of ISP lobbyists as a key California proposal, AB375 (Chau), is considered. The Senate Rules Committee -- after stalling it for weeks -- finally referred it to a gauntlet of 3 committees in an effort to kill it. Positively, following ongoing efforts from the mayor of San Francisco and others including consumer, privacy and other civil society groups (letter from 17 groups including CALPIRG) and others, one committee chair, of Senate Business and Professions, has waived his committee's review rights but the bill still faces votes tomorrow in both the Utilities and Judiciary Committees. As the groups said in their joint letter:
"Providers of broadband internet service have a unique and powerful role in today’s online ecosystem. Their position as internet gatekeepers gives them a comprehensive view of individual consumer behavior, one that consumers cannot readily avoid or shield themselves from when they use necessary internet services. The power of the internet service provider is further enhanced by the lack of competition that presently exists for high-speed access. According the latest FCC data, 41 percent of Americans have only one company offering high-speed broadband access in their community.
As the role of the internet in the daily lives of consumers increases, this means an increased potential for data collection of personal information and sensitive facts about one’s daily life. The shadow of surveillance can create a chilling effect on speech, association, and online commerce, and even increase the potential for data-driven discrimination, governmental overreach, and the theft of highly personal information. By contrast, strong protections that enhance Californians’ confidence would encourage greater adoption and use of the internet, as individual comfort and trust leads individuals to conduct even more of their everyday business online."
Why should ISPs be subject to tougher privacy rules than Amazon, Facebook and other so-called "edge" companies? The answer is: "Why shouldn't they?" You don't have to shop at Amazon and you don't have to join Facebook, but to access the Internet, you need an ISP. While a few non-profit and smaller ISPs still exist, most people log on through one of the big ISPs. Every click and every keystroke goes through their servers (even if you are using any private browsing tactic).
Battle continues in DC: The FCC and FTC both generally support weaker privacy regulations for all firms. A proposed broadband privacy bill from Rep. Marsha Blackburn (TN), HR2520, purports to protect some personal information under an opt-in consent regime rather than a weaker opt-out, but the bill is loophole-ridden and aggressively preemptive of state and local authority (letter from privacy and consumer groups, including PIRG, comparing industry-friendly HR 2520 to better Senate proposal (Markey-MA (note correct Markey bill# is S878)) and other bills.