Broadband providers can now heave a sigh of relief that the FCC has heeded to their plea to halt data security rules adopted by the agency last year. These ruled were supposed to have taken effect March 2.
The FCC last Wednesday granted a stay petition in part to the 2016 Privacy Order adopted by the commission on Oct. 26, 2016. This followed 11 separate timely petitions received by Jan. 3 and nine trade associations filing a petition to stay the rules on Jan. 27.
Announcing the order, which was adopted by a 2–1 vote cast along party lines, FCC chairman Ajit Pai signaled that additional relaxation on privacy rules could be in offing. He clarified that the FCC should not be engaged in any policing of broadband providers as these companies fall under the purview of the FTC.
The Petitioners
The petitioners included AT&T Inc. (NYSE: T), Comcast Corporation (NASDAQ: CMCSA), T-Mobile US Inc (NASDAQ: TMUS) and Verizon Communications Inc. (NYSE: VZ) and associations, including the ACA, CTIA, ITTA, NCTA, NTCA, USTelecom, WISPA and WTA.
Crippling Bottleneck Out Of The Way
The privacy orders would have dealt a severe blow to high-speed ISPs such as AT&T and Verizon, which had pinned their hope on user data to serve targeted advertising. The new rules would have required these companies seek permission from users to gather and give out data on web browsing, app use, location and financial information of the users. Earlier, only phone and cable companies were subjected to some form of privacy protection rules.
What The Data Security Requirement Means
The 2016 data security requirement currently temporarily repealed requires broadband internet access service, or BIAS, providers and other telecom carriers to take responsible measures to protect proprietary information of customers from unauthorized use, disclosure or access.
The stay petition contended that although the order adopts a reasonable measures standard, its articulation of the standard's meaning substantially widens the uncertainty and compliance burdens imposed upon ISPs relative to all other internet entities.
Related Link: Net Neutrality Opponent To Head The FCC; Who Benefits?
The petitioners also said they would have to bear substantial costs and burdens, complying with the new rules. If the commission grants the pending petitions for reconsideration, the costs are non-recoverable, the petition said.
The petitioners also pointed out that the ISPs have relied on a voluntary set of privacy and data security principles consistent with the FTC's framework. These "ISP Privacy Principles" include a commitment to take reasonable measures to protect customer information from unauthorized use, disclosure, or access, taking into account the nature and scope of their activities, the sensitivity of the data, the size of the ISP and technical feasibility.