Recently, FCC Chairman Tom Wheeler proposed a set of new privacy regulations addressing the transfer and use of consumer information. Just as he had done previously with the set-top box proposal, Wheeler portrayed the new regulations as unilaterally beneficial to consumers. Of course, no regulatory case at the FCC is ever so simple, and there is much more at play here, including the potential for cronyism and regulatory power-grabs.
Wheeler’s particular proposals address the ways that internet service providers, or ISPs, use the information they receive regarding consumer traffic. The new regulations would require explicit consent from consumers before ISPs begin using that information for commercial and marketing uses. Exceptions do remain, however, as the new regulations wouldn’t require consent for ISPs to market different services that their parent companies provide.
Naturally, Wheeler would want to focus on the parts of the regulations that consumers would appreciate, i.e., protection of their data. However, the FCC only recently gained authority to regulate consumer information, after declaring ISPs common carriers in the Title II Open Internet Order.
Traditionally, the Federal Trade Commission has been in charge of protecting consumer privacy, and has issued a series of rules prohibiting unfair and deceptive uses of consumer information. Unfair and deceptive practices specifically refer to any actions taken on the Internet that purposefully mislead consumers and undermine their autonomy in making decisions. This can involve companies receiving parental consent to market to children age 13 years and younger, as well as credit companies disclosing financial information to their customers and safeguarding personal information in their databases. These rules, along with other previously established rules, ensure that online businesses do not misuse their customers’ personal information.
It is important to note that the FTC’s privacy rules applied to all companies that did business on the Internet, including ISPs and other edge providers that made revenue through marketing, like Facebook and Google. However, after the Open Internet Order, the FTC lost its ability to control privacy standards for ISPs, as the agency can’t apply its rules to common carriers. This regulatory void was then quickly filled by the FCC, making it the only agency that can create regulations that affect ISPs.
These regulations would only apply to the ISPs, though, given the agency’s authority over common carriers, meaning that these other large websites wouldn’t have to follow the new privacy rules. As a result, ISPs would face unfair and burdensome new regulations that do not affect edge providers, and consumer information is barely any more private than it was before.
Ultimately, then, the FCC is using these new regulations to increase its authority over the Internet. In doing so, the consumers see little benefit in terms of protecting their private information, and ISPs continue to bear the burden of excessive regulations. As many have already noted, a large number of ISPs and Internet-based companies do want to work to better protect consumer information, in a fair and mutually advantageous manner. The FCC, however, is just complicating the matter, increasing its regulatory purview along the way.