The FCC Expands Oversight Of Internet Service Providers

fccimgThe Federal Communications Commission (FCC) passed a stringent set of online privacy regulations on Thursday.

The law, expected to go into effect next year, expands the FCC’s mandate over internet service providers (ISPs), which will soon have to obtain individual consent to use data drawn from a subscriber’s activity, such as web browsing, app usage or location information.

FCC Chairman Tom Wheeler argued prior to the 3-2 vote that data gleaned from web browsing and app usage is “the consumers’ information.” How that data is used by marketers “should be the consumers’ choice. Not the choice of some corporate algorithm,” Wheeler said.

The FCC rules draw a clear regulatory divide between digital marketing platforms like Google, Amazon and Facebook, which track users and target ads based on digital data, and broadband providers like Verizon, Comcast and AT&T, which seek to do the same.

Earlier this month AT&T’s legal counsel submitted a brief asserting: “There is no sound reason to subject broadband providers to a different set of rules than other internet companies.”

The new regulatory framework will “deny broadband providers the same opportunity other internet companies have to participate in the fast-growing digital advertising market,” according to AT&T.

For decades, telcos have followed regulations on subscriber data that permit marketing for extensions of their own service, but not for third-party purposes. So a telco could use its knowledge of someone’s phone use to upsell a related product package – but it could not pass that data along for other marketing purposes.

The FCC regulations establish a similar dynamic for ISPs. For instance, Verizon can track subscribers to offer promotions or a new mobile plan, but it won’t be able to apply that data through AOL without the individual’s consent.

“[The FCC vote] marks a significant step forward in protecting consumer privacy,” said Dallas Harris, a policy fellow at the consumer advocacy group Public Knowledge, which argued in support of the regulations. “For the first time, ISPs will be required to get consumer consent prior to using the sensitive information they collect.”

Stakeholders in the ad industry disagreed.

The Federal Trade Commission (FTC) has a longstanding policy of interpreting “sensitive information” to encompass children’s browsing and data, financial or health care data and personally identifiable information like a name or Social Security number.

“This new proposal, which is terrible and unprecedented, throws away all the self-regulatory standards of the FTC and instead sweeps all browsing data into the category of ‘sensitive information,’ even if it’s just someone interested in their local weather or whether the orange juice with or without pulp is on sale,” Dan Jaffe, the ANA’s VP of government relations, told AdExchanger.

The executive director of the Digital Advertising Alliance, Lou Mastria, said the law is counterproductive for consumers, who will have to navigate different regulatory standards for their ISPs compared to online platforms, even though most users don’t know the differences between those categories.

“By rejecting the industry’s accepted definition of sensitive information, the FCC chose patchwork and inconsistent standards over common sense,” Mastria told AdExchanger.

Dave Grimaldi, EVP of public policy at the IAB, also criticized the broadness of the FCC’s “sensitive information” definition, and said in a statement that the agency’s decision is “an unfortunate step toward destabilizing the ad-supported internet economy.”

The DMA said the FCC decision “discards the regulatory framework that has fostered the growth of the internet economy and supports much of the content and services consumers enjoy every day,” said Emmett O’Keefe, senior VP of advocacy. “There are no winners in this action, only losers.”

Others do see winners.

“This is a gift to edge providers,” the ANA’s Jaffe said, referring to digital platforms like Google, Netflix and Amazon that are leading the data-collection game but aren’t actual broadband providers.

In a stinging dissent, FCC Commissioner Ajit Pai, one of the two who voted against the law, contended that online operators like search engines, video networks and ecommerce markets are the ones wielding power and data online.

“Ironically,” he wrote, “selectively burdening ISPs, their nascent competitors in online advertising, confers a windfall to those who are already winning.”

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!

1 Comment

  1. Jack Kaiser

    Advertisers constantly argue that this is something that benefits consumers, something that they appreciate. If that’s truly the case, then why worry so much about consent? This is just internalizing what was widely treated as an externality, despite the fact that users and their data are obviously a crucial element to any form of targeting. In other words, users are kept from knowledge of a marketplace in which they are heavily-involved. They don’t need to be considered as they don’t have to be convinced of the value-add, as it stands.

    Hopefully, this is just step one, and similar restrictions will be applied to the other companies that this article refers to. As Mastria asserts, this inconsistency isn’t ideal. Unlike what Mastria might believe, however, these restrictions would be most effective if applied to edge providers as well.