The FCC recently voted to propose new data privacy rules for broadband internet service providers. According to a summary released by the FCC, the proposed rules would require broadband Internet service providers (ISPs) to clearly disclose how customer data is being used, take reasonable steps to protect consumer information, and require notifying affected customers within ten days of discovering a data breach. The proposed rules would also require notifying the FCC, the FBI, and the Secret Service within seven days of discovering a data breach.

The FCC has indicated that the proposal does not apply to websites that are governed by the FTC, which places websites – such as social media platforms – outside the scope of the proposed rules. Rather, the rules are designed to provide consumers with better control over how broadband ISPs use and share their information. For instance, the rules will require broadband ISPs to obtain opt-in consent from consumers before using their information for any non-communication services related purpose.

Tip: Interested parties should submit comments to the FCC before May 27, 2016. Comments may be filed electronically through the FCC’s Electronic Comment Filing System.