Proposed FCC rules that would require broadband Internet service providers (ISPs) to obtain subscriber consent before collecting and sharing certain data with advertisers and other third-parties were spotlighted Tuesday at a Senate Commerce Committee hearing where lawmakers and witnesses voiced differing opinions on the extent to which the FCC’s plan deviates from long-standing Federal Trade Commission (FTC) policies on web privacy.  Citing FTC policy, some committee members also questioned whether the FCC’s rulemaking proposal is needed. 

As specified in a March 31 Notice of Proposed Rulemaking (NPRM), the proposed FCC rules, if enacted, would separate consumer data into three categories that, in turn, ,would require ISPs to obtain differing levels of consumer consent for sharing or marketing such data.  Noting that the proposed rules would apply exclusively to ISPs and not to websites and other “edge” providers that fall under FTC jurisdiction, the NPRM further states that ISPs would be required to provide customers with “clear, conspicuous and persistent notice about what information they collect, use and share with third parties.”

Emphasizing that the FTC “has brought over 500 cases protecting the privacy and security of information, including cases where companies were alleged to have deceptively tracked consumers online, or to have shared private consumer data with unauthorized third parties,” committee chairman John Thune (R-SD) asked whether “the FCC, which is a novice when it comes to regulating Internet privacy, [is] the right agency to . . . protect our private information?”  However, as Thune cited FTC comments on the NPRM that suggest the FCC’s plan to subject ISPs to privacy regulation to the exclusion of other web-based entities is “not optimal,” ranking committee member Bill Nelson (D-FL) countered that the FCC “is the expert agency for regulating communications networks, including broadband networks.”  Senator Brian Schatz (D-HI) also explained that a separate data privacy regime for ISPs is needed as ISPs occupy a “special place” in the Internet ecosystem that is distinct from edge providers. 

Meanwhile, in testimony before the committee, former FTC Chairman Jon Liebowitz (now co-chairman of the 21st Century Privacy Coalition) argued that the proposed FCC rules “do not reflect the economic and technological realities of the Internet ecosystem, which bears little to no resemblance to the traditional voice services market that the FCC has regulated.”  Countering, however, that “numerous privacy standards” exist for the same services, Georgetown University Law Professor Paul Ohm told the panel that the FCC’s proposals are “measured” and are especially needed at a time when only 13% of rural customers have only one fixed broadband network provider to choose from.