The Federal Communications Commission (FCC) is facing resistance on multiple fronts to its proposed privacy and data security rules for broadband Internet access services (BIAS). Most recently, 16 state Attorneys General jointly sent a letter to the FCC expressing their concerns about the rules’ potential to preempt state privacy laws. In addition, the Attorneys General pointed out that the rules, which seek to regulate how BIAS providers (i.e., internet service providers) treat customer personal information, will add yet another layer to an “already complex” patchwork of privacy laws that businesses must navigate when interacting with customer information. Namely, the regulators pointed out that the FCC’s rules would complicate efforts to protect consumer privacy because the rules would only apply to a limited set of businesses.
These concerns echo those of the Federal Trade Commission (FTC) and BIAS providers. In May, the FTC stated that the FCC’s proposed rules would have the effect of imposing more restrictive requirements on BIAS providers than other industries that similarly collect large amounts of customer information, a potential outcome the FTC called “not optimal.” The FTC noted that while it generally supported the FCC’s proposed rules, it ultimately favored an approach where consumer privacy and data security requirements apply equally to businesses regardless of their industry affiliation. The same month, the United States Telecom Association, a broadband and telecom industry group, called the FCC’s proposed rules “antithetical to current privacy law and practice,” and advocated for the FCC to harmonize its rules with the FTC’s approach, where all industries are held to similar standards.
TIP: These comments underscore the concerns that have been raised with the proposed FCC rules. While companies wait for final regulation on this front, they can take this time to audit and understand their current practices to address any future requirements that may arise.