On October 6, Federal Communications Commission (FCC) Chairman Tom Wheeler outlined proposed rules to protect broadband consumers’ privacy. The proposed rules would apply to internet service providers (ISPs) and cover data collection, usage, security, and breach notification.

If this proposed plan is adopted, ISPs would need to notify their consumers about the types of data being collected, when and how collected consumer data can be shared. ISPs would also be required to adopt reasonable measures to protect consumer data from data breaches and other vulnerabilities.

A big unanswered question is what to do with all the sensitive information collected. This is information related to everything from geo-location, children, money, health and app usage to browsing history, and communications content. A key requirement for sensitive info is that ISPs would have to obtain affirmative “opt-in” consent from consumers before using or sharing such information. However, for non-sensitive data ISPs would only have to offer consumers the ability to “opt-out”  before using or sharing that information.

Please refer to Chairman Wheeler’s factsheet, Chairman Wheeler states that the proposed rules of ISPs are in line with the FCC’s regulation of other telecommunication carriers, and points to the FCC’s regulation of telephone companies’ usage of consumer call information as precedent.

Interesting stuff. We will be following this as it develops over time.

 The FCC will consider the proposed rules on October 27, 2016.