We’ve been discussing how the FCC is planning to craft new privacy rules for broadband customers. The move was initiated in large part after Verizon was caught modifying wireless user packets to inject a stealth header that tracks user behavior around the Internet. The technology was in use for two years before security researchers even discovered it, and it took another six months — and an FCC investigation and $1.3 million settlement — for Verizon to let customers opt out.
The FCC is fielding public comment on the idea of new rules, and not too surprisingly, Verizon isn’t particularly thrilled about them.
The telco is taking particular issue with portions of the rules that require that consumers opt in to some data collection and sharing, instead of the industry standard practice of putting the onus on consumers to opt out. While the rules haven’t been crafted yet, FCC boss Tom Wheeler offered this fact sheet (pdf) that breaks down what the FCC is planning.
In a filing with the FCC, Verizon argues that requiring that customers opt in to some data collection and sharing would put unfair requirements on broadband providers, making it difficult to compete. Verizon is, of course, shifting its attention into the Millennial ad business with its recent AOL acquisition, pursuit of Yahoo, and the launch of its Go90 streaming video service.
“We noted that the broad opt-in requirements proposed in this proceeding are unnecessary to protect consumers and inconsistent with the practices of other Internet companies,” wrote William Johnson, Verizon’s senior vice president of federal regulatory and legal affairs in the filing. “The proposed opt-in requirement — including for the marketing of a provider’s own products and services to its customers and for the internal sharing of customer information with affiliates — would create substantial practical challenges for broadband providers and would make it more difficult for these providers to bring new competition to the market for online advertising.”
ISPs have been complaining that saddling them with extra privacy protections is unfair, since the same rules aren’t being applied to companies like Google. But the FCC has argued that while consumers have the choice of search engines or webmail clients, most consumers don’t have much choice in broadband providers. The lack of competition in broadband means tougher rules are necessary to keep ISPs in line, insists the FCC.
Verizon once claimed that consumer broadband privacy protections weren’t necessary because “public shame” would keep the company honest. However, as Verizon’s stealth cookie incident proves, letting large ISPs self-regulate on privacy issues doesn’t appear to work particularly well in actual practice.