Internet service providers won’t be held to a higher privacy standard. In a two to one party line vote, the Federal Communications Commission put consumer privacy rules it adopted in October on indefinite hold, and passed the buck over to the Federal Trade Commission. The new rules would have, for example, required ISPs to get affirmative, opt-in permission from customers before selling sensitive personal data, such as web browsing history.
In a joint statement, FCC chair Ajit Pai and (temporary) FTC chair Maureen Ohlhausen said consumer protection rules shouldn’t be in the FCC’s domain…
We still believe that jurisdiction over broadband providers’ privacy and data security practices should be returned to the FTC, the nation’s expert agency with respect to these important subjects. All actors in the online space should be subject to the same rules, enforced by the same agency.
Until that happens, however, we will work together on harmonizing the FCC’s privacy rules for broadband providers with the FTC’s standards for other companies in the digital economy.
The joint statement also points out that scrapping the FCC rules leaves a big gap: the FTC’s privacy standards don’t apply to ISPs yet.
When someone has as much access to your private and personal information as an ISP does, a higher standard should apply. Your doctor has to follow different, and stricter, privacy rules than your auto mechanic. So should the companies and public agencies you use to communicate with your doctor. Or anyone else.