“Rather than craft an ISP-specific privacy regulation, Congress should pass a national privacy law that preempts states and sets baseline standards for the whole economy,” said Aurelien Portuese, director of The Schumpeter Project on competition policy at the Information Technology & Innovation Foundation.
Portuese’s comments followed the FTC staff presentation of a report on the privacy practices used by six major internet service providers – AT&T, Verizon Wireless, Charter Communications, Comcast, T-Mobile and Google Fiber – and three of their advertising affiliates regarding data collection and use practices. The six ISPs combined comprise 98.8% of the U.S. mobile internet market.
“The expansion of ISPs into vertically integrated entities that not only provide internet, voice and cable services, but also produce the content transmitted across these pipes and sell behavioral advertising, has enabled these firms to consolidate and aggregate a staggering array of data,” said FTC Chair Lina Kahn.
If anything, Kahn said, the report reveals a need to keep an eye on mergers that would lead to the “degradation of user privacy.”
Khan added that the report further unveiled problems with the notice and consent framework for privacy and noted concern for how the “individualized and hyper-granular dossiers” these ISPs have gathered on their users could lead to discriminatory practices. To these means, she sounded support for reasserting the FTC’s authority to oversee ISPs and “put in place nondiscrimination rules, privacy protections and other basic requirements needed to create healthier markets.”
ISPs tend to provide one core service – internet, voice and video – to the consumer, Khan said. They also provide Internet of Things services like home security or connected wearables or content like video or website content, or advertising as an ad platform or providing advertising analytics. The report found that some of the ISPs combine the data they have across products, said Andre Arias, an FTC attorney.
Many ISPs, Arias claimed, “can be at least as privacy intrusive as advertising platforms.”
Several ISPs in the study “pool and cross-reference” sensitive and detailed data about subscribers and their households, gathering it sometimes through unexpected ways like web browsing history or email contents, that can then be used in harmful ways by property managers, bail bondsmen or bounty hunters. The privacy choices that the ISPs give their customer are also “often illusory…[nudging] consumers towards great sharing of personal data through a variety of dark patterns.” Even when the customer blocks the tracking through device or browser settings, she said the ISPs still use their “supercookie technology to defeat those tools.”
The current “patchwork process” in data collection and privacy regulation further confuses consumers and reduces their ability to protect their privacy online, said Shane Tews, non-resident senior fellow at the American Enterprise Institute.
And there is no need nor benefit for a sector-based solution to privacy laws, Portuese said, warning the chilling effect that unilaterally enforcing sector-specific privacy standards will have on competition.
“A federal policy framework would avoid the current fragmentation of guidance and encourage more secure digital innovation,” Tews said, applying a “holistic approach to privacy protections and…the same safeguards” to all companies collecting and using data in the space.
This “fact-finding” study undertaken by the FTC into the industry, which was initiated in 2019, was and will continue being imperative,” said John Verdi, senior vice president of policy at the Future of Privacy Forum, and the FTC could garner more authority to investigate and enforce consumer protections by working with Congress on this bipartisan issue.
The foundation for this federal privacy law can be found through coupling a 2012 FTC privacy report with an Obama-era Consumer Privacy Bill of Rights, said Nancy Libin, partner at Davis Wright Tremaine. A former chief privacy and civil liberties officer at the Justice Department, Libin said the 2012 bill laid down the framework that distinguishes sensitive and nonsensitive data. The companies, however, would not need to request consumer consent for first-party marketing as it is inferred by the mere nature of the company-consumer relationship, she explained. The 2012 framework directs companies to provide consumers with the option to opt-out absent of this inferred consent and to request an opt-in when the company engages in deliberate data collection and use.
In The News
BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late... Read More
BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late November and stole data on 37 million customers, including addresses, phone numbers and dates of birth. T-Mobile said in a filing with the U.S. Securities and... Read More
A couple of years into the pandemic, Shirley Neville had finally had enough of her shoddy internet service. “It was... Read More
A couple of years into the pandemic, Shirley Neville had finally had enough of her shoddy internet service. “It was just a headache,” said Neville, who lives in a middle-class neighborhood in New Orleans whose residents are almost all Black or Latino. “When I was getting... Read More
WASHINGTON — Seven voice service providers face removal from a key database managed by the Federal Trade Commission if they... Read More
WASHINGTON — Seven voice service providers face removal from a key database managed by the Federal Trade Commission if they fail to demonstrate they’re taking concrete steps to comply with the agency’s anti-robocall rules. The first-of-their-kind FCC Enforcement Bureau orders give the companies until Oct. 18... Read More
BUCHAREST, Romania — An American was chosen to be the first woman to lead the United Nations’ telecommunications agency, the... Read More
BUCHAREST, Romania — An American was chosen to be the first woman to lead the United Nations’ telecommunications agency, the International Telecommunication Union, in its 157-year history after an overwhelming vote Thursday in Romania. Doreen Bogdan-Martin, the new secretary general of the agency, received 139 votes... Read More
WASHINGTON — The Federal Communications Commission is looking at ways to help deaf incarcerated people connect better with their families... Read More
WASHINGTON — The Federal Communications Commission is looking at ways to help deaf incarcerated people connect better with their families through improved telecommunications services, including video chatting, in prisons and jails throughout the country. “Incarcerated people face considerable barriers to stay in touch with their loved... Read More
WASHINGTON — The Federal Communications Commission formally added Pacific Networks Corp. and its wholly owned subsidiary ComNet and China Unicom... Read More
WASHINGTON — The Federal Communications Commission formally added Pacific Networks Corp. and its wholly owned subsidiary ComNet and China Unicom (Americas) Operations Limited to its list of companies whose telecom equipment and service pose a national security threat. The commission along with national security agencies created... Read More