Groups Ask FCC to Protect Consumer Privacy from Prying Broadband Eyes

The Federal Communications Commission acted decisively last year to protect the internet's open, freewheeling nature, in a landmark victory for public interest groups.

Now, consumer advocates want the agency to use its newly-strengthened power to safeguard internet users' privacy as well.

More than 50 public interest groups sent the FCC a sharply-worded letter on Wednesday demanding that the agency use its authority to "to protect consumers from having their personal data collected and shared by their broadband provider without affirmative consent."

The letter, which was signed by the American Civil Liberties Union, the Electronic Frontier Foundation, Free Press, Public Citizen and Public Knowledge, among others, underscores growing concern in the public interest community about the power of broadband giants like Comcast, AT&T, and Verizon to collect consumer data for the purpose of intrusive online advertising—and potentially, government surveillance.

"Every bit of data that consumers access on the internet passes through the hands of an internet service provider," Meredith Rose, staff attorney at Public Knowledge, a DC-based advocacy group, said in a statement. "It's this gatekeeper role that gives ISPs access to a vast amount of private data about their customers, and creates a substantial potential for abuse."

FCC officials have been signaling for months that they intend to wade into the fierce debate about online privacy, but the agency has thus far held its fire, in part because the open internet rules are currently the subject of a major federal lawsuit. The FCC is also wary of treading on an area of policy that has traditionally been the purview of the Federal Trade Commission, which has historically taken the lead on consumer privacy.

Last November, FCC Chairman Tom Wheeler told Charlie Rose that the agency plans to address the "privacy practices of those who provide network services and how it affects you and me." A few weeks later, Wheeler told journalists to "stay tuned because this is something we are looking at right now."

As broadband giants develop ever-more sophisticated ways of collecting user data and tracking the online habits of their customers, consumer privacy has become one of the hottest topics in tech policy. Privacy advocates warn that without strong federal protections, broadband companies will amass vast troves of user information to use for online advertising—information that could also potentially be turned over to government snoops, or stolen by hackers.

In the coming weeks, the FCC is expected to announce a rulemaking process designed to regulate how and when broadband giants can use consumer data for targeted advertising and other purposes. Under the FCC's 2015 open internet order—which codified net neutrality, the principle that all internet data should be treated equally—the agency has the authority to issue strong new rules protecting consumer privacy.

In their letter, the public interest groups warned that the broadband industry's data collection practices have the potential to create a "chilling effect on speech and increase the potential for discriminatory practices derived from data use."

It's unlikely that the FCC will extend its privacy authority beyond the big broadband companies to so-called "edge providers" like Google, Facebook and Twitter. Last fall, the agency declared that it "has no intent to regulate edge providers," and denied a petition from the California-based advocacy group Consumer Watchdog that would have required websites to honor so-called "Do Not Track" requests.

The FCC's primary jurisdiction concerns "network providers" like Comcast, AT&T and Verizon, as opposed to companies like Google, Facebook and Twitter, which provide online content and services at the "edge" of the network, although that distinction is growing increasingly murky as Google and Facebook begin to provide network connectivity themselves, through projects like Google Fiber and Facebook's ambitious drone-powered internet service effort.

The FCC has thus far taken a cautious approach to consumer privacy, in part because the open internet policy is currently being contested in a high-stakes legal showdown playing out in the US Court of Appeals for the DC Circuit. A decision on that case is expected early this year. If the FCC loses the case, its ability to enforce strong consumer privacy protections could be jeopardized. So it's likely that the agency will wait for the federal court to rule before it acts decisively on privacy.

The FCC declined to comment on the public interest groups' letter, but the agency's silence on the matter will not last for long. Once the open internet rules are upheld in federal court—as many tech policy experts expect they will be—the FCC's next move will likely be robust consumer privacy protections.