FCC Passes Broad Privacy Rules, Limits Behavioral Advertising By Broadband Providers
The Federal Communications Commission on Thursday passed sweeping privacy rules that limit broadband providers’ ability to engage in online behavioral advertising.
The rules, passed by a 3-2 vote, prohibit Internet service providers from drawing on information about subscribers’ Web activity and app usage for ad targeting.
“It is the consumer’s information. It is not the information of the network the consumer hires to deliver that information,” FCC Chairman Tom Wheeler said Thursday morning shortly before the vote. “The consumer has the right to make a decision about how her or his information is used.”
The new rules apply only to companies that provide consumers with access to broadband, like Comcast, Time Warner and Verizon. Web publishers, search engines, social networks and other so-called “edge providers,” aren’t bound by the new rules and need not obtain users’ explicit permission to draw on data about their Web use for ad purposes.
The regulations mark a “common sense step,” Wheeler said. He added that the privacy order has the effect of “extending to the Internet the same kinds of concepts that we have for decades extended to the telephone network.”
Privacy advocates supported the rules, but the ad industry and broadband providers lobbied heavily against them.
“The FCC’s decision is bad for consumers and bad for the U.S. economy,” the Direct Marketing Association stated after the vote. “FCC‘s action ignores what’s working and working well, and supplants it with a burdensome system that will stifle innovation and make it harder to deliver advertising messages that are relevant and useful to consumers.”
Many opponents argued that broadband providers should follow the same privacy standards as other online companies, like Google and Facebook. Those companies generally follow an industry code that allows consumers to opt out of receiving targeted ads based on Web-surfing data. The ad industry’s self-regulatory code requires companies to seek opt-in consent from consumers before drawing on “sensitive” data, but defines that concept relatively narrowly. The definition includes financial account information, geolocation data and certain types of healthcare information.
Advocates largely cheered the FCC’s vote. “This is a tremendous public interest breakthrough for privacy rights in the U.S., which lags behind nearly every other democracy when it comes to protecting online privacy,” Jeff Chester, executive director of the Center for Digital Democracy said in a statement.
Sen. Ed Markey (D-Massachusetts) added: “These rules will ensure that as technology changes, our core values do not — that consumers, not corporations, have control over their personal information.”