The U.S. Senate recently voted 50-48 to nullify the Federal Communications Commission (FCC) privacy rules that were implemented during the Obama presidency, on March 23, 2017. The rules had been put in place to limit how broadband providers/carriers could use customer data.
The new privacy rules contrasted with the existing privacy guidelines of the Federal Trade Commission. The vote in the senate creates a path for a house vote and president’s signature. With a Republican majority and sharp party vote, the repeal’s odds of passing the house are high. The FCC, which is an independent agency, will follow the trend of the Trump administration’s rapid reversal of government regulations that businesses opposed during the Obama administration. The efforts reveal great changes at the center of the meeting of telecommunications, media and the internet, as well as privacy and the interplay between corporate interests and the American consumer.
The biggest point of consideration will be net neutrality, created in 2015 to prevent internet service providers from blocking or selectively limiting internet traffic. The rule, which was created in concert with a decision to categorize broadband like a functional element, was the core technology initiative of the Obama administration. In many ways, the reorganization of broadband into a service such as electricity and telephones provided the foundation from a legal standpoint for net neutrality rules. However, this has not come without its fair share of criticism or ambiguity.
Ajit Pai, “President Trump’s selection to lead the FCC, will have the help of influential members of Congress who have promised to attack the classification of broadband as a service comparable to a utility. He is well-liked among Republican leaders, including the Senate’s majority leader, Mitch McConnell, who with other members view Mr. Pai as a loyal voice of dissent during the Obama years. Mr. Pai, 44, is the child of immigrants from India who settled in the United States (Kansas), and is considered a fresh face for the Republican Party.
Some have claimed that these moves largely work in favor of corporations as opposed to the average American consumer. Congress could introduce legislation that reduces the agency’s power to regulate broadband providers and enforce net neutrality rules. Also in question are privacy standards for broadband providers. “The agency has strayed from its core mission,” said Marsha Blackburn, Republican representative from Tennessee who oversees a telecommunications/tech subcommittee who called for a hearing on the FCC agenda under the Trump administration.
To provide an example of the dilemma at hand, if a provider like AT&T offers free streaming (as opposed to implementing data limits) of its DirecTV programs, does this violate net neutrality rules because it could put competing video services at a disadvantage? It is difficult to determine. Under previous leadership, the FCC said in a report that it saw some concerning evidence regarding this potential ambiguity. But Mr. Pai said after completing investigations into wireless carriers that zero-rating was popular among consumers, in particular, low-income households. Once again, the ambiguity between principle and practice can be difficult.
The Data and Marketing Association’s (DMA) position in response was that these laws were overbearing on the part of the FCC. They argued that these laws would limit businesses that depend on ISP data as a source of their data projects and further disrupt the environment given the nature of CAN-SPAM.
The application and construction of the FCC’s privacy rules for broadband providers didn’t consider the details of how ISP/broadband providers use data. M3AAWG (Messaging, Malware, Mobile, Anti-Abuse Working Group) denied the legislation, arguing it would greatly restrict these organizations from sharing anti-abuse data and intelligence to combat negative network activity as well as external attacks.
The FCC’s privacy framework does offer benefits. In the U.S. CAN-SPAM covers email issues, HIPPA covers medical privacy issues, COPPA covers persons under 13, and so on. Privacy frameworks in Europe and Canada are much more comprehensive and designed to ensure privacy as a fundamental human need. The FCC structure seemed to resemble these broader distinctions of personally identifiable information and how to handle it, but it failed to consider the applications of this data beyond its commercial applications.
The Los Angeles Times published an article on March 24 concerning the vote in the senate in addition to the curtailing of the FCC regulations, contrasting two opposing Republican and Democrat views: what is business-friendly vs. safeguarding consumer privacy. One item not mentioned is how big data also includes information regarding Internet and mailbox abuse, nor that technology and eCommerce companies have data stores used for profiling customers, optimizing communications, and developing personalized experiences affected by the FCC rules.
Although privacy and the protection of personally identifiable information are important in an age of big data, security deserves the most consideration. These regulations facilitate standard methods for keeping PII safe and decrease a company’s digital vulnerability. No company is immune. As some security experts have quipped, “Companies either know they’re being hacked or they don’t know they’re being hacked.”
While the push to maintain Americans’ privacy is noble, more security rules and procedures will do more to safeguard consumer privacy than regulating new opt-in standards. Those involved in high-profile breaches are largely concerned with buying and selling account and profile data that require security controls to protect it.