FCC has a go at consumer privacy – doesn’t nail it

FCC has released new rules which in theory provide greater transparency as to how ISPs can use personal information, but will the consumer ever understand these rules?

Last week, the FCC voted on and approved privacy requirements of Section 222 of the Communications Act for broadband ISPs, which in theory will give US customer the opportunity to control what information is available for ISPs to generate revenues through personalized advertising. However, thus far there is little guidance on how these measures will be presented to the consumer; what is to prevent a telco from hiding the new opt-in measures in a lengthy T&Cs document which very few customers will read?

The new rules will, in theory, allow the customer to control what information is at the disposal of the telcos when engaging with other partners, and fall into two categories. Certain information, which is not deemed as sensitive such email address or service tier information, can be shared by the ISP assuming the customer has not hit an opt-out. However, more sensitive information such as precise geo-location, financial or health info, social security numbers, web browsing history, app usage history and the content of communications, will require an opt-in from the customer.

Although the FCC is seemingly taking the side of the customer, there is very little guidance as to how the opt-in/opt-out is collected. Let’s be honest, how many people take the time to read the T&Cs of any new service (broadband or otherwise)? Your correspondent does not most of the time unless explicitly instructed to, and the majority of the time has no idea how personal information is being used. That is my own failing, though I doubt I am alone in this bracket. It is a nice idea from the FCC, but there are ways around it.

When the ruling was first discussed, it may well have been a heart-in-mouth moment for a couple of the US telcos, who have been looking to the world of personalized advertising as a means to recoup eroding profits. Verizon parted with $4 billion to acquire AOL as a means to expand its media focus, and is looking likely to drop another couple of billion on Yahoo (unless it can squirm out of it).

Combining the information collected through its ISP business with the media assets was a means to generate handy advertising revenues. Currently ISPs can collect and use this information unless specifically requested not to by the customer, however the FCC has tried to make the acquisition of this information a proactive move from ISPs as opposed to passive, seeking out approval as opposed to gaining it by default. The FCC ruling could have been a very unpopular move, though would seem nothing more than a minor inconvenience.

The rise of IoT and the connected home has given more weight to the argument, as the connectivity providers (the ISPs) would have access to unprecedented amount of information, which privacy advocates deem dangerous. Dangerous at least if not monitored and the trustees of this information held more accountable. This for the most part would be deemed understandable, though there is a slight element of double-standards.

The rules themselves apply to the ISPs who witnessed the effectiveness of this advertising model through the rise of the OTTs. The internet giants are still young in the world of technology despite the influence they are able to wield. To date, these giants fall in between the gaps of the regulatory landscape and therefore cannot be held accountable by the FCC.

In this sense, you have to feel a bit sorry for the ISPs. The telco business model has been torn apart and the once glorious profits have been deconstructed, and all through a business model which the ISPs themselves are now not allowed to practise.

Despite a small window of sympathy for the ISPs, it isn’t going to last that long. The FCC ruling could have been a disastrous blow for the ISPs, though the inadequacy of the whole proposition has ensured the ISPs do have a route to continue the practise and mount a challenge for advertising revenues against the internet giants.

With instances like this demonstrating the US’ inability to regulate its own telco market, is it any wonder the European Commission has been so desperate to put together mechanisms such as Safe Harbour and the EU_US Privacy Shield, to protect the data and civil rights of its citizens.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.