BroadbandGovernement-ITLegalNetworksProjectsRegulationService ProvidersSurveillance-IT

American ISPs Need Permission To Share User Web Data

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Privacy win for America. The FCC requires US ISPs to gather consent before sharing online data

The US Federal Communications Commission (FCC) has finalised rules that places a welcomed privacy requirement on all American Internet service providers (ISPs).

The new rules dictate that ISPs have to obtain explicit consent from their customers before selling data about online behaviour to third-party marketing businesses.

ISP Privacy Rules

“The rules implement the privacy requirements of Section 222 of the Communications Act for broadband ISPs, giving broadband customers the tools they need to make informed decisions about how their information is used and shared by their ISPs,” stated the FCC.

To provide consumers more control over the use of their personal information, the rules establish a framework of customer consent required for ISPs to use and share their customers’ personal information that is calibrated to the sensitivity of the information,” it said. “This approach is consistent with other privacy frameworks, including the Federal Trade Commission’s and the Administration’s Consumer Privacy Bill of Rights.”

privacyData that will be protected by these new rules include what websites Americans visit, their mobile phone location, app usage, and other data.

ISPs have to gather an “opt-in” consent from customers, and customers also have the option to “opt-out”.

However there is also exceptions to consent requirements, such as when customer consent is inferred for certain purposes such as billing etc.

The FCC said that its rules are limited to broadband service providers and other telecommunications carriers.

These means that companies such as Facebook, Google and others that use personal data for targeted advertising, will not be affected.

Last December for example Internet rights group the Electronic Frontier Foundation (EFF) filed a complaint with the Federal Trade Commission (FTC) in the US after it allegedly found evidence to suggest Google is collecting and data mining the personal information of school children who use Google’s services.

The UK

The new rules for ISPs in the US will be welcomed by privacy campaigners, and comes hot on the heels of the US Senate blocking an expansion of FBI surveillance powers.

But on this side of the pond, the average British Internet user is not so fortunate.

In June the British government successfully pushed through its Investigatory Powers Bill, which forces Internet Service Providers to store the people’s online activity data for a year.

That legislation witnessed a turbulent progress through the House of Commons. It had been opposed by many technology firms (including Apple) and ISPs.

Some of the more contentious aspects were in the end watered down, as the law no longer requires ISPs to store Internet traffic from companies abroad.

The government has also insisted it includes “strong” warrant authorisation requirements for authorities wanting to gain access to a user’s detailed Internet browsing history.

Quiz: The Cloud in 2016!