The Federal Communications Commission ( “FCC”) received more than 276,000 public comments on its proposed broadband Internet service provider privacy rules. Of these, two academic submissions received near the July 6 deadline approach the matter from opposing viewpoints and differ in their prediction of the proposed rules’ effectiveness. These submissions reflect a wider debate among supporters and opponents of the measures as to whether the rules will help or hinder consumers’ privacy choices. 

In a July 11 letter, the International Center for Law and Economics ( “ICLE”) focused on the portion of the FCC’s Notice of Proposed Rulemaking that would require what the FCC’s 2015 Open Internet Order termed “Broadband Internet Access Service” (“BIAS”) providers to obtain an “opt-in” consent before using or sharing customer information for service delivery or non-communications marketing. The ICLE notes that this rule would not apply to other service providers in the Internet ecosystem (including “social media networks, operating systems, browsers, data brokers, and search engines”) that also access and may collect users’ personal information, but would remain subject to the Federal Trade Commission’s (the “FTC’s”) generally-applicable opt-out regime. By establishing a higher standard for a subset of service providers, the ICLE argues that the FCC would distort the market and potentially increase consumer costs. The ICLE suggests that the rule could also confuse consumers, who mistakenly expect that the opt-in election they make with their BIAS provider will apply to other services they use online.

In a comment submitted July 5, former co-chair of the World Wide Web Consortium’s Tracking Protection Working Group Aleecia M. McDonald positions the FCC’s opt-in proposal in the context of other online privacy regulations in the U.S. and internationally. She sees no support for the concern that an opt-in rule will confuse consumers, and cites the European Union’s invalidation of the U.S.-EU Safe Harbor as an independent reason to adopt an opt-in mechanism more in line with the European regime. Finally, McDonald cites the example of NebuAD, the company that in 2008 contracted with a number of Internet service providers to target advertising to customers using their browsing data on an opt-out basis. Referring to the difference between, on the one hand, the majorities of users who report in surveys that they do not want their information used for advertisements, and on the other hand the reported one percent of customers who actually opted out of NebuAD’s targeting, she suggests that such a stark difference confirms that opt-out regimes do not adequately protect consumers.

The FCC’s Notice of Proposed Rulemaking is captioned In the Matter of Protecting the Privacy of Customers of Broadband and Other Telecommunications Services, and was released April 1, 2016. It reflects the FCC’s 2015 Open Internet Order, which reclassified BIAS under Title II of the Communications Act. In addition to the opt-in requirements, the FCC’s notice also sought comment on whether to require BIAS providers to disclose their privacy policies, whether to provide additional protections for BIAS customers’ personal information depending on its content or category (such as geolocation data), and whether to impose minimum data security obligations on BIAS providers.