FCC Moves To Ensure Consumers Have Uniform Online Privacy Protection

The Federal Communications Commission issued a temporary stay of a data security regulation that would have subjected Internet service providers (ISPs) to a different standard than that applied to other companies in the Internet ecosystem by the Federal Trade Commission. The regulation would have gone into effect on March 2.

The March 1 decision will maintain a status quo that has been in place for nearly two years with respect to ISPs and nearly a decade with respect to other telecommunications carriers. The stay will remain in place until the FCC is able to act on pending petitions for reconsideration. The stay will provide time for the FCC to work with the FTC to create a comprehensive and consistent framework for protecting Americans’ online privacy. The FTC had proven to be an effective cop on the beat for safeguarding digital privacy. But in 2015, the FCC stripped the FTC of its authority over ISPs’ privacy and data security practices when it adopted the Title II Order. The stay will also ensure that ISPs and other telecommunications carriers do not incur substantial and unnecessary compliance costs while the FCC considers modifications to the rule.

ISPs have been – and will continue to be – obligated to comply with Section 222 of the Communications Act and other applicable federal and state privacy, data security, and breach notification laws. In addition, broadband providers have released a voluntary set of “ISP Privacy Principles” that are consistent with the Federal Trade Commission’s long-standing privacy framework. For other telecommunications carriers, the Commission’s preexisting rules governing data security will remain in place.