On March 1, 2017, the Federal Communications Commission (the “FCC”) voted 2-1 to issue a stay order temporarily halting the implementation of the Protecting the Privacy of Customers of Broadband and Other Telecommunications Services order (the “2016 Privacy Order”). The 2016 Privacy Order was adopted in October 2016 with the intention of imposing greater obligations on broadband Internet service providers and other telecommunications carriers to protect the privacy of their customers. Specifically, the 2016 Privacy Order created three categories for the use and sharing of customer information based on sensitivity: opt-in, opt-out, and exceptions to the consent requirements. In addition, the 2016 Privacy Order imposed new requirements related to notice, customer approval, and breach notification. You can read further about the elements of the 2016 Privacy Order in our previous post. The 2016 Privacy Order faced criticism from broadband industry trade groups, who alleged that it would subject Internet service providers to a different standard than other companies operating in the Internet space.
While broadband lobbyists have supported the stay order, some consumer advocacy groups have objected. Critics of the stay order, such as dissenting FCC Commissioner Mignon Clyburn, argue that the move may leave broadband customers without reassurance that providers will keep their data secure.
In an twist of events that could not have been imagined a year ago, the same day it issued the stay order, the FCC also released a joint statement with the Federal Trade Commission (FTC) agreeing that jurisdiction over online privacy matters should remain with the FTC. The agencies stated that “all actors in the online space should be subject to the same rules” and confirmed their commitment to work together to “establish a technology-neutral privacy framework for the online world.”
The intervening weeks have witnessed the introduction of legislation in the House and Senate to roll back the 2016 Privacy Order using the Congressional Review Act, and the bills’ sponsors must push them through Congress by mid-May.
We will continue to monitor the action at the FTC, FCC and in Congress and will keep you posted here.
Update: On March 23, 2017, the Senate passed a resolution disapproving the broadband privacy rules.