Internet service providers are asking the Federal Communications Commission to reject privacy advocates' requests for rules that could restrict broadband providers' ability to serve targeted ads to subscribers.
Instead, the National Cable & Telecommunications Association, CTIA and other organizations representing Internet access providers argue that any new FCC privacy rules should be consistent with the Federal Trade Communications' approach.
"We believe it is important to maintain a consistent privacy framework for the Internet," the organizations write today in a letter to FCC Chairman Tom Wheeler. "Such an approach will protect consumers and avoid entity-based regulation that would create consumer confusion and stifle innovation."
The FTC enforces laws against deception and unfairness, but doesn't generally require ad-tech companies that collect data about adults to follow specific privacy standards. Historically, when the FTC has brought privacy lawsuits against online ad companies, the cases stem from allegations that the companies didn't follow their own privacy policies.
"To achieve parity across the Internet ecosystem, any FCC framework for Internet service providers should be reflective of the deception and unfairness standard, consistent with the existing protections consumers receive when they engage with other companies in the Internet ecosystem," the organizations state.
The broadband providers add that consumers expect "consistent privacy standards based upon the sensitivity of the information and how it is used regardless of which entity in the Internet ecosystem uses that data."
Not everyone agrees that ISPs should be held to the same privacy standards as other companies.
Jason Kint, CEO of the publishers' group Digital Content Next, points out that ISPs have unique abilities to track people. "I believe Verizon made it fairly clear last year that ISPs are in a unique position to collect and disseminate tracking data across their networks and expose it to even more external third parties. So no, I don't think this is enough to protect consumers and maintain trust in a digital age," he says.
Kint was referring to Verizon's decision to insert unique headers -- a type of supercookie -- into all mobile traffic. The ad network Turn was able to draw on these headers to compile profiles of users who deleted their cookies.
The broadband providers' letter comes as the FCC appears ready to move forward with new privacy rules. The agency's authority to issue those rules comes from its recent decision to reclassify Internet service providers as common carriers -- a move that subjects broadband providers to some of the same confidentiality requirements rules as telephone companies.
When the FCC issued the net neutrality rules last year, it said it would consider issuing new broadband-specific rules, as opposed to applying the same rules imposed on telephone companies. Since then, regulators have advised broadband providers to follow the “core tenets of basic privacy protections,” but haven't suggested specific regulations.
Last month, around 60 advocacy groups asked the FCC to prohibit broadband providers from collecting and sharing data about consumers without their explicit consent. The organizations -- including the Center for Democracy & Technology, Center for Digital Democracy, Consumer Federation of America, Electronic Frontier Foundation and Free Press -- argued that broadband providers' role in the Internet gives them a "comprehensive view of consumer behavior."
Several days later, the Open Technology Institute at New America warned in a report that broadband providers pose unique risks to consumers' privacy. That group pointed out that ISPs have access to nearly all sites users visit -- including doctors' sites -- as well as people's usage patterns.
On Thursday, privacy advocates panned the broadband carriers' proposal. Jeff Chester, executive director of the Center for Digital Democracy, characterized the industry's letter as "an attempt by the phone and cable giants to stop the FCC from protecting the privacy of broadband consumers."
He added: "What’s needed now are proposed strong safeguards and a public process so consumer and privacy groups can put on the record all the ways the phone and cable companies undermine consumer privacy."
Claire Gartland, consumer protection counsel for the Electronic Privacy Information Center, points out that the FTC's powers regarding privacy are limited because the agency lacks rule-making authority. Instead, it polices companies by determining after the fact whether they duped consumers by failing to honor privacy policies, or engaging in other deceptive and unfair practices.
Gartland says EPIC is hoping that the FCC issues "strong rules" regarding privacy.
Katharina Kopp, director of privacy and data for the Center for Democracy & Technology, adds that broadband providers have access to "particularly sensitive data, which warrants particular privacy protections."
At the same time, she says the organization will urge the FCC to consider broadband regulations that are more flexible than the existing privacy rules governing telephone-service providers.