The Federal Communications Commission voted on Wednesday to halt part of an Obama-era set of privacy rules that would require internet service providers to get explicit consent before they share consumers' browsing data and other personal information with advertisers.
Some background: Those rules were approved this past October under previous FCC chairman Tom Wheeler, who stepped down once President Trump took office, giving new chairman Ajit Pai and GOP commissioner Michael O’Rielly a 2-1 majority at the agency.
The most famous sect of the rules is set to go in place in December, and would require wireline and mobile ISPs to ensure customers opt-in to any programs that share their web browsing and app usage histories, mobile location data, financial data, and other “sensitive” info with third parties for marketing purposes. The rules would also require ISPs to give “clear, conspicuous, and persistent” notifications of what data they collect and how it may be used.
But like many of Wheeler’s proposals, the privacy rules have faced intense opposition from ISPs and Republican officials, and are now in doubt under Pai's control. ISPs and advertisers have argued that introducing barriers to targeted ads could make it harder to provide certain free content, for one.
Pai and O’Rielly voted against the rules in October. In his dissent, Pai’s main complaint was with what he saw as a double standard: He said that the order unfairly stuck ISPs with stricter rules than internet companies like Google, which are able to harvest and monetize personal data more freely under looser guidelines from the Federal Trade Commission.
Pai says ISPs should be subject to those same guidelines. "All actors in the online space should be subject to the same rules, enforced by the same agency," Pai and acting FTC chairwoman Maureen Olhausen said in a joint statement in Wednesday. "Until that happens, however, we will work together on harmonizing the FCC’s privacy rules for broadband providers with the FTC’s standards for other companies in the digital economy."
That said, it's worth noting that recent court decisions have effectively forbidden the FTC from enforcing "common carriers" — a designation that was applied to all ISPs as part of the most recent net-neutrality rules, which reclassified the internet as a public utility. Pai has long opposed the 2015 Open Internet Order that set those rules in place, and earlier this week deemed the regulation a "mistake." It's also worth noting that more the FTC has to deal with other industries beyond telecommunications.
Wheeler and consumer advocacy groups have argued that any difference in privacy regulations is fair on the grounds that ISPs are able to see everything a customer does over their internet connection, and that it’s harder to switch internet providers than use different apps and websites.
Either way, the the rules were enacted on a limited basis in January, while a provision that would generally require ISPs to “engage in reasonable data security practices” was set to go into legal effect on March 2.
Now, it will not. Last week, Pai called for an emergency vote to stay — i.e., halt further progress — on the data security provision before they could go into effect. Pai said FCC's Wireline Competition Bureau would issue the stay regardless if no vote could take place. On Wednesday, the agency voted 2-1 along party lines to halt the provision, with Democratic commission Mignon Clyburn strongly dissenting.
From here, a further dismantling of the privacy rules appears to be looming. "The Commission’s stay will provide time for the FCC to work with the FTC to create a comprehensive and consistent framework for protecting Americans’ online privacy," the FCC said on a statement announcing the stay. The agency said it plans to keep the data security provision suspended until it is able to "able to act on pending petitions for reconsideration."
That last part is notable: The stay here comes after several telecom, cable, and ad industry groups filed petitions to the FCC to halt the broader set of privacy rules last month. No vote on those has been scheduled yet, but with Pai and O'Rielly in control, it could lead to a rollback of the whole order.
"[W]ith the new FCC, the ends justify the means," Clyburn said in her dissent. "This [data security] Order is but a proxy for gutting the Commission’s duly adopted privacy rules—and it does so with very little finesse."
Beyond the FCC, Republicans in Congress are also looking to undo the regulation entirely through the Congressional Review Act, a mid-'90s law that allows Congress to eliminate select rules from government agencies like the FCC with a simple majority vote. However, that law only gives Congress 60 days to pass such legislation after a given rule goes into effect.
What Pai has halted here doesn’t erase the broader privacy rules as a whole, and doesn’t mean Pai will ignore privacy protections completely. (He’s previously expressed concerns over static IP addresses and other things that could be used to persistently track users online, for instance.) But it is another symbol of his desire to dismantle the regulations set by his predecessor, another likely sign of greater reversals to come, and another win for ISPs.
More From Business Insider