"Any privacy framework should be technology neutral. ISPs are just one type of large platform provider [along with operating systems, browsers, and social media services] that may have access to all or nearly all of a consumer’s online activity."
While this might sound like the position of a broadband provider like Comcast, it was the conclusion of the Federal Trade Commission (FTC) in its comprehensive 2012 Privacy Report. After decades of oversight and study of privacy in the Internet ecosystem, the FTC recommended "a level playing field for companies." As Comcast’s comments filed last Friday show, for decades, the FTC has implemented and maintained a highly successful technology-neutral privacy framework that has helped fuel the growth of the Internet and protected consumer privacy.
The Obama Administration in its "Consumer Privacy Bill of Rights" and its 2012 Privacy Report took a similar approach, recommending "a level playing field for companies, a consistent set of expectations for consumers."
And even FCC Chairman Wheeler endorsed this approach, telling Congress and the public that, "We will do our best to harmonize so that there is a common set of concepts that govern privacy" and "to make sure we’re consistent with the kind of thoughtful, rational approach that the FTC has taken."
Unfortunately and inexplicably, the FCC Chairman now proposes a path that would flip this longstanding and successful U.S. policy framework on its head, and establish onerous privacy regulations on only one specific set of companies in the ecosystem – ISPs – even though nothing has changed in the privacy world that would justify the FCC’s major departure from the technology-neutral approach previously endorsed by the FTC, the Administration, and even Chairman Wheeler himself.
Nothing in the real world, nothing in ISPs’ use of data, nothing in consumers’ views of ISPs or their privacy expectations has changed – yet the Chairman has proposed a radical and harmful departure from the previous consensus approach to privacy – an approach that has been working well.
ISPs have a strong privacy record under the FTC privacy regime. At a recent Senate Hearing on the FCC’s broadband privacy proposal, FTC Chairwoman Ramirez and FTC Commissioner Ohlhausen both strongly stated that the FTC privacy framework had been successful in protecting consumers and in regulating ISPs.
As Peter Swire, renowned privacy expert and former top advisor to Presidents Clinton and Obama, has concluded in a major recent report, ISPs do not have unique access to online customer information, and in a world where 70% of users’ detailed Internet traffic – and over 80% of the top websites – will be shielded from ISPs’ ability to see the traffic by the end of 2016 due to increasing encryption of online content (meaning that the content will be converted into scrambled data and thus shielded from ISPs’ ability to see or decipher it), Swire concluded that ISPs will have even less access to consumer data than when the FTC’s and Administration’s technology-neutral privacy approach was implemented.
Consumers, innovation, and competition will be significantly harmed by this FCC snubbing of the FTC and Administration’s policies. Consumers will be confused - one set of rules will apply to data collected by their ISPs, but an entirely different set of rules will apply to that very same data as it is collected by their browser, mobile operating system, search engine, or social media service. They will also no longer receive offers for discounted product bundles and other innovative services that they have routinely expected and benefited from for many years.
ISPs, which have no toehold in the highly concentrated online advertising market, will be blocked from entering it even though leading Wall Street analysts MoffettNathansen recently concluded, "We can’t think of any other media marketplace with this level of dominance." As a direct result of Chairman Wheeler’s proposal, the losers would be consumers, advertisers and many businesses would be deprived of new competition and the lower prices and innovative new services it could unleash. This is simply inconsistent with the Chairman’s claimed mission of promoting "competition, competition, competition."
It is more like another example of "regulation, regulation, regulation."
It will also hurt the U.S. internationally. The Obama Administration has been vigorously touting the FTC privacy regime abroad as "robust and effective" as it negotiates a "Privacy Shield" program with the EU to allow companies to transfer personal data between the EU and U.S. The FCC’s rejection of the Administration and FTC’s privacy approach will become an important piece of evidence used by opponents to try and discredit the FTC as an effective privacy cop and thereby undermine the Privacy Shield program, which could harm a wide range of U.S. businesses. After all, if the FTC’s privacy framework is so effective, how can it be that a major U.S. regulator has just completely discarded it?
Chairman Wheeler’s rejection of the Administration and FTC’s privacy approach is especially inappropriate because he provides no compelling reason why he is proposing to abandon such an effective, and successful technology-neutral privacy approach. Maybe it’s because there is none.
Recent research shows consumers believe by overwhelming margins (90% vs 8%) that Internet companies should operate under the same set of privacy rules and regulations across the ecosystem. Consumers want the FTC and Administration’s technology-neutral approach, not the inconsistent one the FCC now proposes.
Instead of going down the path of un-neutrality when it comes to privacy, the FCC should adopt the proposals known as the "Consensus Privacy Framework" suggested by a broad cross-section of stakeholders, including Comcast, that will continue to protect consumers just as the FTC has for decades, while continuing to promote competition, innovation, and investment across the Internet ecosystem.