FCC Chairman Wheeler issued a Broadband Consumer Privacy Proposal Fact Sheet and announced that a Notice of Proposed Rulemaking (NPRM) on the same issue is presently in circulation at the Commission and is expected to be put to a vote during the March 31st meeting.
The Fact Sheet’s discussion of the privacy framework for broadband data is consistent, in principle, with the privacy rules governing traditional telecommunications services. However, there are a number of key issues not detailed in the Fact Sheet, such as the definitions of “broadband data” and “communications-related services,” and how anonymous and aggregate data will be treated, among other items. We will provide a complete analysis of these and other issues once the full NPRM is released in the coming weeks.
For the time being, it is worth noting that the Fact Sheet indicates that the NPRM will go beyond merely requiring ISPs to implement reasonable security measures to protect broadband data. Specifically, the Fact Sheet indicates that the upcoming NPRM will “require broadband providers to adopt risk management practices; institute personnel training practices; adopt strong customer authentication requirements; identify a senior manager responsible for data security; and take responsibility for use and protection of customer information when shared with third parties.”
With this NPRM the devil will be in the details, and we will report back once we learn further information at the FCC’s Open Meeting and when we receive a full text of the release.