A consumer privacy group is urging the Federal Communications Commission (FCC) to tighten rules regulating the ways Internet service providers (ISPs) are allowed to collect information on their customers. The Center for Digital Democracy (CDD), which advocates for consumer rights and protections, issued a report yesterday claiming that the practice of mining and selling consumer data is widespread among ISPs.
The CDD said that the ability of ISPs to identify consumers regardless of what devices they use and combine that information with sensitive offline information has functionally eliminated many of the privacy protections the government has previously put in place.
Partnering with Data Brokers
“ISPs have formed partnerships with powerful data brokers (including Acxiom, Krux, and Oracle Marketing Cloud), gaining new insights into our online and offline behaviors,” the CDD said on its Web site. “They are incorporating state-of-the-art ‘big data’ practices, such as ‘programmatic advertising’ that instantaneously buys and sells individual consumers — to financial marketers, fast-food companies, and health advertisers, for example — all without the consumer’s knowledge.”
The result is that ISPs have transformed TV and digital video into new sources of personal information, the CDD said. They do that by analyzing set-top box and streaming video data for consumers’ viewing habits, and combining that information with personal data such as financial, health, racial, ethnic, and location information to compile detailed “digital dossiers” on millions of Americans, according to the CDD.
The FCC is currently considering a change to its rules proposed by its chairman, Tom Wheeler. The new rules would seek to give consumers more control over their own data, while providing stricter regulations of what ISPs are allowed to do with the data they collect.
The proposed regulations include new rules regarding the responsibility of ISPs to keep their customers’ data secure, require them to alert customers when they have suffered data breaches, and give consumers the opportunity to opt in or opt out of different ways their ISPs want to use their information. The commission will vote on the proposal on March 31.
Addressing the Data-Targeting Relationships
The CDD said the FCC should examine all the ways that broadband networks operated by ISPs gather and use consumer information. “The review and policy proposals need to address the data-targeting relationships that ISPs have with leading digital marketing companies, including ad exchanges, data brokers, and advertisers,” the CDD said.
In addition, the advocacy group urged the regulator to adopt privacy and consumer protection rules to provide individuals with rights over their data, including a set of practices that addresses the current data collection methods of ISPs.
“These companies should not be allowed to share data with affiliates or to use information for marketing their services without the informed, prior consent of the customer,” the CDD said. “Policies for privacy are essential as well for a competitive digital video market.” Otherwise, powerful ISPs and other gatekeepers will be able to control the primary way programming is financially supported and distributed, the CDD added.