9 Ways To Bulletproof Your Privacy Policy

The Federal Communications Commission has rejected a consumer group's request to force websites "like Google, Facebook, YouTube, Pandora, Netflix, and LinkedIn" to honor "Do not track" requests from users.

The FCC's Nov. 6 ruling has implications far beyond this specific case. This dismissal affirmed the FCC's previously stated view that it would not directly control web content or practices just yet, pending "further rulemaking."

This was a really smart move on the FCC's part and is aligned with its previous positions that it did not wish to be the "Czar of the Internet," only the traffic cop for it. If it had applied rules that were written for phone lines into the digital age, the cries of outrage would have been deafening and worldwide. Instead, the FCC said in its original reclassification ruling that it was interested in the behavior of ISPs only when it affected how data was transmitted and not in the data itself that was being transmitted.

California-based Consumer Watchdog, which describes itself as "a nonprofit, nonpartisan consumer advocacy organization" that specializes "in the application of state and federal consumer protection laws," filed its petition in June.

In it, Consumer Watchdog asked the FCC to require "edge providers" to honor "Do not track" requests. It named Google, Facebook, YouTube, Pandora, Netflix and LinkedIn in the petition as examples of these edge providers. The petition asked that these kinds of websites should allow people to use their services without giving them derived data in return.

Such requests, which have been around for a few years, are just that -- requests. For websites that are dependent on ads as revenue, there is little incentive to comply.

{Image 1}

In the petition the consumer advocacy group also stated:

Consumers' privacy concerns about the Internet extend far beyond the broadband providers who are impacted by Section 222. Many consumers are as concerned -- or perhaps even more worried -- about the online tracking and data collection practices of edge providers. Because activities by edge providers pose the same threat to widespread broadband adoption as any privacy practice of broadband Internet access service providers, the Commission should, in addition to the CPNI rules it intends to adopt, promulgate rules protecting the unauthorized use of consumers' personal information by requiring edge providers to honor "Do not track" requests.

The key to the group's argument was that when the FCC reclassified ISPs as common carriers in 2015 under Title II of the Communications Act of 1934, that it applied "Sec. 222 Title II protections for customer proprietary network information (CPNI) to broadband, but not the phone-specific rules on how to protect that privacy."

In other words, Consumer Watchdog said the FCC had established an authority over ISP privacy practices, but not specific sites on the Web.

In its decision, the FCC said it had already considered Section 222 changes when it reclassified ISPs as common carriers.

It noted that while the existing rules were written for voice services, the Commission had held when it reclassified that it was "not persuaded that the Commission's current rules implementing section 222 necessarily would be well suited to broadband Internet access service [BIAS]. It therefore forbore from applying the section 222 rules to BIAS services, 'pending adoption of rules to govern broadband Internet access service in a separate rulemaking proceeding.' At the same time, the Commission specified that in reclassifying BIAS, it was not 'regulating the Internet, per se, or any Internet applications or content.' Rather, as the Commission explained [at that time], its 'reclassification of broadband Internet access service involves only the transmission component of Internet access service.'"

This made the petition "inconsistent with the Commission's articulation of the effect of its reclassification of BIAS and the scope of the privacy practices it stated that it intends to address pursuant to that reclassification."

[Read Firefox 42 Blocks Tracking Ads, Enhances Private Browsing.]

While it may be possible that further privacy rulemaking may occur in the future, the arguments in the petition were based on regulations that the FCC had already decided were not applicable to the Internet. Thus, the petition was dismissed.

In reaction to the FCC's decision, Consumer Watchdog vowed to press state regulators, Congress, and the courts to better protect Internet users' privacy, according to a statement by John M. Simpson, Consumer Watchdog's Privacy Project director.

We believe the FCC has the authority to enforce Internet privacy protections far more broadly than they have opted to do and are obviously disappointed by this decision. Requiring that Do Not Track requests be honored is a simple way to give people necessary control of their information and is in no way an attempt to regulate the content of the Internet.