News
U.S. ISPs must obtain consent from customers before sharing their personal information.
The U.S. Federal Communications Commission (FCC) this week adopted new rules that give consumers more control over how broadband providers use their personal data.
Under the new rules, first proposed in March, customers must explicitly opt-in to allow their ISP to share information that is considered sensitive, such as precise location, financial and health information, their children’s information, social security number, Web browsing and app usage history and the content of communications.
ISPs will be allowed to use and share non-sensitive information – such as email address, and tariff information – unless the customer opts out.
Customer consent is inferred for certain purposes, such as information gathered during the provision of broadband service or billing and collection.
The FCC’s commissioners voted three-to-two in favour of the new regulations on Thursday.
"Today, the Commission takes a significant step to safeguard consumer privacy in this time of rapid technological change, as we adopt rules that will allow consumers to choose how their Internet Service Provider uses and shares their personal data," said FCC chairman Tom Wheeler, in a statement.
In addition to rules governing consent, the new rules require ISPs to provide clear, conspicuous and persistent notice about the information they collect, how it may be used, and with whom it may be shared. Customers must also be told how they can change their privacy preferences.
Broadband providers must also engage in data security practices and to inform customers and law enforcement of breaches.
