Senate lawmakers voted Thursday to repeal a historic set of rules aimed at protecting consumers’ online data from their own Internet providers, in a move that could make it easier for broadband companies to sell and share their customers’ usage information for advertising purposes.
The rules, which prohibit providers from abusing the data they gather on their customers as they browse the Web on cellphones and computers, were approved last year over objections from Republicans who argued the regulations went too far.
U.S. senators voted by a 50-48 margin to approve a joint resolution from Sen. Jeff Flake (R-Ariz.) that would prevent the Federal Communications Commission’s privacy rules from going into effect. The resolution also would bar the FCC from ever enacting similar consumer protections. It now heads to the House.
Industry groups welcomed the vote.
“Our industry remains committed to offering services that protect the privacy and security of the personal information of our customers,” said NCTA — The Internet and Television Association, a trade group representing major cable providers. “We support this step towards reversing the FCC’s misguided approach and look forward to restoring a consistent approach to online privacy protection that consumers want and deserve.”
Consumer and privacy groups condemned the resolution.
“It is extremely disappointing that the Senate voted today to sacrifice the privacy rights of Americans in the interest of protecting the profits of major internet companies, including Comcast, AT&T, and Verizon,” said Neema Singh Giuliani, legislative counsel for the American Civil Liberties Union.
The FCC didn’t immediately respond to a request for comment.
The agency’s rules are being debated as Internet providers — no longer satisfied with simply offering Web access — race to become online advertising giants as large as Google and Facebook. To deliver consumers from one website to another, Internet providers must see and understand which online destinations their customers wish to visit, whether that’s Netflix, WebMD or PornHub.
With that data, Internet providers would like to sell targeted advertising or even share that information with third-party marketers. But the FCC’s regulations place certain limits on the type of data Internet providers can share and under what circumstances. Under the rules, consumers may forbid their providers from sharing what the FCC deems “sensitive” information, such as app usage history and mobile location data.
Opponents of the regulation argue the FCC’s definition of sensitive information is far too broad and that it creates an imbalance between what’s expected of Internet providers and what’s allowed for Web companies such as Google. Separately from Congress, critics of the measure have petitioned the FCC to reconsider letting the rules go into effect, and the agency’s new Republican leadership has partly complied. In February, President Trump’s FCC chairman, Ajit Pai, put a hold on a slice of the rules that would have forced Internet providers to better safeguard their customer data from hackers.
The congressional resolution could make any further action by the FCC to review the rules unnecessary; Flake’s measure aims to nullify the FCC’s privacy rules altogether. Republicans argue that even if the FCC’s power to make rules on Internet privacy is curtailed, state attorneys general and the Federal Trade Commission could still hold Internet providers accountable for future privacy abuses.
But Democrats say that preemptive rules are necessary to protect consumers before their information gets out against their will.
“At a time when our personal data is more vulnerable than ever, it’s baffling that Senate Republicans would eliminate the few privacy protections Americans have today,” said Rep. Frank Pallone (D-N.J.), the top liberal on the House Energy and Commerce Committee. Pallone added in a statement Thursday that he hoped his House Republican colleagues “will exercise better judgment” when it becomes their turn to vote on the resolution.
On Wednesday, Senate Democrats challenged the idea that the FTC could take responsibility for regulating Internet providers’ privacy practices.
“The Federal Trade Commission does not have the rulemaking authority in data security, even though commissioners at the FTC have asked Congress for such authority in the past,” said Sen. Bill Nelson (Fla.), the top Democrat on the Senate Commerce Committee.