The FCC’s Internet Privacy Rules Undone

It was the biggest news in tech and telecom in March: Congress voted to repeal FCC internet privacy rules intended to protect consumer privacy online. Media outlets from Fortune Magazine to the New York Times rushed to put out information on how to set up VPN’s to cater to the unease felt by many internet users over Congress’ actions. Yet, despite the sudden uproar over the change, there is little discussion on what exactly Congress repealed, and why. Considering how new these online privacy rules were—put into effect in October of 2016—it is difficult to imagine that they had become a staple of consumer protection in such a short time. So, what exactly were the rules in question, and why did Congress repeal them?

Commissioner Tom Wheeler’s Last Minute Agenda

On the eve of Donald Trump’s inauguration, the FCC, still chaired by Tom Wheeler, seemed poised to resist the new administration’s intentions to roll back Obama-era regulations. In the midst of this arose a controversy. While it is customary for the Chairman of the FCC to step down during a change of administration, Chairman Wheeler appeared prepared to hold on to his position. His decision infuriated both sides of the isle, eventually forcing him to step down.

This was the end of his controversial tenure at the FCC, made more controversial by the fact that under Obama, the FCC passed a myriad of “midnight regulations” at the last possible moment. Among these were a set of internet privacy rules designed to impose stricter consumer protections. These new rules, however, were minor in scope and accomplished little, although they did stir up a great deal of controversy.

The Internet Privacy Rules in a Nut Shell

An infamous viral story from the early 2010’s essentially encapsulates what the FCC’s internet privacy rules were intended to accomplish. The story involves a father who received promotional mailers targeting his daughter with pregnancy and baby products. The problem was, his daughter was only 16. Furious, the father complained to the sender, Target. What he learned shocked the internet: Target knew that his daughter was pregnant before she ever told a soul in her family.

How could Target possibly find out the man’s daughter was pregnant before anyone else? It all has to do with the flow of information on the internet. Every page view, query, and request made by an internet user first passes through the service provider they pay for internet. These internet providers in turn store every bit of data on their users that pass through their systems and sell that data to advertisers. Target knew the girl was pregnant because it bought data from her internet provider that showed she had visited web pages related to pregnancy.

This story, and several others like it, caused an uproar among consumer advocacy groups. For years, they have clamored for rules to improve consumer privacy online, and in October of last year the FCC took a first step toward achieving that aim. Pushed by Chairman Wheeler, the new rules required internet providers to receive permission from consumers to sell their data. It was a minuscule change, but one which stirred controversy nonetheless.

Opponents of the rules argued that they were inherently unfair. Internet providers now had a proverbial hoop to jump through to be able to sell consumer data, whereas competing online services, such as Google and Apple, who also collect user data and sell it, would not be required to receive the same permissions from consumers.

What Did the New Rules Accomplish?

The breadth and scope of the internet privacy rules passed in October was negligible. The new rules accomplished virtually nothing. This is true for two reasons:

1. The FCC has limited resources, and therefore limited ability to enforce the rules that were passed. This is increasingly the case as Congress has pushed for years to reduce their funding.
2. Acquiring consumer permission for selling their data is exceptionally simple. A quick update of the terms of use of the service, which all consumers must agree to, and providers can continue to sell consumer data with little to no interruption.

A Political Move?

What did the new rules accomplish? Perhaps they were never intended to protect consumer privacy, but instead bring to light an issue that has long been ignored by the government. In rescinding the rules, lawmakers energized consumer advocacy groups, who have taken on this issue as their new rallying cry. When the rules passed in October, there was little coverage or excitement. In their undoing, there is now a national dialogue about consumer privacy that has taken on a new energy and character. Perhaps this was the goal of Chairman Wheeler all along: the rules were never supposed to survive, they had to be removed to incite a national dialogue that one day might lead to more effective policy. We know from his last act as Chairman that he had a penchant for playing politics.