Over the past few weeks, an extensive scare campaign has misled many Americans into believing that Congress and the Federal Communications Commission (FCC) are threatening their Internet privacy. These untrue accusations have generated borderline hysteria, to the point where, as an FCC commissioner, I was grilled by two friends on the topic at a recent wedding. To counter this misinformation, it’s important to understand how data is currently used in the Internet economy, which federal agencies oversee Internet privacy, and the effect of legislation recently enacted by Congress. At the same time, we must consider what can be done to protect consumers’ private information no matter whose hands it ends up in, on and off the Internet.
Everyone should acknowledge a simple truth: The heart and soul of today’s Internet economy is the collection of data, mainly for use in targeted advertising. From commercial companies to political campaigns, advertising dollars are increasingly being spent on the web, rather than on traditional media. Jeopardize this arrangement and a vast number of free Internet features and functions will evaporate in short order.
Take for instance Google, which is one of the largest American companies and certainly a dominant Internet force. It makes a large portion of its overall revenue from the desktop and mobile versions of Google search, even though this service — and Google’s many others, such as YouTube and Gmail — are essentially “free” to use. Its largest revenue stream comprises advertising based on keyword searches from users and ad placements from third parties. It collects, slices, and dices users’ search information for purposes of performance analytics, which allows for greater precision in the targeting of ads to interested consumers — a proven source of profit. It is by no means alone in its approach, as almost every Internet entity (webpages, applications, operating systems, e-mail clients, etc.) collects consumers’ data in one way or another. In fact, those that fail to do so have effectively found themselves shunned by the debt and equity markets.
In terms of current privacy protections, Internet-data collection and use has been and remains effectively overseen by the Federal Trade Commission (FTC), with a few notable exceptions. In particular, in 2015, the FCC decided to impose draconian regulatory burdens on broadband providers under the misnomer of the “Open Internet.” One consequence of the FCC’s decision to assert authority over broadband providers was to dismantle the FTC’s previous role in overseeing the privacy practices of these very same entities.
To address the void it had created, the FCC then decided, in the waning days of the Obama administration, to devise its own privacy regime exclusively for broadband providers. Unwilling to replicate the FTC’s time-tested and sensible approach, the FCC ratcheted up the privacy standard to require new “opt in” procedures for hastily defined categories of data, such as application usage, web-browsing history, and geolocation. This was done even though this data can be used for benign and consumer-friendly purposes.