Federal regulators on Monday will move to stop certain privacy regulations from going into effect that were designed to safeguard consumers' personal information from hackers and criminals, according to multiple people familiar with the matter.
The stay by the Federal Communications Commission will release broadband companies such as Verizon, Comcast and AT&T from previously approved rules requiring them to adopt "reasonable" security measures protecting Social Security numbers, Web-browsing history and other information belonging to their customers. Without that portion of the rules, Internet providers will not need to implement consumer protections that prevent the unauthorized release of Americans' personal data, though some companies have voluntarily pledged to support a number of principles that include data security.
The security rules were set to go into effect early next month. But following petitions from numerous industry groups, the FCC is attempting to put the data security rules on ice.
In response to a request for comment, an emailed statement from the FCC Friday appeared to confirm the proposed stay, with FCC Chairman Ajit Pai signaling he hoped the agency's two Republicans and its lone Democrat could agree to vote on the petitions before the data security rules go into effect on Thursday. But Pai does not need a formal vote to initiate a stay of the data security provisions, according to the FCC's bylaws; policy analysts say he can authorize officials to suspend those aspects of the rules independently. In its statement, the FCC indicated that Pai would be willing to take that step.
The affected regulations are part of a much broader package of privacy rules, approved in the waning days of the Obama administration, that forced Internet providers to honor some of the same consumer protections that govern legacy telephone service. Privacy advocates hailed the rules' passage as a significant victory. But now, a key portion of that package appears to be on shaky ground — and more may be at stake.
Pai and other Republicans have vocally criticized the overall privacy rules, arguing they establish a double-standard that treats Internet providers more harshly than Web companies such as Google or Facebook, which also rely on consumer data to sell advertising and drive their businesses.
"Chairman Pai believes that the best way to protect the online privacy of American consumers is through a comprehensive and uniform regulatory framework," the FCC said in its statement. "All actors in the online space should be subject to the same rules, and the federal government shouldn’t favor one set of companies over another."
Consumer groups argue that Internet providers are uniquely situated to monitor Americans' behavior. Unlike Google or Facebook, which can track people's activity generally only when they use their services, broadband companies enjoy a wide-ranging view into customers' browsing habits because their entire function is to get users from one website to another, privacy advocates argue.
Some of the nation's most powerful trade organizations have petitioned the FCC to roll back the bulk of the privacy rules. The group includes associations representing the cable industry, the telecom industry and the cellular industry, along with some consumer technology groups. The petitions argue that the FCC's rules cover far too much ground, and that they should be scaled back.
Although the FCC is moving to block a small slice of the rules, it may still decide to overturn the rest of them later in response to the petitions.