Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Government Privacy Businesses Republicans Security The Internet Technology

FCC To Halt Rule That Protects Your Private Data From Security Breaches (arstechnica.com) 119

According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening. The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches. The rule would be blocked even if a majority of commissioners supported keeping them in place, because the FCC's Wireline Competition Bureau can make the decision on its own. That "full commission vote on the pending petitions" could wipe out the entire privacy rulemaking, not just the data security section, in response to petitions filed by trade groups representing ISPs. That vote has not yet been scheduled. The most well-known portion of the privacy order requires ISPs to get opt-in consent from consumers before sharing Web browsing data and other private information with advertisers and other third parties. The opt-in rule is supposed to take effect December 4, 2017, unless the FCC or Congress eliminates it before then. Pai has said that ISPs shouldn't face stricter rules than online providers like Google and Facebook, which are regulated separately by the Federal Trade Commission. Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards. According to today's FCC statement, the data security rule "is not consistent with the FTC's privacy standards."
This discussion has been archived. No new comments can be posted.

FCC To Halt Rule That Protects Your Private Data From Security Breaches

Comments Filter:
  • by TimothyHollins ( 4720957 ) on Friday February 24, 2017 @06:25PM (#53926443)

    Wow.

    Your guy Trump sure is sticking it to the corporations and elites, eh?

    • Re: (Score:3, Funny)

      by Anonymous Coward

      I know you are being sarcastic, but clearly you are forgetting about her emails.

    • To be fair, Ajit Pai was Asshat Number One at the FCC before Trump, too. It's just that he's in charge now.

      Not that Wheeler was all that wonderful either; but Pai seems to regard consumers as an unpleasant side effect of business. He's the sort of Randian who longs for the days of the robber barons.

      Hell, the guy used to be Associate GC at Verizon. That's not a job they hand out to someone inclined to protect consumer interests.

  • BeauHD (Score:5, Funny)

    by PopeRatzo ( 965947 ) on Friday February 24, 2017 @06:36PM (#53926495) Journal

    What does data security have to do with technology? This is why I don't come to Slashdot any more.

    • Re: (Score:1, Insightful)

      by Anonymous Coward

      Are you trolling? Slashdot had a section called "Your Rights Online" for as long as I can remember, which dealt with issues like this. This matters because it's a serious privacy issue and the FCC's position is ridiculous. It is ridiculous to equate an ISP to companies like Facebook and Google. It's definitely possible to avoid Facebook and Google by not using their services and blocking their trackers that are embedded within other sites. I block Facebook's scripts and Google analytics, which accomplishes

    • This is why I don't come to Slashdot any more.

      And yet you are here.

      • This is not the PopeRatzo you are looking for...
      • Re:BeauHD (Score:5, Informative)

        by PopeRatzo ( 965947 ) on Friday February 24, 2017 @08:31PM (#53926971) Journal

        And yet you are here.

        That was supposed to be the punchline. I hate to be the guy who has to explain his own jokes, but every BeauHD article comment section seems to have one knucklehead who's complaining about SJWs or some such and the comment is always, "What does Grace Hopper have to do with tech? Slashdot has really gone downhill. That's why I don't come here any more."

        Irony is hard enough to pull off in plain text, and I've been drinking since 10:30am, so I apologize.

        • by Anonymous Coward

          Irony and sarcasm are no longer recognizable to many. I'm not sure why this is exactly but my guesses are:

          A) People now interpret everything as being literal.

          B) Reading is hard.

          C) Too many big words.

          D) Donald Fucking Trump

          Sad...

  • by ewhac ( 5844 ) on Friday February 24, 2017 @06:36PM (#53926499) Homepage Journal
    Not fooled.

    How convenient that Mr. Pai neglected to mention that AT&T was sued in 2014 by the FTC for false advertising -- namely, describing their mobile Internet service as "unlimited" when in fact they would throttle you or cut you off after you exceeded undocumented limits.

    AT&T argued that, because the package included voice service, the dispute was outside the FTC's jurisdiction and should properly have been brought by the FCC. Mindbogglingly, the 9th Circuit agreed. ( https://consumerist.com/2016/0... [consumerist.com] )

    So Pai's claim about wanting to achieve regulatory harmony and improved demarcation between agencies is unvarnished bullshit. He's trying to create more opportunity for regulatory arbitrage and pitting one federal commission against another.

  • Net Neutrality is about the government staying out of your networks, or at the new FCC chairman puts it:

    Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards

    Somewhere in here is a real story but you aren't getting it from the summary.

  • Boggle! (Score:3, Insightful)

    by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Friday February 24, 2017 @06:41PM (#53926525) Homepage

    As a European I am astounded that companies don't already have a requirement to keep personal data safe. It is something that I just expect to happen. OK: I do realise that what the law says and what companies actually do can be very different, but still - companies do get fined over here for lax security. This must be why people tell me that the USA is not a safe country for personal data.

    • by Nutria ( 679911 )

      There are laws in the US that mandate PII be kept secure, and the gov't & people notified of breaches.

      That's what puzzles me about this.

      • by Anonymous Coward

        From EFF's comment on the specific privacy rule under dispute:

        "The FCC describes ISPs as the most significant component of online communications
        that poses the greatest threat to consumer privacy. This description is inconsistent with
        the reality of the online communications ecosystem. Internet users routinely shift from
        one ISP to another, as they move between home, office, mobile, and open WiFi services.
        However, all pathways lead to essentially one Internet search company and one social
        network company. Pr

    • > As a European I am astounded that companies don't already have a requirement to keep personal data safe. It is something that I just expect to happen.

      Of course there are laws. Several of them. This submission is just BeauHD spouting more utter bullshit.

      Yesterday, the FCC decided that some of the hundreds of thousands of Title II regulations originally written to regulate the phone companies would apply differently to small ISPs. BeauHD claimed the order said "ISPs are now allowed to lie about their

    • Not sure everyone who made this happen knows what "consequences" means.

    • by Anonymous Coward

      The gap between who the people voted for and who ends up in the office is where the consequences lie. If the majority person was in office, he'd try to make the lives of the majority better, to keep a majority.
      On the other hand, if POTUS candidate conspires with a foreign government, getting hacking help and propaganda and possibly funding, then he'd block cyber security bills. Undermine government investigatory powers. Refuse to open his books for inspection. Put people in power more for their loyalty not

  • by Anonymous Coward
    That's what the Internet is becoming: If you use it, assume records of everything you're doing, all information pertaining to you, bank account numbers, credit card numbers, SSN, ID card numbers, passcodes, you-name-it, will be available to the highest bidder -- and criminals -- regardless of HTTPS (MitM attacks from ISPs) or any other precautions you might take. Plan on switching back to paper bills in your snailmail and writing checks for everything, and paying cash at the grocery store, otherwise when th
  • by PoopJuggler ( 688445 ) on Friday February 24, 2017 @06:52PM (#53926569)
    Well, there's one more step backwards for the US. We'll be back in the 1950's in no time at all, while the rest of the world moves forward.
    • by Anonymous Coward

      He's making America great again*

      Isn't this what you people wanted __and__ voted for?

      *meaning great for the people with money and who make the rules.

  • FTFA:

    But the privacy order stressed that following these standards is "voluntary" and that "providers retain the option to use whatever risk management approach best fits their needs." If there are complaints about security, the FCC would decide whether the ISP has implemented reasonable data security practices based on a few factors.

    So ISPs don't have to do anything. But whatever they do, the FCC can step in and decide if it was enough - after the fact. Sounds like a half-baked regulation that should be tossed.

  • Of course (Score:5, Insightful)

    by JustAnotherOldGuy ( 4145623 ) on Friday February 24, 2017 @07:05PM (#53926625) Journal

    "According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority."

    Republicans screwing over the American public? This is my shocked face.

    • by Anonymous Coward

      "According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority."

      Republicans screwing over the American public? This is my shocked face.

      You see if companies implement reasonable measure to protect privacy then it might be more difficult to hack and use that information against their political enemies. It is sort of like the White House's actions earlier today.

      I believe it goes something like this.
      1. Classify everything that might embarrass the government. (even though they aren't suppose to.)
      2. Be able to have their people troll through private email and such without warrants to help find any leakers.
      3. Make the press less likely to accep

    • It's vague and arbitrary rules without clear enforcement that screw over the American public, and that's what this looks like. This looks more like an FCC power grab and possibly even a way for the FCC to shield ISPs against legal claims.

      If your ISP leaks your information, you should be able to hold them responsible in court (if need be, via a class action lawsuit). That's far better than FCC rulemaking.

  • The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches.

    That sounds like a very pro-consumer rule, doesn't it? Except, it really isn't, because "reasonable" is pretty arbitrary, and so is FCC enforcement. More likely than not, such a rule is simply an excuse for ISPs to say "we took reasonable steps, so if something happened

  • I have never seen so many shills jump in so quick - even on slashdot. This is even worse that nukes and climate combined. Come on guys. I would personally welcome a VP of communications for for one of our new corporate overloads jumping in and saying, "hi I'm joe/jane doe, a VP at mega corp. Here is why I think this is important....and why I think this is a good idea. ...." We can engage in a meaningful conversation then. We might agree. We might disagree. But I would take you seriously and listen to
  • OP should READ and COMPREHEND before cutting ans pasting.

    This rule uses the legally indefinable word, "reasonable" which renders it unenforceable and a total waste of everyone's resources.

    That's why it's being killed.

    Trump /= Emmanual Goldstein

  • Pai is wasting no time kicking that nepotism into high gear.

  • As far as I can tell there are only two states of affairs: Business is regulated, leading to government monopoly over price controls. Not good for the consumer when the government is corrupt, as nearly all are or will become. Business is not regulated, leading to corporate monopolies over price controls. Not good for the consumer as corporations are only ever concerned with profits and they are quite happy to band together to price-fix things and drive out any competition with anti-competitive practices.
  • I know that providing false information to the feds is a crime but does that apply to your ISP. Just make up a SSN and remember it. Where do they have the authority or source to check or verify your provided info ?

  • by JWW ( 79176 )

    In truth all ISPs should be required to log NOTHING from their customers.

Keep up the good work! But please don't ask me to help.

Working...