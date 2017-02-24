FCC To Halt Rule That Protects Your Private Data From Security Breaches (arstechnica.com) 37
According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening. The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches. The rule would be blocked even if a majority of commissioners supported keeping them in place, because the FCC's Wireline Competition Bureau can make the decision on its own. That "full commission vote on the pending petitions" could wipe out the entire privacy rulemaking, not just the data security section, in response to petitions filed by trade groups representing ISPs. That vote has not yet been scheduled. The most well-known portion of the privacy order requires ISPs to get opt-in consent from consumers before sharing Web browsing data and other private information with advertisers and other third parties. The opt-in rule is supposed to take effect December 4, 2017, unless the FCC or Congress eliminates it before then. Pai has said that ISPs shouldn't face stricter rules than online providers like Google and Facebook, which are regulated separately by the Federal Trade Commission. Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards. According to today's FCC statement, the data security rule "is not consistent with the FTC's privacy standards."
Your guy Trump sure is sticking it to the corporations and elites, eh?
I know you are being sarcastic, but clearly you are forgetting about her emails.
Yes, because the only thing protecting the consumer is the Government. (Pay no attention to NSA, FBI, and the Border Guards.) There is a Million Regulators March on Washington being planned for — you guessed it — April 15th. Be there to show your support!
By making it less likely that an ISP will be (frivolously) sued for violating the nebulously unclear standard to take "reaso
Re:The Million Regulators March on Washington (Score:4, Insightful)
Yes, because the only thing protecting the consumer is the Government.
Yes, because we have so much robust competition in the ISP market now! We don't need any government intervention, my local monopoly ISP has all my best interests at heart. If they provide poor service or screw me over, I can just switch to - oh, wait, I can't.
By making it less likely that an ISP will be (frivolously) sued for violating the nebulously unclear standard to take "reasonable" measure measures, Trump's government lowers the cost of the legal insurance, which lowers the total cost of doing business. And that's a good thing for both producers and the customers alike.
Of course, because Comcast/Verizon/etc are totally going to pass those savings on to me, the consumer, rather than pad their executives' bonuses or pay more dividends to stockholders.
With fewer useless regulations, maybe, it will become more robust.
What makes you think, this is the likelier outcome?
Why is this not happening with pizzerias or sneakers?
Why am I paying the same price for 75 Mbps up/down today, that I used to pay for 35 Mpbs up/down 6 years ago?
The answer: competition. It is competition, that keeps the services improving and/or the prices dropping.
Once you have a monopoly — such as "Single Payer" education, or healthcare, or Internet-Service provision — the price goes up and the quality goes down.
How is it good for customers? Their bills will continue to be same or go up and they'll shoulder all the burden to clean up the identity theft issue after the data breach.
What does data security have to do with technology? This is why I don't come to Slashdot any more.
And yet you are here.
Oh, Very Fscking Hilarious, Pai... (Score:3)
How convenient that Mr. Pai neglected to mention that AT&T was sued in 2014 by the FTC for false advertising -- namely, describing their mobile Internet service as "unlimited" when in fact they would throttle you or cut you off after you exceeded undocumented limits.
AT&T argued that, because the package included voice service, the dispute was outside the FTC's jurisdiction and should properly have been brought by the FCC. Mindbogglingly, the 9th Circuit agreed. ( https://consumerist.com/2016/0... [consumerist.com] )
So Pai's claim about wanting to achieve regulatory harmony and improved demarcation between agencies is unvarnished bullshit. He's trying to create more opportunity for regulatory arbitrage and pitting one federal commission against another.
Net Neutrality is about the government staying out of your networks, or at the new FCC chairman puts it:
Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards
Somewhere in here is a real story but you aren't getting it from the summary.
As a European I am astounded that companies don't already have a requirement to keep personal data safe. It is something that I just expect to happen. OK: I do realise that what the law says and what companies actually do can be very different, but still - companies do get fined over here for lax security. This must be why people tell me that the USA is not a safe country for personal data.
There are laws in the US that mandate PII be kept secure, and the gov't & people notified of breaches.
That's what puzzles me about this.
But the privacy order stressed that following these standards is "voluntary" and that "providers retain the option to use whatever risk management approach best fits their needs." If there are complaints about security, the FCC would decide whether the ISP has implemented reasonable data security practices based on a few factors.
So ISPs don't have to do anything. But whatever they do, the FCC can step in and decide if it was enough - after the fact. Sounds like a half-baked regulation that should be tossed.
Republicans screwing over the American public? This is my shocked face.
It's vague and arbitrary rules without clear enforcement that screw over the American public, and that's what this looks like. This looks more like an FCC power grab and possibly even a way for the FCC to shield ISPs against legal claims.
If your ISP leaks your information, you should be able to hold them responsible in court (if need be, via a class action lawsuit). That's far better than FCC rulemaking.
That sounds like a very pro-consumer rule, doesn't it? Except, it really isn't, because "reasonable" is pretty arbitrary, and so is FCC enforcement. More likely than not, such a rule is simply an excuse for ISPs to say "we took reasonable steps, so if something happened it wasn't our fault."