[brantg]

I also don't fully understand this. Jumping in to see if someone can clarify.

Here's the text of the bill (it's pretty short): https://www.congress.gov/bill/115th-congress/senate-joint-re...

It looks like all this does is undo an FCC rule from Dec 2, 2016. My understanding is that if this passes, our internet privacy will be the same as it was on Dec 1, 2016.

Am I wrong? Why is this so bad?

[mikeyouse]

> Am I wrong? Why is this so bad?

Prior to August 2016, the FTC regulated all aspects of consumer protections. Unfortunately, the FTC has a specific call-out ceding authority to the FCC for certain parts of the regulation of 'common carriers', which ISPs fell into.

AT&T sued and said that the FTC carve-out for common carriers means that the FTC can't regulate any part of their business, not even consumer protections like data privacy. In August, the US Court of Appeals ruled in favor of AT&T, which meant that the FCC would have to enact new rules and would have responsibility for consumer protection with regards to common carriers.

The FCC passed consumer protection rules in October (which came into force in December). The FCC has authority on rulemaking unless there's an explicit congressional action saying otherwise. So along comes the new Republican Senate and they pass this bill to nullify the FCC rules. It's written ambigiously enough that you'll likely need another act of congress to undo it, which would require a Democratic congress / senate / President.

In summary: before August, the FTC protected your data. Since last winter, the FCC was protecting it. If this passes, nobody will be protecting it.

[brantg]

Great summary - thanks.

I read into it a bit more. The original FTC suit was brought against AT&T in 2014, but in 2015 the FCC reclassified ISPs as common carriers under Title II. So the 9th Circuit's August ruling just reflected that reclassification by the FCC.

The FCC's new consumer protection rules from last year are much harsher for ISPs than the previous FTC rules, so now there is a two-tiered system of data protection.

Senator Flake suggested in the WSJ that he wants the FCC to come up with consumer protection rules for ISPs that use the FTC's framework. (Source: https://archive.is/hKz0a)

To protect consumers from these harmful new regulations, I will soon introduce a resolution under the Congressional Review Act to repeal the FCC’s flawed privacy rules. While the resolution would eliminate those rules, it would not change the current statutory classification of broadband service or bring ISPs back under FTC jurisdiction. Instead, the resolution would scrap the FCC’s newly imposed privacy rules in the hope that it would follow the FTC’s successful sensitivity-based framework.

This seems pretty reasonable, but we still need Congress or the FCC to come up with another system that will fill the regulatory gap left by the 2015 rule change.

[dannyobrien]

Worth reading this: https://www.eff.org/deeplinks/2017/03/three-myths-telecom-in... -- essentially, there was a court decision that moved privacy enforcement of ISPs from the FTC to the FCC. The FCC took up the mantle with the new rule. Now Congress is undoing the FCC regulation, ISP privacy won't be governed by either the FCC or the FTC.

[DrScump]

Actually, privacy rules continue to be the same as before Trump (since Obama pulled the FTC's authority over broadband, anyway).

No element of that rule change, implemented weeks after the election, could possibly have taken effect before next December. (There are complex notification requirements that could push parts of it out even longer).

[brantg]

Good point. So if this passes, nothing changes.

[DrScump]

If the bill becomes law, the existing Obama-era rules stay in place, but the one difference is that the limitation is encoded in statute law as opposed to just an administrative rule... so another act of Congress (another passed and signed bill) would be necessary to override it.