ISPs really don’t want to follow new customer data privacy rules

The broadband industry's fight against network neutrality rules is also targeting new privacy regulations that Internet service providers really don't want to follow. The new privacy rules haven't even been formulated yet. When the Federal Communications Commission reclassified broadband providers as common carriers in order to impose net neutrality rules, it also stated its intent to enforce Section 222 of Title II, which requires telecommunications carriers to protect the confidentiality of customers' proprietary information. However, the commission's existing privacy rules cover telephone service rather than broadband, so the FCC said it will conduct a separate rulemaking proceeding before implementing any privacy requirements on Internet providers.

ISPs anticipate having to follow some version of the FCC's Customer Proprietary Network Information (CPNI) rules that are applied to phone service, and they claim it will be a major burden. The extra work caused by protecting customer privacy is one of the recurring themes in declarations made by ISPs as part of the lawsuit filed on May 1 by the American Cable Association and National Cable & Telecommunications Association. There are 137 mentions of CPNI in the cable companies' petition. "Petitioners’ members would face extensive burdens to comply with Section 222(c)(1), including the creation of processes to ensure that CPNI is not used in marketing without customer approval," the petition states. Lots of cable companies already have to comply with CPNI requirements because they offer phone service. The FCC's CPNI rules cover not only the traditional Public Switched Telephone Network but also the VoIP telephony service offered by cable companies and other Internet providers.