FCC rules that ISPs need consent before selling your data, but Google and Facebook still don't

FCC building in Washington

The Federal Communications Commission's headquarters in Washington, D.C.

Credit: Federal Communications Commission

Like online privacy?

I know, the term seems like an oxymoron, but the FCC is trying to protect consumer data with a new ruling that says broadband providers need to get opt-in consent before sharing user information with third parties. But the ruling only goes so far and can't touch other companies that know a whole lot about you.

In IT Blogwatch, we want to know who can still sell our data.

What is happening? First, some background, provided by Brian Naylor:

ISPs...collect information about the movies we watch, the websites we visit and, in the case of smartphones, the...physical locations of where we are. It's a valuable trove of data, which the ISPs typically...package to data brokers and marketers without consumers' knowledge or permission.

So what is the deal with this new ruling? David Shepardson has the details:

The U.S. Federal Communications Commission on Thursday voted...to adopt new privacy rules that...will force companies like AT&T...Verizon Communications Inc and Comcast Corp to obtain consumer consent before using certain user data for advertising and internal marketing.
...
Providers must get...consent for details like precise geo-location, financial information, health information, children’s information, web browsing history, app usage history and communication content. For...information...like email address or service tier information, consumers will be able to opt out.

That's a lot of information they'll have to get permission to share. What else does the ruling say? Abhimanyu Ghoshal fills in the blanks:

ISPs will [also] have to provide customers with...notices about the sort of data they collect, how it could be used and who it will be shared with...providers will still be able to collect and sell anonymized data that can’t be tied to a specific person or device.
...
In addition, the FCC has introduced guidelines for ISPs to...secure customers’ sensitive data. Plus, if they suffer a security breach, they’ll be required to notify affected customers within 30 days of the issue being discovered.

And what does this ruling not cover? Grant Gross is in the know:

The regulations...do nothing to stop web-based companies like Google, Facebook, Yahoo and Twitter from collecting and sharing the personal data of their users...Commissioner Ajit Pai...said...the tougher privacy rules for ISPs will lead to consumer confusion.

So what does the public think? Save the farms knows we're not there yet:

There is still a huge distance to go to assure privacy...The FCC touched what they could, broadband providers, but there's a huge road ahead and it's not clear who controls that discussion.
To express your thoughts on Computerworld content, visit Computerworld's Facebook page, LinkedIn page and Twitter stream.
Related:
From CIO: 8 Free Online Courses to Grow Your Tech Skills
Shop Tech Products at Amazon
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.