We recently told you that the Federal Communications Commission was cracking down on Verizon's use of a so-called "supercookie." The supercookie allowed Verizon to track its customers' mobile browsing to any website. And even though there was a way to opt out, the cookie remained in place no matter what.
The FCC decided that not only was the supercookie unacceptable for customer privacy, Verizon was wrong to take years before telling customers it was tracking them. Learn more about the saga of Verizon's supercookie and what the FCC is making Verizon do. Now it seems that FCC's tussle with Verizon is just part of a larger attempt to improve consumer privacy online.
The problem as the FCC sees it is Internet service providers. As we've mentioned in the past, ISPs can see just about everything you do online, including the sites you visit and how long you spend there. Cellular providers can also track your physical location. They can turn around and use this information for advertising and other purposes.
On March 31, the FCC will vote on some proposed privacy rules to limit this behavior. If they pass, they'll be opened for public comment and then receive a final vote later this year. You can read the full rules here (PDF), but here's the net effect:
1. ISPs can no longer share your information with third parties unless you opt in.
2. ISPs currently assign you a unique ID number and tie your browsing information to that number. The new rules would prevent them from tracking you using a unique number.
3. ISP subsidiaries can only use your information for communications-related services. If they want to use your information for advertising, you have to agree.
4. The rules won't stop some ISPs, such as AT&T, from charging more to not track what you do while browsing. The FCC is moving in stages and will tackle this later.
5. The rules only apply to metadata, such as site addresses and visit durations. ISPs can still record and use the content of sites you visit to advertise to you. Fortunately, they can't see the content of encrypted sites.
Even if ISPs aren't sharing your information without permission, they still store it. That means a data breach can still reveal a ton of information about you. The FCC's rules do have sections that will force ISPs to better protect against data breaches and notify customers sooner when a data breach occurs.