Internet service providers have a tendency to slurp user data, and since federal protections were reversed in 2017, ISPs are largely free to monetize customer browsing data without so much as consent or even an opt-out. The state of Maine aims to change that with the passage of a new bill.
The state's Senate voted unanimously to pass the bill, after the bill found similar favor in the state House. The bill, LD 946, requires ISPs to obtain consent before collecting, disclosing, selling or permitting access to customer information. LD 946 outlines exceptions where ISPs can use customer information without consent, such as honoring a court order or in case of emergency services.
BREAKING: the Maine Senate just voted UNANIMOUSLY to pass strongest ISP privacy protections in the nation. LD 946 now goes to the governor's desk. #mepolitics— ACLU of Maine (@ACLUMaine) May 30, 2019
According to the text of the bill, personal information includes browsing history, application usage, and geolocation data -- the latter of which is at the center of a class-action lawsuit against major wireless carriers. The legislation also outlines an exhaustive list of information considered personally identifying that a service provider wouldn't be allowed to touch without consent.
The bill reads that ISPs cannot refuse service to or otherwise penalize a customer for withholding consent. Additionally, ISPs will not be permitted to provide customers with discounts for their consent. The bill's language echoes a similar theme to that of the one passed in California last year, in that states are fed up with the sweeping disregard and fleeting lip service from ISPs regarding consumer privacy.
The bill is currently awaiting a signature from Governor Janet Mills before being enacted into law.