The big picture: As internet providers evolve from just being in our homes to being in our pockets, it is increasingly important to understand what kinds of data they collect on us, who they share it with, and how it is used. With these concerns in mind the FTC has launched a probe into several ISPs to see how they use our data and if they are following the rules.
On Tuesday, the Federal Trade Commission announced it would be conducting an investigation into the privacy practices of several internet service providers. The inquiry comes only a month after the FTC formed its Technology Task Force to look into tech-related concerns.
The commission is looking for information related to how private customer data is handled at the ISP level including “policies, procedures, and practices.” Seven companies are named in the investigation — AT&T Inc, AT&T Mobility LLC, Comcast Cable Communications (Xfinity), Google Fiber Inc, T-Mobile US Inc, Verizon Communications Inc, and Cellco Partnership (Verizon Wireless).
"The Commission is authorized to issue the Orders to File a Special Report by Section 6(b) of the FTC Act. The Commission vote to issue the orders was 5-0."
The FTC says the audit is being conducted due to the evolving nature of telecom into “vertically integrated platforms.” Only a handful of years ago we had ISP and telephone providers as completely separate entities. Now the line has been blurred to the extent that the FTC is curious as to how similarly or dissimilarly the companies operate in terms of privacy and targeted advertising and whether they are breaking any existing rules.
“The FTC is initiating this study to better understand Internet service providers’ privacy practices in light of the evolution of telecommunications companies into vertically integrated platforms that also provide advertising-supported content. Under current law, the FTC has the ability to enforce against unfair and deceptive practices involving Internet service providers.”
The specifics of the information the FTC is looking for includes categories of collected data; whether the information is aggregated, anonymized or “deidentified;” data collection notifications and disclosures sent to customers; the amount of control consumers have over their information; and what processes companies have in place to allow customers to access, correct, or delete their data.
The companies listed have been sent 6(b) orders to turn over the non-public information. The telecoms have 45 days to comply.