Speakers Differ on Need for FCC Privacy Involvement

"Encryption is spreading widely," said Peter Swire, Georgia Institute of Technology law and ethics professor, saying he doesn't agree ISPs have "comprehensive" visibilities into user Internet activity, as the letter suggested. "ISPs see less than you think." Swire cited the increased use of multiple networks by a single user, the number of new encryption tools and the number of devices used as reasons encryption is more prevalent. "Search is overwhelmingly encrypted today," and that should affect the policy debate on that issue, he said: "Encryption applies broadly today to key Internet activities," including e-commerce, search, social networking, over-the-top messaging, video and webmail.

David Robinson, principal at the consulting firm Upturn, disagreed with assumptions that Internet users have more access to encryption, but agreed a growing portion of the Internet is becoming encrypted. A lot of cloak and dagger efforts can be undertaken by those who wish to "zealously" protect their privacy online, but not many everyday consumers are in a position -- or feel the need -- to do that, said Robinson. "Only 40 percent or slightly less than 40 percent of federal '.gov' websites are encrypted," he said: "If you're submitting a whistleblower [statement] to the Department of Agriculture," it won't be encrypted. Robinson said the appropriate question to ask is whether an ISP should be permitted to use a consumer's information for purposes other than managing the network. "The truth is that [an ISP's] privacy choices are unlikely to drive many members away from its service." Robinson also said a lack of choice of broadband providers plays into the discussion of ISP privacy practices, and how much data a consumer "surrenders" to the ISP -- or "what [the providers] determine is the price of admission" -- becomes "a very important question for regulators."

Jim Halpert, a risk management lawyer with DLA Piper, warned of placing more privacy restrictions on ISPs, saying that could harm investments and broadband competition. "If we care about competition in broadband, which is a part of the whole premise of FCC regulation, we don't want to create a huge barrier to what will be substantial investments," said Halpert. "From a public policy perspective, we need to think about whether we move toward a world where a tiny fraction of the Internet ecosystem is subject to a far, far greater degree of regulation than anybody else." He said the online advertising community, in which ISPs play a "very small role," has access to far more of consumers' information than Internet providers do. "There is much greater restraint on broadband ISPs acting creepy with consumer data" because they would lose significant money if customers switched providers, he said. Halpert questioned the necessity of moving ISPs under the FCC's regulatory thumb for privacy issues while the rest of the Internet community is still monitored by the FTC. "It's a little bit arbitrary to focus on this particular part of the ecosystem and say that we really need to regulate these [ISPs] and leave everybody else under the FTC's regime," he said. "If the FTC regime is good enough for others, it ought to be good enough for ISPs."

Daniel Castro, Information Technology and Innovation Foundation vice president, said he "has a hard time seeing in this space where there is compelling reason to regulate differently." Castro asked if any panelists knew of a single ISP that didn't give its consumers the option to opt out of advertising and data collection practices, and if not, then what the reason is for any FCC intervention. Castro also said he doesn't think the FCC is interested in price regulating ISPs: "I don't think that's good policy. I don't think that the ISPs are doing something [non-unique] in this space when compared to other industries."