The rollback of FCC broadband privacy rules.
By Stephani Estes, VP, Digital Strategy and Implementation Director
Last week, the president signed a resolution overturning the consumer privacy protection rules that were approved late last year. This resolution effectively allows internet service providers to sell data about their consumers’ browsing habits without prior consent. It’s been widely decried by consumer interest groups as a betrayal of personal privacy (the creator of Cards Against Humanity even proposed buying and publishing the browsing histories of members of Congress). The advertising industry praised this move, having criticized the original rules for holding ISPs to a different standard than the “edge providers” – Facebook, Google, Netflix, etc.
For those of us in the industry who also value the privacy of our browsing histories, this creates quite the conundrum. Are we super excited at the prospect of all that data for targeting purposes, or are we super bummed about this blow to privacy? The answer, as usual, is somewhere in the middle.
First, the rules around personally identifiable information aren’t changing. The Telecommunications Act prohibits the sharing of “individually identifiable” information. We’re still talking about aggregate data here – yes, for all the talk of using data to target the “right person,” the more appropriate description is really “right people.” So even if we can target a group of people based on their browsing history, we still can’t track that back to an individual’s browsing history. And that means no matter how potentially entertaining and/or frightening, we won’t see anyone publishing a searchable database of members of Congress’ browsing history (without some legal consequence, anyway).
Second, to an extent, this type of data selling has already been happening. ISPs have been in the ad network game for a while now, and proprietary user data is the crown jewel of their sales pitch. However, while ISPs might arguably be sitting on the biggest pile of this data, they’re not the only ones in the game. Proprietary user data is the foundation of walled gardens like Facebook and Google. Herein lies the ad industry’s argument – as edge providers, the Facebooks and Googles of the world are under the purview of the FTC, which has less teeth than the FCC, and they would not have been held to the same standard as the ISPs. From this perspective, overturning these rules has leveled the playing field. As a result, we can expect to see the acquisition strategy from the telcos continue to increase.
If the rules about PII are still the same, and this type of data selling has already been happening, why all the alarm from consumer groups? The rollback on these rules is problematic for a few reasons. First, because this action is an official disapproval under the Congressional Review Act, the FTC is unable to enact any similar rules in the future. With new streams of data on the horizon (like the connected home which, by the way, the ISPs already have a leg up on), the consumer data and privacy landscape is only going to continue to evolve and the inability to adjust to this is short-sighted. Additionally, there is concern around data leakage, especially in the ad tech space. While data leakage is definitely something to be concerned about, if the data that leaks is non-PII, there’s not a whole lot anyone can do with that data.
But the biggest reason we’re seeing so much backlash comes down to three words: without prior consent. Even though consumers may expect marketers to use data to provide personalized experiences – 62% say they expect ads personalized based on what they looked on a site – no one likes the idea of their information being sold to others without their consent. Especially not their browsing history.
So, what does this mean moving forward? Here are a few thoughts:
- The telco acquisition spree will likely continue. As long as ISPs are able to leverage this data, they’ll be looking for ways to monetize it in the long run.
- But don’t expect ISPs to go crazy on selling this data right away – the consumer backlash from this announcement is likely to make most ISPs think carefully about the best path forward. In fact, Matt Hogan, CEO at DataCoup, thinks privacy may become a selling point for ISPs: “With this new regulatory regime, I think privacy will be a differentiating factor” (Forbes).
- Marketers should be mindful of consumer sentiment when it comes to user targeting. Following the DAA guidelines and using Ad Choices is a good start. But ultimately, we need to walk the fine line between personalization and just plain creepy. And the best way to do that is to listen to our consumers and think about the user experience we’re providing.