Over the last several years, the Federal Communications Commission (FCC) has been taking a more active role both in anticipating the need for ever greater communications network security measures necessary to counter threats as well as potentially forging a new role in protecting the integrity of data that flows through the Internet. The latest evidence of this security consciousness is a recent Notice of Inquiry (“Notice”) adopted by the FCC seeking information to better understand the scope of Border Gateway Protocol (BGP) routing system security vulnerabilities, and the means to address them.
Following up on a mandatory 2019 request for information issued by the Federal Trade Commission (FTC) to the largest Internet Service Providers (ISPs) in the United States, the FTC staff in late October issued a Report titled – A Look at What ISPs Know About You: Examining the Privacy Practices of Six Major Internet Service Providers. Among the agency staff’s general findings on ISP data collection and use practices, the most striking perhaps is the apparent degree of integration among ISPs and advertisers with respect to their data collection and use practices. The report also highlights the tools ISPs offer to customers to either manage or control many types of ISP data collection and use.
The information presented in the Report is aggregated and de-identified and has been supplemented with information gathered from follow-up FTC staff questions and meetings with the ISPs that were the subjects of the FTC information request. The Report’s summary of information on real-world ISP data practices could prove useful as Congress wrestles with the potential for federal privacy legislation and states review the need for legislation.