It seems privacy regulations are attempting to catch up with technology, but their path forward remains murky in the wake of a settlement between the FCC and Verizon related to the latter’s use of “supercookies” to track online consumer behavior.
While the commission’s deterrent message to Verizon was clearly communicated through the $1.35 million fine and corrective action plan included in the settlement, the future of privacy regulations was a little less defined.
According to Robert Cattanach, an attorney at law firm Dorsey & Whitney who specializes in regulatory litigation, the settlement has simply set the tone for how the FCC will deal with similar issues going forward.
“The FCC’s settlement with Verizon is significant for three reasons,” Cattanach said. “First, it represents yet another foray by the FCC into the privacy space, until recently thought to be the province of the FTC. Second, it provides further guidance into the kind of activities the FCC considers merit enforcement; supercookies are obviously a sensitive and developing area. Last but not least, it provides some developing insight into how the FCC is inclined to balance what does, and does not, potentially trigger opt-in obligations.”
But the FCC’s action didn’t quite come out of left field.
FCC chairman Tom Wheeler has previously pressed for more privacy regulation, stating in a panel at CES 2016 in January that there should be transparency around what user information is being collected and how it is used, and arguing consumers should have a choice whether or not to participate in that collection.
In the Verizon case in particular, Strategy Analytics Director of Digital Media Michael Goodman said consumer pushback against Big Data likely played a key role in the FCC’s decision to step in and curb Verizon’s practices.
“If there was no (consumer) pushback, I think we’d be much less likely to see regulatory bodies deciding to jump in because there are so many other things on their plate,” Goodman said. “But there’s also a heightened awareness (at the FCC) that there’s a lot going on right now in terms of privacy.”
According to recent research from cloud-based solutions company Syniverse, nearly 90 percent of consumers have some concern when sharing data with brands and mobile operators. Additionally, 40 percent of consumers said they would only reluctantly share basic personal data in order to improve their mobile experience.
Less than 20 percent of the 8,000 consumers across eight countries surveyed said they were willing to share contextual data, such as location, browsing history and shopping habits. Just under 20 percent were concerned their data would be sold to third parties.
A quarter of respondents said they don’t believe their personal data would be kept private or secure.
“The impact of brands having access to contextual data has eroded consumer trust and experience to date,” Syniverse CMO Mary Clark said. “All players in the mobile value chain must rethink their approaches to harvesting, managing and using personal data. They must take a more transparent approach to personalization that empowers control and guarantees data security and privacy.”
What it means
In addressing these consumer concerns with Verizon, Goodman said the FCC chose its target carefully. While he said he doesn’t believe consumer tracking to be unique to Verizon by any stretch of the imagination, Goodman said there are few companies under the FCC’s jurisdiction that have the breadth or scope Verizon does across the digital ecosystem.
“It’s a lot easier for the FCC to regulate Verizon than it is for the FCC to regulate Google,” Goodman said. “While Verizon is morphing into a different kind of company, it is still very heavily regulated and operates very heavily in the FCC’s sphere of influence.”
While the FCC didn’t set any hard and fast rules in the settlement with Verizon, Goodman said the case lays out some loose guidelines for operators to abide by as regulatory bodies seek to catch up rapidly advancing technology.
“In a lot of ways privacy is still a lot like the Wild West in that companies are still feeling out what they can and can’t do,” Goodmand said. “Sometimes companies get out ahead of the curve and that’s when the regulatory bodies step in.”
“It’s not a blanket mandate, but I think it should be taken as a warning if you’re an operator,” he continued. “It’s pretty obvious that some guidelines were just set.”
Rather than passing sweeping rules, Goodman said he believes the FCC will likely continue to consider privacy issues on a case by case basis and will correct individual carriers as violations arise.
“They’re not just going to arbitrarily go after all the operators out there,” Goodman said. “In this case there’s a very specific case here with Verizon and if they see other carriers doing something similar they’re going to come down on them.”
Filed Under: Industry regulations