State Broadband Privacy Legislation
IntroductionAfter Congress rescinded the FCC's broadband privacy rules, several state and local governments have stepped forward with legislation to protect broadband users. Many of the proposed laws would require ISPs to obtain affirmative consent before the ISPs would be allowed to collect, use, or disclose their subscribers' personal information.
Washington's Broadband Privacy Bill
Washington State is one of the states in which broadband privacy legislation has been introduced. The bill, as introduced, would prohibit ISPs from using or disclosing "sensitive" customer information without prior consent from the customer and allow customers to "opt out" of their ISPs using or disclosing "non-sensitive" customer information. The bill would also require ISPs to take reasonable measures to protect customer personal information and to notify customers of the ISP's privacy policies.
What's Missing from Washington's Bill?
Like the FCC broadband rules it largely mimics, Washington's bill only applies to ISPs. Other internet services like Google and Facebook would not be subject to the bill.
- The confidentiality of electronic communications should be protected.
- Privacy considerations must be recognized explicitly in the provision, use, and regulation of telecommunication services.
- The collection of personal data for telecommunication services should be limited to the extent necessary to provide the service.
- Service providers should not disclose information without the explicit consent of service users.
- Service providers should be required to make their data collection practices known to service users.
- Users should not be required to pay for routine privacy protection.
- Service providers should be encouraged to explore technical means to protect privacy.
- Appropriate security polices should be developed to protect network communications.
- A mechanism should be established to ensure the observance of these principles.
- FCC: Broadband privacy rules and fact sheet
- NCTA v. FCC (concerning privacy of CPNI)
- EPIC: Comments on the FCC's proposed broadband privacy rulemaking
- EPIC: January 2016 letter to the FCC on broadband privacy
- EPIC: June 2016 letter to the FCC
- EPIC: March 2017 letter to the Senate Commerce Committee on Oversight of the FCC
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
by Ryan Calo, A. Michael Froomkin,