ISPs, Edge United Against California Privacy Bill

The California state legislature's planned vote Friday (Sept. 15) on a bill, AB 375,  that mirrors the online privacy framework the FCC voted to adopt under FCC Chairman Tom Wheeler, but which was rolled back by Congress earlier this year via a Congressional Review Act resolution, has drawn a crowd and united edge providers and ISPs against its current iteration.

The bill, A.B. 375, has been the focus of much attention this week, including from critics painting it as a threat to privacy, rather than a benefit, and even the former chairman weighing in to offer his support.

In a letter to the chair of the California Assembly Committee on Privacy and Consumer Protection, Assemblymember Ed Chau, dated Wednesday (Sept. 13), Wheeler said he had read the final language of the amended bill and said it would "restore the privacy protections that Congress took away."

He urged the legislature to act decisively and other states would follow its lead to help recreate on a state level what congressional Republicans invalidated on a national level.

Meanwhile, some powerful studios, ISPs and edge providers are united in opposition to the bill in its amended form.

In its own letter to Chau and other legislators, a coalition of companies including Comcast, Charter, Google, Facebook and the Motion Picture Association of America, say the bill is vague and unclear to a degree that has serious effects on consumers and businesses," including a lack of clarity on who the bill covers.

The FCC privacy framework included requiring opt in permission to share information with third parties, but it was only targeted to ISPs. Edge providers do not want that requirement applied to them.

The coalition was suggested that the need for constant permission could inure Web surfers to dangers lurking within the Web. They said the bill "would lead to recurring pop-ups to consumers that would be desensitizing and give opportunities to hackers," adding: "The bill also prevents internet providers from using information they have long relied upon to prevent cybersecurity attacks and improve their service. Thus, the bill at once increases the likelihood of cyber threats while hamstringing businesses from fighting the same threats."

Online ads have appeared on various California political Web sites making the same case about the bill exposing Web users to pop-ups and hackers and desensitizing consumers as the coalition outlined in its letters. The ads click through to protectonlinesafety.com, which is simply a banner that asks them to call their legislator and tell them to vote no on the bill.

The add appears to play off recent cybersecurity breach's and protecting children to make an emotional case against the bill (see illustration).

Chau's Web site describes the bill this way, which certainly makes it sound like the same, ISP-focused framework Wheeler backed: "[It] ensures that consumers enjoy choice, transparency and security in the treatment of their personal information when accessing the Internet through an Internet Service Provider (ISP) by requiring opt-in consent from consumers in order to use, disclose or permit access to customer personal information. It also prohibits ISPs from charging a consumer a penalty, offering a discount, or refusing to provide service, based on the consumer’s opt-in decision, and requires that ISPs implement reasonable security measures to protect customer data and to notify affected customers of a security breach."

A copy of the amended bill was not available at press time.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.