Vote Explanation for S.J.Res. 34 — Providing for congressional disapproval under chapter 8 of title 5, United States Code, of the rule submitted by the Federal Communications Commission relating to Protecting the Privacy of Customers of Broadband and Other Telecommunications Services

How would you feel if Verizon, Comcast, or any other internet service provider sold your personal information and online search history without your consent? Amazingly, this doesn’t bother the majority of Republicans in Congress.

S.J.Res. 34 would overturn a rule issued by the Federal Communications Commission (FCC) that requires broadband providers to clearly disclose privacy policies and obtain consumers’ “opt-in” permission before sharing certain customer information with other companies.

In October 2016, the FCC adopted new privacy and consumer data security rules requiring Internet service providers to safeguard Americans’ personal info when they go online. There are three main components of this rule:

  1. Providers must clearly ask for their customers’ permission to collect and share sensitive personal data collected over the network — including internet browsing history, email contact, and app usage — with advertisers and other third parties;
  2. Providers would need to take “reasonable measures” to secure consumers’ information; and
  3. Providers must notify customers within 30 days if hackers breach the system and if more than 5,000 consumers are impacted, the company must notify the FBI, Secret Service, and the FCC within 7 days of the breach.

Proponents of this legislation argue that the FCC rule is another “midnight regulation” that was done in the final months of the Obama Administration, and that it is duplicative of enforcement measures already in place by the Federal Trade Commission (FTC). However, by law the FTC can’t regulate the business practices of common carriers.

Moreover, the FCC’s disclosure and consent requirements for internet service providers are more stringent than the FTC’s privacy rules, which remain in effect for other internet services offered by so-called edge providers, including Amazon, Facebook, and Netflix.

Congressional disapproval resolutions like this one prevent federal agencies from enacting “similar” rules in the future. Tying the hands of the FCC and preventing the agency from implementing consumer privacy enforcement is dangerous. At a time when consumer data security is increasingly at risk from foreign hackers, this congressional resolution will make Americans more vulnerable to foreign and domestic cyber threats. For these reasons, I opposed this legislation.