A staff report from the US Federal Trade Commission (FTC) found Thursday that many internet service providers (ISPs) are collecting and sharing large amounts of data from their customers without offering them meaningful choices regarding the use of such data.
The information report stems from a series of orders issued by the US FTC in 2019 under Section 6(b) of the Federal Trade Commission Act and covers data collection practices of six major ISPs, including AT&T, Verizon Wireless, T-Mobile, and Google Fiber.
These ISPs together make up 98% of the mobile internet market in the US. They also offer a range of other services, including voice, content, smart devices, advertising, and analytics, which increases the volume and type of consumer data they can collect.
The report identified “troubling data collection practices” among several of the ISPS, including combining data across product lines; categorizing customers into sensitive categories such as race, ethnicity, sexual orientation, political affiliations, economic status, and religious beliefs; targetted advertisement through combining personal, app usage and web browsing data; and sharing real-time location with third party customers.
Although many ISP companies provided privacy protections and promised not to sell consumers’ personal data, they allowed this data to be “used, transferred and monetised” by third parties. They were also hiding disclosures about such practices in fine print, leading and nudging customers towards sharing even more information. Thus, while these ISPs claimed to offer customers choices about the collection and use of their data, their privacy policies made it difficult for customers to exercise this right effectively.
The Chair Lina Khan said the report highlights fundamental questions around conditioning the use of essential technologies. The FTC has said it will use its legal authority to “put in the nondiscrimination rules, privacy protections, and other basic requirements needed to create a healthier market.”