ISPs Subject to Enforcement of Morphing "Reasonable, Good Faith" Efforts in Interim

At a speech at the Brookings Institution on Friday, Chairman Wheeler stated that the Commission intends to issue a Notice of Proposed Rulemaking to begin the process of developing privacy rules applicable to broadband Internet providers. As discussed in a previous blog post, the rulemaking proceeding will likely probe providers’ current operations and practices, and may propose rules limiting provider use and disclosure of data, requiring specific opt-out/-in consents, and establishing notice, authentication, and breach reporting obligations.

Although the Commission previously intimated that the rulemaking would be initiated shortly following the Open Internet Order, the Chairman’s comments indicate that the timeline has likely slipped from summer to autumn, leaving ISPs to use undefined "reasonable, good faith" efforts – which may be determined at the Commission’s discretion. Until more clarity is provided through the adoption of formal rules, providers may consider taking a few practical steps towards compliance proposed in our post about the Commission’s May 2015 privacy enforcement advisory here.