SACRAMENTO — On Tuesday, July 18th, Assembly Bill (AB) 375, authored by Assemblymember Ed Chau (D-Monterey Park), was approved by the Senate Committee on Energy, Utilities and Communications on a 9-1 vote and the Senate Committee on Judiciary on 5-2 vote. AB 375, the California Broadband Internet Privacy Act, seeks to ensure that consumers enjoy choice, transparency and security in the treatment of their personal information when accessing the internet through an Internet Service Provider (ISP).
“ISPs have a unique ability to track your activity online, like your browsing habits, which can reveal what, when and how long you visit particular sites, and other highly sensitive information about you, including personal or sexual activities, political or religious interests, health or financial problems, and more,” said Assemblymember Chau, Chair of the Assembly Committee on Privacy and Consumer Protection. “This bill will provide consumers with real transparency and control over how their ISP can use, share or sell their personal information.”
On October 27, 2016, the FCC adopted rules titled “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (FCC-16-148). The FCC at the time described the rules as giving “consumers the tools they need to choose how their Internet Service Providers (ISPs) use and share their personal data. Building on widely accepted privacy principles, the rules require[d] that ISPs provide their customers with meaningful choice and keep customer data secure while giving ISPs the flexibility they need to continue to innovate.”
However, before the FCC internet privacy rules went into effect, Congress and the Trump Administration approved a measure (Senate Joint Resolution 34) that repealed the privacy rules adopted by the FCC. A public opinion poll conducted after Congress acted found that 80% of Democrats and 75% of Republicans wanted the President to veto the bill and allow the FCC privacy rules to take effect.
AB 375 broadly protects customer personally identifiable information through an opt-in consent requirement for the use, sale, and sharing of personal information beyond service delivery and other necessary functions. It also prohibits pay-for-privacy practices and penalties for customers who do not consent to unnecessary uses, and requires providers to protect customer information through reasonable security procedures and practices. The bill also allows ISPs freedom to use customer information in open and appropriate ways.
Providing lead testimony in support of the bill on Tuesday were professor Scott Jordan, the former Chief Technology Officer for the FCC under the Obama Administration, Ernesto Falcon, Legal Counsel for the Electronic Frontier Foundation, and Sarah DeYoung, Executive Director for the California Association of Competitive Telecommunications. Also in support were numerous consumer advocacy groups who testified before today’s committees.
“If your ISP wants to collect information about you while you’re surfing the web, and then use it for their own reasons, like selling targeted ads, they should ask your permission first. It’s Your Data. Your Privacy. Your Choice,” concluded Assemblymember Chau.
