FCC Releases Privacy Order: Rules Impact ISPs and Traditional Telecom Service Providers


The Federal Communications Commission (FCC) on Thursday released its final privacy order, adopted last week by a 3-2 vote of the Commission.  The 219-page order issues rules applying privacy regulations to ISPs for the first time, including new rules relating to customer transparency, treatment of sensitive data, and data security.

A key feature of the new privacy order is that it harmonizes previous iterations of FCC privacy rules, including CPNI, with the new rules relating to ISPs.  The new framework applies to all telecommunications service providers, interconnected VoIP providers, and ISPs.  As a result, all FCC regulated businesses should familiarize themselves with the new rules:

  • ISPs of all sizes will be impacted by the privacy order.  ISPs will be required to become compliant with the new rules, and should consider developing a comprehensive compliance plan.

  • Providers of telecommunications services and interconnected VoIP services, including providers of both voice and data services, should begin to familiarize themselves with changes in CPNI rules that may impact their existing practices.  In particular, these companies may need to replace their existing internal data security practices to comply with the new rules, and may be able to take advantage of the elimination of antiquated CPNI compliance requirements.

  • Wireless providers / MVNOs providing telecommunications services should become familiar with the new rules, including a new provision that could hamper their ability to use or share customer data to market information services, which would require customer approval under the new rules.

Implementation of the FCC’s order will occur throughout the coming year.  Straightforward compliance requirements regarding providing incentives for giving up privacy rights take effect 30 days after the rule is published in the federal register, while other more complex requirements will become effective anywhere from 90 days to one year from the date of publication in the federal register.

Businesses are advised to begin planning for compliance with the new rule to avoid a potential enforcement action and to ensure compliance when the rules come into effect.  Companies should also be aware that during the interim existing privacy law and CPNI rules remain in effect. 

The CommLaw Group’s Privacy Attorneys Know FCC Compliance

The CommLaw Group has helped countless regulated clients develop strategies for complying with FCC regulations.  We can help your business build a long term plan to achieve ongoing compliance with the FCC’s new privacy rule.  To learn more, please contact Linda McReynolds, CIPP/US, at lgm@commlawgroup.com, or 703-714-1318, or Alexander Schneider, at ais@commlawgroup.com, or 703-714-1328.

ATTORNEY ADVERTISING DISCLAIMER: This information may be considered advertising in some jurisdictions under the applicable law and ethical rules. The determination of the need for legal services and the choice of a lawyer are extremely important decisions and should not be based solely upon advertisements or self-proclaimed expertise. No representation is made that the quality of the legal services to be performed is greater than the quality of legal services performed by other lawyers

Sign Up To Receive Our
Advisories and Compliance Alerts

Sign up for our email list to receive notifications regarding new advisories and news