Today, the City of Seattle issued Seattle IT rule 2017-01 requiring the City’s key internet service providers to obtain permission from their customers before selling web browsing history and personally identifiable information at a detailed or aggregate level. This rule reinstates a key consumer privacy protection eliminated by the U.S. Congress and the Trump administration last month.
What does this rule do?
The City of Seattle Information Technology Department (ITD) Director’s Rule 2017-01 requires cable companies that offer an internet service to obtain permission before sharing a customer’s web browsing activity or other internet usage history. Cable operators must attest to compliance with this rule by September 30, 2017, and annually thereafter.
Why is the City of Seattle issuing this rule?
Mayor Murray believes protecting the privacy of internet users is essential to a free and open society. In April 2017 the Trump administration repealed rules issued by the Federal Communications Commission (FCC) that would have would have banned internet service providers from sharing or selling certain types of customer information without user consent. Because of this repeal at the national level, the City is using powers at its disposal to implement a similar rule and protect the rights of our public.
Does the City have the authority to regulate the privacy of broadband internet service customers?
Seattle Municipal Code SMC 21.60 (“Cable Code”) provides the regulatory framework under which cable operators may operate in the City of Seattle. In 2002, the City enacted privacy protections codified at SMC 21.60.825 to address concerns that advances in technology would greatly increase the capabilities of Cable Operators to collect, use and disclose their customer’s personally identifiable information without the customer’s permission. These privacy protections prohibit cable operators from collecting or disclosing any information regarding a customer’s use of a non-cable service, such as internet use, without the prior affirmative consent of the customer.
The City’s privacy law is in all respects consistent with 47 U.S.C. § 551 and designed to ensure cable operator compliance with local and Federal law.
Which internet service providers are subject to this rule?
Cable operators franchised by the City of Seattle who provide an internet service are subject to this rule. As of May 3, 2017, this includes Comcast, CenturyLink, and Wave Broadband.
What internet service providers are not covered by this rule?
Internet service providers operating in the City of Seattle that do not have a cable franchise agreement are not subject to this rule. Wireless internet providers, such as AT&T, Sprint, T-Mobile, and Verizon are not subject to this rule.
While this rule limits how internet service providers may use a customer’s web browsing activity or other internet usage history, it does not limit the ability of websites or other companies offering online services from tracking a user’s activity.
What protections does the City provide to cable customers?
Since 1999, the City of Seattle’s “Cable Customer Bill of Rights” has provided the public with strong protections to ensure competent, responsive service from cable operators. The Rights were modified in 2002 and 2015 to add privacy protections to address concerns that advances in technology would greatly increase the capabilities of cable operators to collect, use and disclose their customer’s information without the customer’s permission. Learn more about the Rights and how to report a comment or complaint by visiting http://www.seattle.gov/cable.