FCC chairman Tom Wheeler said broadband operators must obtain opt-in consent from subscribers before making certain use of their data, although his proposals were more lenient in other areas.
The proposals come at a time of heightened interest in privacy and security matters in the mobile industry.
They cover mobile and fixed broadband operators but not internet firms such as Facebook and Twitter, which could prove controversial.
Today, companies are mostly free to collect subscriber data for their own purposes, and even to share with third parties.
The proposal comes in the same week as the FCC fined Verizon $1.5 million for violating subscribers’ privacy through the use of so-called supercookies.
Wheeler’s proposal separates the use and sharing of information into three categories. Firstly, there is consent inherent in a subscriber’s decision to purchase a provider’s service. Under the Wheeler proposal, customer data necessary to provide broadband services, and for marketing the type of broadband service, would require no additional customer consent beyond the subscriber-provider relationship.
For example, data can be used to bill for telecommunications services and ensure email arrives at its destination, and a broadband operator may use the fact that a consumer is streaming a lot of data to suggest they may consider upgrading to another speed tier of service.
Secondly, broadband operators would be allowed to use customer data for marketing other communications-related services and to share customer data with their affiliates that provide communications-related services, unless the customer opts out.
Finally, all other uses and sharing of consumer data would require an express opt-in consent from the subscriber, which is potentially limiting for operators.
Wheeler also proposes a data security standard and minimum data breach notification requirements.
The proposal will be voted on by the full commission at a 31 March open meeting and, if adopted, would be followed by a period of public comment.