In addition to a bothersome “breach” definition, the Federal Communications Commission (“FCC”), in its April 1, 2016 Notice of Proposed Rulemaking (“NPRM”) concerning ISP privacy regulation, proposes a sweeping definition of personally identifiable information (“PII”). The definition is broad enough to cover virtually every piece of information about an individual. Despite the FCC’s legally necessary finding that ISPs are “common carriers” required to transmit information without undue discrimination, the FCC seems not to have carefully considered an ISP’s unique and limited role in facilitating the exchange of information between and among consenting communicators….
FCC Proposes Bothersome Breach Definition in Privacy NPRM
On April 1, 2016 the Federal Communications Commission (“FCC”) released its Notice of Proposed Rulemaking (“NPRM”) concerning privacy regulation of internet broadband service providers (“ISPs”). The NPRM proposes, among other things, an expansive and vexing definition of “breach.” If not modified, the definition would require notices to customers, the FCC and the FBI of even trivial internal employee access to customer information….