In 2015, new internet privacy laws came into effect that shifted responsibility for internet service provider (ISP) oversight from the Federal Trade Commission (FTC) to the Federal Communications Commission (FCC). One key provision? That service providers needed "opt-in" consent from users before selling or otherwise monetizing their personal data. In March 2017, the government voted to repeal these laws, ostensibly shifting the industry back toward a free market. Here's what small business owners need to know about this internet rule rollback.

The Problem of Privacy

So why all the back-and-forth about privacy?

It starts with classification. Until recently, ISPs were classified as "information service providers," governed by Title I of the Telecommunications Act of 1996 and monitored by the FTC. But, as noted by Business Insider, some lawmakers became concerned about anti-competitive behavior among ISPs and pushed for providers to be reclassified as "telecommunication providers" under Title II of the Telecommunications Act. The Open Internet Order did exactly that and made ISPs subject to FCC regulations concerning bandwidth throttling, data collection and third-party monetization.

Not everyone was happy with the new arrangement; some felt that the reclassification put ISPs at a disadvantage over "edge services" such as Google and Facebook, which aren't as strictly regulated, and effectively limited the free market aspect of the growing internet industry.

As NPR notes, the new Republican government rolled back these internet privacy laws in March, arguing that fractured FTC/FCC control over privacy created confusion for the market and didn't benefit consumers.

Small Business Impacts

For small business owners, the rollback poses a number of potential challenges, particularly for those engaged in e-commerce. Most notably, consumer data can now be stored and sold without any consent from users, which means that many online shoppers will be looking for sites and services that can guarantee a modicum of protection for collected and stored data.

Put simply, it's a matter of trust — while many ISPs do offer "opt-out" policies or promise that they will not sell user information, this is often a hard sell for users. As noted by The Verge, for example, providers are obligated to collect at least some personal data, in the form of customer proprietary network information, which includes user names and addresses and which is required for any internet connection. They also monitor user connections, in part to optimize the data path between requested services or webpages and home computers — and in part because this data is valuable.

What does this mean for you? That any time a customer visits your website, browses products or makes a purchase, some data is collected, stored and possibly sold by an ISP to marketing firms, or used by the ISP to serve up targeted content. Understandably, many users don't want this data shared — especially when it comes to online financial transactions. As a result, it's now critical for small businesses to offer their own brand of privacy protection to address user concerns.

One option? Choose HTTPS over HTTP connections on your website. This encryption protocol protects any transactional data from eavesdropping and effectively cuts off a critical data supply. However, it doesn't obscure which websites users are visiting or how they're interacting with those sites. So it's also worth considering a virtual private network (VPN), which creates an encrypted "tunnel" and effectively obscures anything that happens inside from prying eyes. Consumers get the benefit of privacy, and your business gets a boost from better data security.

Internet privacy laws are changing — and may well change again in the near future. Adopting privacy-first policies can help you promote user loyalty and ensure consumer data stays secure.

Tags: Privacy