“You can’t stop Seattle!” intones a now en vogue TV spot for Delta Airlines. The ad could just as easily pertain to the jurisprudence of Judge James Robart who was the first to block the Trump travel ban or to the vigilance of mayor Ed Murray and City Hall as it does to airline hubs. Particularly when it comes to protecting the rights of citizens from the overreaches of federal mandates.
City of Seattle CTO, Michael Mattmiller, relates how mayor Murray was not going to take the ill-conceived surveillance demands of the FCC and its “Trumped-up,” Obama-era rollbacks without objection.
“When the president and Congress repealed the rule, the mayor directed us to look for the authority the city already had to restore — or perhaps not restore, but make a rule like it,” Mattmiller said.
As the mayor has proclaimed, the city “will act” when it sees the national government stripping “critical consumer protections” — in this case, it’s filling in the gap the FCC has left open.
ITD Director’s Rule 2017-01 will oversee the administration of privacy rule SMC 21.60.825. Simply put, the new rule requires that if you live in Seattle, cable companies must obtain your consent before sharing your web browsing history and other data whenever it’s needed for something besides essential service.
ITD Director’s Rule 2017-01 : “Cable Operators are required to obtain opt-in consent before sharing a customer’s web browsing history or otherwise use such information unless it is necessary to render a service ordered by the customer or pursuant to a subpoena or valid court order authorizing disclosure, or to a governmental entity.”
The Internet Service Providers affected include Comcast, CenturyLink and Wave who together account for a large majority of broadband subscribers in the city. ISPs that do wireless or satellite connections technically aren’t bound by the cable rules, and are unaffected for now.
In addition to getting opt-ins from consumers, ISPs will have to provide a privacy statement to city authorities for inspection yearly, and if they do any aggregating and anonymizing of data, provide their methods and reasons for doing so.
May 24 is the first deadline for compliance with the rules. If you live in Seattle, you may receive an update from your Internet provider asking you to opt into their data collection scheme. But you might not, which either indicates that the ISP doesn’t plan on collecting and selling your data footprints or decided to shut it down before the 24th.
Firms will have until September 30th to show that they’re honoring the rule, and they’ll have to prove compliance on an annual basis after that. They’ll also need to explain how and why they need to aggregate or anonymize data. [24×7]