STATEMENT OF COMMISSIONER JESSICA ROSENWORCEL Re: Protecting the Privacy of Customers of Broadband and Other Telecommunications Services, WC Docket No. 16-106. Check your mobile phone, turn on the television, or pick up a newspaper—wherever you look privacy is in the headlines. From debates about encryption to discussions of data security and cybersecurity, privacy is making news—and making its mark on our economy and our consciousness. That’s because a number of forces have collided to make privacy both more important and more complicated. First, connection is no longer merely convenient. We live in an always-on world. Our commercial and civic lives are migrating to online platforms with ferocious force and speed. The opportunity to opt out of this new digital age is limited. Its advances are too bountiful, they save us time and money, and they inform all aspects of modern life. Second, the number of parties participating in our digital age connections and transactions has multiplied exponentially. It used to be that the lone communications relationship was between a customer and his or her carrier. No more. Today you can dial a call, write an e-mail, post an update to a social network, read a news site, store your family photographs in the cloud, and you should assume that service providers, advertising networks, and companies specializing in analytics have access to your personal information—and lots of it, for a long time. Our digital footprints are hardly in sand; they are effectively in wet cement. Third, the monetization of data is big business. The cost of data storage has declined dramatically. The market incentives to keep our data and slice and dice it to inform economic activity are enormous. They are only going to grow. To be clear, these forces can do a whole lot of good. They can make us more effective, more efficient, our cities smarter, and our communities more connected. But as consumers navigate this new digital landscape, they are anxious. According to the Pew Research Center, nine out of ten Americans believe that it is important to control what information is collected about themselves and an even greater number believe it is important to be in control of who can get that information. At the same time, consumers know there is a value proposition associated with sharing their information—in fact over half of consumers would agree to do so in exchange for something free. That might sound familiar to any one of us who has paused—just barely—to review fine print online before swiftly checking a box to enjoy the wonder of free shipping. So there are some contradictions here that make privacy complicated. At the same time, it is clear that under Section 222 customer proprietary network information is entitled to protection. Moreover, the Commission has a responsibility to ensure that its privacy policies adopted under this section reflect the current communications landscape. To this end, today we start a process to update our Section 222 rules so they no longer reflect only voice services—but also encompass broadband. It is my hope that along the way we can harmonize our efforts under Section 222 with other privacy provisions in the Communications Act, including Section 631. To get this done, this rulemaking asks questions—lots and lots of questions. By my quick count, there are more than 500 of them. We ask questions about notice and how to ensure broadband providers have transparent policies. We ask questions about what requires consumer opt-in and what is better 2suited for opt-out. We ask about what to do to ensure data is secure and ask what recourse consumers deserve when it is compromised. Though these questions range far and wide, it is important to be clear about what this rulemaking does not do. The Section 222 privacy provisions involve carriers. They do not apply to the manufacturers of wireless phones. They do not apply to the developers of operating systems or websites. Let’s be honest. Consumers can be confused by these distinctions. But the scope of this proceeding and Section 222 itself is limited. So I hope as we progress we think about how consumers can better understand the way their data is collected, what rules apply, and how they can protect themselves. I believe doing this well requires harmonization—within the Communications Act—and with other federal partners with privacy interests. Because in the broadband age, consumers should not have to be network engineers to understand who is collecting their data and they should not have to be lawyers to determine if their information is protected.