WASHINGTON When President Donald Trump signed the repeal of Obama-era internet service provider privacy rules last year, states rushed in to craft privacy legislation of their own. But most of those 2017 and 2018 bills have floundered, done in by the same business and industry forces that opposed the federal rules.
The Obama-era rules were intended to restrict internet service providers from selling or disseminating users personal information without permission. But industry representatives said those rules were burdensome and would stifle innovation and curb growth. Trump agreed.
States lined up to step into the breach. About half the states filed bills this year or last to address some or all of the internet privacy rules that were scrapped with Trumps signature. But few have passed so far, and the ones that have mostly address small pieces of the privacy pie rather than taking comprehensive action.
At the federal level you have more of people pushing big idea initiatives that are broad, said Chris Nolen, a Virginia attorney and lobbyist who follows internet privacy issues and blogs about the issue. The states are more driven to solving an immediate problem instead of imposing across-the-board requirements or protections across topical areas.
In the states, broad-based consumer bills on internet privacy and net neutrality (requiring all content to be treated equally by internet providers) failed or are still pending as legislative sessions wind down. And the legislation that did pass, in states such as Virginia and Oregon, was limited.
The U.S. Senate voted earlier in May to reinstate the Obama-era net neutrality rules the Federal Communications Commission rolled back late last year, but the measure faces an uphill battle in the House, not to mention a possible veto by Trump.
California, for example, considered reinstating Obama-era rules requiring internet service providers to disclose to users what personal information they possess, and barring them from selling or disseminating that information without permission.
But the California Chamber of Commerce, representing internet providers and telecommunications companies, opposed the legislation. In a letter to lawmakers, the group said the bill will create a cumbersome, uncertain, and vague regulation of internet providers in California.
The bill stalled.
The problem is they are afraid of regulation, said state Sen. Hannah-Beth Jackson, chairwoman of the California Senate Judiciary Committee. They make a ton of money from aggregating peoples information and selling it.
Two states, Nevada this year and Minnesota in 2017, enacted laws requiring ISPs to keep customers information private, unless the customer gives permission to disclose the information, according to the National Conference of State Legislatures, which tracks legislation. Minnesotas goes further, requiring ISPs to get permission before disclosing internet sites visited by online subscribers.
In Virginia, a number of bills on internet privacy failed, including one that would have limited governmental procurement of ISPs to those that met requirements for neutrality and privacy. A broader bill that encompassed net neutrality and set overall privacy standards also was defeated in committee.
Virginia Sen. Jennifer Wexton, a Democrat who is running for Congress, sponsored the internet privacy bills. At a committee hearing in January, she implored lawmakers to support her bill for privacy and net neutrality.
We are limited with what we can do at the state level, but one thing we can do is decide not to purchase from ISPs who do not adhere to net neutrality principles, she said. It is a basic consumer protection bill. If you love freedom, and you love privacy, and I know you do, you should love this bill.
But after a parade of internet service companies came to the microphone to oppose her, the committee rejected the bill.
