• About
        • Staff
        • Board
        • Annual Reports
        • CDD History
  • Program Areas
        • Digital Health
        • Digital Consumer
        • Digital Citizen
        • Digital Youth
  • Newsroom
        • Blog
        • Press Releases
        • CDD Filings
        • Reports/CDD Articles
  • What You Need To Know
  • Contact
  • Donate

Cross-Device Privacy Must be Protected by FCC Proposed Rule on Broadband ISPs

By: Jeff Chester | Oct 12 2016
Geolocation & Cross Platform and Application Data is Sensitive information. AT&T expands cross-device targeting

 ... ISPs are engaged in cross-device tracking of its subscribers and customers which allow them to target advertising at the individual and household level.  Exemplary for all ISPs, we are highlighting AT&T’s efforts in this area.  AT&T is expanding its cross-device tracking in order to target individuals on their mobile device after collecting and analyzing their data using the company's internal data and analytics capabilities.   In a recent interview, AT&T AdWorks President Rick Welday explained that by the end of this year AT&T will allow marketers to “advertise in 14 million addressable households, 30 million mobile devices and millions of streams within the DirecTV app.”

While AT&T may claim that its cross-device tracking is done “anonymously,” that is merely a euphemism to obscure the invasion of privacy that underlies such practices. Mr. Welday explains that AT&T’s data-driven monitoring of its customers enables it to develop dossiers that reveal whether their users are a new homeowner, a new parent, or in the market for an automobile.  In its trials with cross-device targeting, AT&T worked with leading Fortune 100 brands as well as promoting its own “AT&T Mobility Wireless” service. The Fortune 100 companies that AT&T worked with likely provided their own so-called first-party data to be used for such cross-device targeting. This illustrates the operational realities today for consumer profiling data, where data are no longer shared with advertisers, but rather advertisers provide such data to ad-delivery platforms (such as AT&T's) for increasingly granular targeting.[3]

Linking devices (and the application history on and geolocation on of those devices) to a particular consumer via a unique identifier should be prohibited, unless the ISP has obtained affirmative, express consent (opt-in). The rule’s definition of ‘sensitive information’ must therefore reflect industry practices and include any data elements that allow for this kind of cross-device tracking. The final rule must give ISP customers control over their data, and before companies can proceed with targeted advertising, they must obtain an opt-in consent from their customers. We are particularly concerned that without such safeguards the rules would allow for a by-passing of requirements of the Children’s Online Privacy Protection Act, by using insights gained via cross device tracking to target children without parental consent.

 Finally, we urge the Commission to affirm in its final rule the need for safeguards against any unauthorized attempts to re-link devices (and its app usage history and geolocation information) to associate them with one user.

CDD respectfully urges the FCC to enact its proposed safeguards as soon as possible to help address the further eroding of Americans’ privacy by ISPs.


PDF icon fccispupdate11oct2016.pdf

Share to



Contact Us


1015 15th Street, NW, #600
Washington, DC 20005
Tel: (202) 494-7100

SEND US A MESSAGE
Tweets by DigitalDemoc

What Is The CDD


The Center for Digital Democracy (CDD) is recognized as one of the leading digital rights, consumer protection, and privacy organizations in the United States. For nearly two decades, CDD has been at the forefront of research, public education, and advocacy on behalf of citizens, consumers, communities, and youth.

PRIVACY POLICY

Copyright © 2018 Center for Digital Democracy. All Rights Reserved. | Website by J. Sean Walker (link is external)