CIOs should take notice of recent developments with the Federal Communications Commission (FCC). The FCC has long required that all cable operators, satellite carriers, telecommunications carriers, and providers of Voice over Internet Protocol (VoIP) services act in a \u201cjust and reasonable\u201d manner. Since much of the last two decades of information technology innovation has flowed through similar advances in communications networks, the recent addition of the FCC to the regulatory landscape captures a host of related Internet-based services. With it\u2019s rulemaking authority, many are watching whether \u2013 or more likely when - the FCC becomes a \u201cbrawny cop\u201d for consumer privacy and what that means.\nFor the most part, the FTC protects privacy under the mantle of \u201cConsumer Protection\u201d in the U.S.\nUnlike the FCC, the FTC has limited rulemaking authority. That\u2019s why the \u201cOpen Internet Order\u201d under which the FCC reclassified \u201cbroadband Internet access service\u201d as a telecommunication service subject to \u201ccommon carrier regulation\u201d caused a stir. This makes Internet access service providers subject to certain key consumer protection provisions. Questions about the scope and applicability of regulations at the federal level have the potential to stifle attempts to innovate around covered services.\nHere are four issues that CIOs should note as these changes unfold.\n1. FCC authority\nThe 1934 Communications Act requires all \u201ctelecommunications carriers\u201d to protect the confidentiality of customer information. Because so many Internet service providers (ISPs) like AT&T, Comcast and Verizon have been reclassified as telecommunications carriers, the FCC now has authority over privacy concerns of their Internet access offerings.\nGiven the new scope of customer privacy under its jurisdiction, the FCC may write new rules applicable to Internet services specifically. Unfortunately, guidance on the application of current or future rules has been murky at best. The FCC has said simply that service providers must take \u201creasonable, good faith steps\u201d to comply with the law.\nCompanies whose business model is selling targeted advertising based on user data rather than providing a communications service will remain largely unaffected. They are still regulated by the Federal Trade Commission.\u00a0\u00a0\n2. Tracking technologies\nIt is no secret that one of the areas around which companies innovate involves leveraging customers\u2019 private information. For example, Nomi Technologies, a company whose technology allows retailers to track consumers\u2019 movements through their stores, made headlines when it agreed to settle Federal Trade Commission charges that it misled consumers about opting out of their tracking services. This is not why you want to have your company\u2019s innovations in the news.\nOthers point to Verizon \u201csupercookie\u201d that helped track the mobile Web traffic of customers to offer up more targeted ads as evidence of the need for stronger privacy rules. Verizon created an opt-out feature under pressure last year only AFTER the FCC announced it was looking into the controversy. Many raise privacy concerns because often \u201csubscribers have no choice but to share [private] information\u201d in order to receive service.\nTherefore, it\u2019s important to understand if and how your company is using tracking tech and establish privacy and data security standards.\n3. Net neutrality: Signal or noise?\nIt\u2019s not easy to determine which side of the net neutrality debate to take. In addition to authority over prohibitions against providing content-based preferential treatment (proprietary network calls via streaming video) and the practice of throttling (blocking or slowing Web traffic), the rules also apply to open-Internet protections to wireless services for tablets and smartphones. While both sides argue for an \u201cOpen Internet\u201d there\u2019s significant dispute over whether that requires FCC involvement or not.\nSome groups that share board members with Google have come out both in support of and against net neutrality. Interestingly, while Google, Samsung and Sprint are part of the Computer and Communications Industry Association, which filed an amicus brief in support of the FCC, Samsung also belongs to Mobile Future, (with AT&T, Cisco and Verizon) and filed an amicus brief in opposition to the FCC. The Cellular Telephone Industries Association, (CTIA) is one of the groups suing the FCC. Telecom companies have raised concerns about the costs of changing existing practices, like using information about a broadband customer to sell other services. More recently, a group of nearly 60 consumer groups and digital activists pressed the FCC to come out with \u201cstrong\u201d proposed rules \u201cas quickly as possible.\u201d\n4. Consumer protection\nCustomer proprietary network information (CPNI) is a treasure trove of info about consumers\u2019 online behavior. The Communications Act bars telecom companies from using CPNI for purposes other than providing service. The FCC\u2019s Network Neutrality rules may set the stage for FCC to regulate how ISPs use consumer data via CPNI. Unlike the FTC, the FCC can issue real regulations on privacy. This could bring a major changes in the way the business is transacted with consumer data, with far-reaching impact.\nRegardless of the outcome, CIOs should focus on the what, where, how and with whom private customer information is being shared over these communications networks.\nThanks for reading! I love writing about the law. But remember, I am not your lawyer. Any thing you do or don\u2019t do is your decision. I always recommend that you consult a qualified lawyer about your specific situation.