WASHINGTON, DC—Maine has joined the list of states enacting sweeping consumer privacy and data collection laws, with the state’s Act to Protect the Privacy of Online Customer Information recently being signed into law. Womble Bond Dickinson attorney Marty Stern discussed the Maine online consumer privacy law with the Cybersecurity Law Report, noting that the act will have a direct impact on broadband internet service providers operating in the state.

Under the Act, Internet service providers must protect customers’ personal information, including name, address, Social Security number and billing information. But they also must not disclose information about the customer’s browsing history, emails/texts, geolocation or other information gathered through the course of the customer using the broadband service.

However, there is also may be a question as to whether the Maine law oversteps the state’s authority.

“The FCC in its 2017 Restoring Internet Freedom order found that regulation of broadband internet access service should be governed principally by a uniform set of federal regulations, rather than by a patchwork that includes separate state and local requirements,” Stern tells the Cybersecurity Law Report. “Considering that the imposition of these type of privacy restrictions on broadband providers has already been rejected by Congress, there seems to be a real question as to whether similarly intrusive requirements enacted by a state could be construed as interfering with the federal deregulatory regime, and challenged on that basis.”

The Act is set to take effect in July 2020. Stern says that there very well could be challenges to the Act, which could impact its implementation timeline. According to Stern, “affected businesses should keep their eyes peeled for potential judicial challenges, and how those may affect the timeline for implementation”, according to Stern.

Click here to read “Maine Enacts Sweeping Broadband Customer Privacy Law” in the Cybersecurity Law Report (subscription required).

Marty Stern provides legal and strategic counsel on regulatory, policy and commercial matters to telecommunications, information technology and media firms, including network operators, programmers, and technology companies, in the United States and globally. He also develops and executes regulatory and legislative strategies, including through trade associations and the formation and implementation of industry coalitions, and engages in associated advocacy.