Recently Ro Khanna, a California Congressman, worked with some of the biggest thinkers in Silicon Valley to develop what he’s calling an Internet bill of Rights – the document included at the end of this blog. This Bill of Rights lays forth the ideal basic right of privacy that users most want out of the Internet.

This document is possibly the start of the process of discussing regulation for the big Internet companies – something that doesn’t exist today. Currently the Federal Trade Commission theoretically can pursue web companies that rip off the public and the Justice Department can tackle monopoly abuses – but otherwise the web companies are not regulated.

It’s becoming increasingly clear in the last few years that web companies have grown to the size where they value profits first, and any principles that were loosely followed in the early days of the Internet are long gone. There are constant headlines now declaring abuses by web companies. Recent Congressional hearings made it clear that the big companies are misusing customer data – and those hearings probably barely uncovered the tip of the iceberg.

The European Union has begun the process of trying to reel in some of the biggest abuses of the web companies. For example, web companies in Europe now have to disclose to users how they intend to use their data. In this country we’re starting to see sentiment from both Democrats and Republicans that some level of regulation is needed.

It won’t be easy to regulate the big web companies, which are now gigantic corporations. I read recently that there are now more lobbyists in DC working for web companies like Facebook and Google than work for the big telcos and ISPs. There will a major pushback against any form of regulation and it would obviously require a significant bipartisan effort over many years to create any worthwhile regulations.

My guess is that the public wants some sort of protection. Nobody wants their data released to the world through data breaches. Most people want things like their medical and financial records kept private and not peddled between big companies on the web. Almost everybody I know is uneasy with how the big web companies use our personal data.

I think this creates an opportunity for small ISPs. There are aspects of this Bill or Rights that the big ISPs will oppose. They are clearly against net neutrality. All of the big ISPs have purchased companies to help them better mine customer data – they obviously want to grab a slice of the money being made by Google and Facebook off user data. The big ISPs are likely to fight hard against regulation.

It’s virtually impossible for small ISPs to violate any of these principles. That creates an opportunity for small companies to differentiate themselves from the big ISPs. I think small ISPs need to tout that they are for net neutrality, that they value customer privacy and that they will never misuse customer data. I have a few clients that do this, but very few make this one of the key ways to differentiate themselves from the big ISPs they compete against.

I strongly recommend giving this some thought. Supporting consumer data rights can be made a key part of small ISP advertising. Some statements akin to the Internet Bill of Rights can be made prominent on web sites. These concepts should be prominent in your terms of service. These are concepts your customers will like and it shouldn’t be hard for any small ISP to embrace them.

Internet Bill of Rights

The internet age and digital revolution have changed Americans’ way of life. As our lives and the U.S. economy are more tied to the internet, it is essential to provide Americans with basic protections online.

You should have the right:

(1) to have access to and knowledge of all collection and uses of personal data by companies;

(2) to opt-in consent to the collection of personal data by any party and to the sharing of personal data with a third party;

(3) where context appropriate and with a fair process, to obtain, correct or delete personal data controlled by any company and to have those requests honored by third parties;

(4) to have personal data secured and to be notified in a timely manner when a security breach or unauthorized access of personal data is discovered;

(5) to move all personal data from one network to the next;

(6) to access and use the internet without internet service providers blocking, throttling, engaging in paid prioritization or otherwise unfairly favoring content, applications, services or devices;

(7) to internet service without the collection of data that is unnecessary for providing the requested service absent opt-in consent;

(8) to have access to multiple viable, affordable internet platforms, services and providers with clear and transparent pricing;

(9) not to be unfairly discriminated against or exploited based on your personal data; and

(10) to have an entity that collects your personal data have reasonable business practices and accountability to protect your privacy.