"On October 27, 2016, the Federal Communications Commission (FCC) issued a proposed rule that seeks to expand its regulatory jurisdiction, create a two-tiered privacy regime for different types of Internet companies, and impose data restrictions on Internet service providers. These types of regulations have traditionally been under the jurisdiction of the Federal Trade Commission (FTC), which already has in place a regulatory regime to protect consumers. Full implementation of this proposed rule would have, among other things, given consumers a false sense of protection and privacy. As a bipartisan group of representatives stated in a 2016 letter to the FCC in response to its notice of proposed rulemaking:
-We had hoped the FCC would focus on those protections that have traditionally guarded consumers from unfair or deceptive data practices by ISPs and the other companies in the Internet services market. But, based on the [FCC’s] Notice of Proposed Rulemaking, we remain increasingly concerned that the Commission intends to go well beyond such a framework and ill-serve consumers who seek and expect consistency in how their personal data is protected. If different rules apply to the online practices of only selected entities, consumers may wrongly assume that the new rules apply to all of their activities in the Internet. But when they discover otherwise, the inconsistent treatment of consumer data could actually undermine consumers’ confidence in their use of the Internet due to uncertainty regarding the protections that apply to their online activities.-
In response to these actions, the House and Senate introduced legislation in March to disapprove of this proposed FCC rule. The House version of this legislation, H.J.Res.86, was introduced by Rep. Marsha Blackburn (R – TN) on March 8, 2017. The measure seeks to block the proposed FCC rule. On March 28, 2017, the House passed the Senate version, S.J.Res.34, with my support, and the measure now heads to the president’s desk for signature. Again, it must be noted that recent actions in Congress have not changed the status quo in terms of privacy-protection standards for consumers."
That's what they attest. And the Washington Post had a good editorial (which I'm currently at pains to find) explaining how, under Commissioner Wheeler, the FCC pushed for broadband privacy rules, but ran roughshod over the FTC in the process. While it was a win in the sense that a legal gap was closed (more on that in a minute), it wasn't good in that it weakened the definitions between the FTC and FCC, which bother have governance roles to play. While it might sound like needless bureaucracy, firm and clear rules are the underpinnings of strong court rulings, which are essential to good governance.
Except, now that gap still exists. While it's claimed that the FTC will now fill in the gap, the problem is that it couldn't effectively in the first place. WP explains:
"Can't the FTC go after Internet providers with its rules?
At the moment, not really. The reason has to do with the FCC's rules on net neutrality. When the FCC passed those rules, it branded all Internet providers as “common carriers,” essentially a fancy legal term to describe traditional phone companies.
The problem is that the FTC is bound by something called the “common carrier exemption.” The agency isn't allowed to take action against companies that have been labeled common carriers by the FCC. (The idea behind the exemption is to prevent both agencies from going after the same companies twice for the same infraction.)
So if the House vote succeeds and Trump signs the measure, that releases Internet providers from the FCC's privacy regulation but does not do anything to apply the FTC's own privacy guidelines to the industry. The FCC can still sue companies after they have allegedly violated consumer privacy, industry groups say. So can state attorneys general. But the FCC will be unable to write regulations that preemptively bar privacy violations, meaning that Internet providers will be subject to less oversight as a result of the congressional measure."
So, with regards to selling data. Is it anonymized? Probably. To an extent. People get assigned an advertising ID, which is a random number in place of your legal name, and your profile is built under that. But you and I both know that it's not really anonymous, and it's trivial to then do a correlation between your, say, name and address, and then your advertising ID and address, and suddenly you have a full profile on someone. That's an issue when other businesses and services begin to take advantage of your health, interests, associations, etc, to charge you more or deny service based on these indicators. ISPs feel they've been at a disadvantage compared to online services like Facebook. Remember, that they do not want to be "just a bit provider". There's a very powerful profit factor if they can use their lock-in to be your content provider as well.
Anyways, hope that helps!