Federal Communications Commission (FCC) Chairman Tom Wheeler on Thursday said the FCC is proposing new rules to protect the privacy of consumers from broadband providers.

Under the proposed rules, an ISP would be required to notify consumers about what types of information they are collecting, specify how and for what purposes that information can be used and shared, and identify the types of entities with which the ISP shares the information.

In addition, ISPs would be required to obtain affirmative “opt-in” consent before using or sharing sensitive information. Information that would be considered “sensitive” includes geo-location information, children’s information, health information, financial information, social security numbers, web browsing history, app usage history, and the content of communications such as the text of emails.

All other individually identifiable information would be considered non-sensitive, and the use and sharing of that information would be subject to opt-out consent.

“The proposed rules are designed to evolve with changing technologies, and would provide consumers with ways to easily adjust their privacy preferences over time” said Wheeler.

Under the proposed rules, ISPs would also be required to take reasonable measures to protect consumer data from breaches and other vulnerabilities. If a breach does occur, the rules would require ISPs to take appropriate steps to notify consumers that their data have been compromised.

The proposed rules focus on information collected from consumers when they use broadband services, such as residential or mobile connections, Wheeler said. It will not apply to the privacy practices of websites or apps, over which the FCC has authority, or over those owned by a broadband provider.

The rules will not bar ISPs from using or sharing customers’ information, but will require them to let consumers consent to how their info is used.

The FCC will vote on the proposed privacy rules at their  upcoming monthly meeting on October 27.