The move, by a 2-1 vote, came after the agency's new Republican chairman, Ajit Pai, indicated last week that he opposed the provision and broader privacy rules because they imposed tougher restrictions on high-speed Internet providers than on websites and social networks.
With the backing of the FCC's other Republican, Michael O'Rielly, the FCC issued a stay of the data security requirements before they were set to go into effect Thursday. Democrat Mignon Clyburn voted against halting the rules.
The stay will allow the FCC to consider formal requests from trade groups representing Internet service providers to reconsider the privacy rules, the agency said.
"The stay will remain in place until the commission is able to act on pending petitions for reconsideration," the FCC said. With Republicans opposed to the rules, they're likely to be overturned.
The rules were approved in October on a party-line vote when the FCC was controlled by Democrats under
An initiative of former FCC Chairman Tom Wheeler, they required broadband providers such as AT&T Inc., Charter Communications Inc. and Comcast Corp. to take new steps to secure customer data and notify them of breaches.
More broadly, in provisions scheduled to go into effect in December, the FCC required broadband providers to get customer permission before using or sharing sensitive personal data.
Most customer data would be considered sensitive, including information on Web browsing, app usage and the geographic trail of mobile devices.
Broadband providers complained the FCC imposed tougher restrictions on them than on search engines and social networks, which are overseen by the Federal Trade Commission.
The FCC's definition of sensitive data is broader than the FTC's.
Under FTC rules, companies don't need consent before using or sharing nonsensitive data, although customers can opt out.
"It does not serve consumers' interests to create two distinct frameworks — one for Internet service providers and one for all other online companies," Pai said Wednesday in a joint statement with Maureen K. Ohlhausen, the FTC's acting chairwoman.
The FTC also has been under Republican control since
The FCC gained privacy authority over broadband providers in 2015 when it enacted new online traffic rules, known as net neutrality, in an initiative pushed by Wheeler and strongly backed by President Obama.
Before that, the FTC had jurisdiction over all Internet privacy matters, including data security and handling of customer information.
Pai and Ohlhausen said Wednesday that they "still believe that jurisdiction over broadband providers' privacy and data security practices should be returned to the FTC, the nation's expert agency with respect to these important subjects."
"All actors in the online space should be subject to the same rules, enforced by the same agency," they said.
The stay of the data security rules will give the two agencies time to work together "to create a comprehensive and consistent framework for protecting Americans' online privacy," the FCC said.
But Democrats and privacy advocates said that broadband providers should be subject to tougher restrictions because they are "gatekeepers" for online access and many consumers have limited choices for high-speed Internet access.
Clyburn said the FCC's vote Wednesday leaves consumers without strong data security protections.
"With a stroke of the proverbial pen, the Federal Communications Commission — the same agency that should be the 'cop on the beat' when it comes to ensuring appropriate consumer protections — is leaving broadband customers without assurances that their providers will keep their data secure," she said in a dissenting statement.
Follow @JimPuzzanghera on Twitter