FCC Offers Legal Rationale for Broadband Privacy Rules

Keep up with the latest developments and legal issues in the telecommunications and emerging technology sectors, with exclusive access to a comprehensive collection of telecommunications law news,...

By Kyle Daly

Nov. 2 — The Federal Communications Commission spelled out the case for its authority to issue new broadband privacy rules in the full text of the rules, released Nov. 2.

The agency voted Oct. 27 to approve the rules, which require internet service providers (ISPs) to get express consumer consent, known as “opt-in,” before collecting and using data deemed sensitive (2016 TLN 9, 11/1/16).

Broadband ISPs are expected to challenge the rules, and the agency's authority to issue them, in court. The legal justifications the agency laid out offer a preview of the defense it would mount against a court challenge.

The FCC followed the Federal Trade Commission model of considering data like financial and health records and children's information to be sensitive. But unlike the FTC, the FCC also deemed browsing and app usage history as sensitive. ISPs hoping to leverage customer data to enter the multibillion-dollar online advertising market had opposed that move, saying it put them at a disadvantage against the likes of Facebook Inc. and Alphabet Inc.'s Google, which are still under the FTC's jurisdiction.

The FCC's 2015 decision to reclassify ISPs as common carriers led to the new privacy rules. The FTC, previously the privacy watchdog for ISPs, can't regulate common carriers. The FCC's reclassification forms the basis of the agency's defense of the rules. That defense will likely be called into question if an ISP or trade group challenges the rules in court, as is widely expected.

In the text of the rules, the FCC said reclassification inherently meant Sec. 222 of the Communications Act, which authorized the FCC to regulate traditional phone companies' collection and use of customer information, applies to ISPs. References in that section to specific practices of the traditional phone industry, such as publishing directories and sending out phone bills, are only intended to note specific duties of phone providers and not to limit the agency's authority to regulating only those duties, the FCC said. Additional subsections of the law that apply specifically to traditional phone service likewise don't detract from the section's central establishment of FCC authority in protecting telecom subscribers' data, the agency said.

While the FCC has historically only used that part of federal communications law to protect the specific categories of data that phone companies collect, it said that precedent shouldn't restrict it from using the statute to more broadly protect consumer data that telecom providers collect.

The agency also said that Secs. 201 and 202 of the Communications Act authorize it to make sure telecom companies aren't engaging in “unjust or unreasonable” or “unjustly or unreasonably discriminatory” conduct. That gives the FCC the power to oversee privacy protection even without the privacy-specific language of Sec. 222, the FCC said. Other parts of the communications law that protect consumer interests from being harmed by wireless industry practices and authorize the FCC to take reasonable steps to advance broadband adoption further authorized the FCC to issue the privacy rules, the commission said.

To contact the reporter on this story: Kyle Daly in Washington at kdaly@bna.com

To contact the editor responsible for this story: Keith Perine at kperine@bna.com

For More Information

The rules are available at: http://src.bna.com/jPl

Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.

Request Tech & Telecom on Bloomberg Law