A group of sixty prominent civil liberties organizations sent a joint letter to the Federal Communications Commission (“FCC”) on January 20, urging Chairman Tom Wheeler to propose new privacy rules governing broadband internet service providers (“ISPs”). The letter relies on the 2015 reclassification of broadband ISPs as common carriers; however, the same divisions within the FCC that opposed the reclassification itself make significant new rulemaking unlikely in the near term.
The letter, cosigned by groups such as the American Civil Liberties Union, the Center for Democracy & Technology, the Electronic Frontier Foundation and Public Citizen, praises the FCC’s Open Internet order, which reclassified broadband ISPs under Title II of the Communications Act of 1934. Section 222 of the Act, expressly invoked in the FCC’s order, requires covered carriers to treat as confidential information on their subscribers’ “quantity, technical configuration, type, destination, location, and amount of [service] use.” However, rather than applying to ISPs its existing privacy rules promulgated under Section 222, the FCC has to date only issued an Enforcement Advisory on Section 222 itself, while leaving the possibility of new rulemaking open.
The groups argue that ISPs act as “Internet gatekeepers,” able to observe and record all of their subscribers’ actions online, but unwilling to allow subscribers to opt out. They call for a Notice of Proposed Rulemaking to prohibit broadband ISPs from collecting or sharing subscribers’ personal information without affirmative consent for any purpose other than the provision of internet service. They propose that the new regulation also require ISPs to notify subscribers of data breaches, disclose their privacy practices, and identify any third parties with whom they share subscribers’ information—requirements that, if promulgated, would complement or preempt the existing patchwork of state laws on these topics. Finally, the signatories argue that the new regulation should provide penalties for ISPs that take substandard measures to protect subscribers’ information.
Despite the signatories’ urging, prospects for new privacy regulations under Section 222 are murky for the time being. The Open Internet order itself is the subject of a pending challenge in the U.S. Court of Appeals for the District of Columbia Circuit, and a ruling for the petitioners against the reclassification would almost certainly defeat the basis for the rule as well. Moreover, the same internal divisions that led to Open Internet order’s adoption over two strongly-worded dissents remain within the FCC today, and could derail or postpone new rulemaking before it is even proposed. The 2015 Enforcement Advisory, combined with the recent memorandum of understanding between the FCC and Federal Trade Commission on consumer protection initiatives, may reflect the inclination of the FCC to focus its privacy attention on more effective enforcement actions while waiting for an opportunity to commence a Section 222 rulemaking.
Reporter, Daniel Ray, Silicon Valley, +1 650 422 6715, firstname.lastname@example.org.