How to Restore Reasonable Broadband Privacy Regulations

  • JORDAN CRENSHAW

Last week, the Senate Committee on Commerce, Science & Transportation held a hearing on reducing regulatory burdens in order to spur economic growth. Gary Shapiro, President and CEO of the Consumer Technology Association, testified about the negative effects of the Federal Communications Commission’s (FCC’s) 2016 broadband privacy rule, asserting that the rule “may establish a dangerous precedent for the entire internet ecosystem.”

The broadband privacy rule is the offspring of the FCC’s 2015 Open Internet Order, which treats broadband like a public utility and grants the Commission broad authority to regulate the privacy practices of internet service providers (under Title II the monopoly-era 1934 Communications Act). Until 2015, the Federal Trade Commission (FTC) effectively regulated on an even-playing field the privacy practices of virtually all actors in the internet ecosystem such as streaming video services, search engines, and internet service providers, using a light-touch regulatory approach under which the internet thrived.

In May 2015, after assuming authority to regulate broadband privacy, the FCC issued an enforcement advisory requiring broadband providers to take good faith and reasonable steps to comply with Section 222 of the Communications Act which regulates the privacy practices of common carriers.

Just days before the presidential election, the FCC adopted the broadband privacy rule, which requires broadband providers to obtain consumer consent before using and disclosing nearly all customer data. Unfortunately, the FCC failed to adopt an approach recommended by the FTC and massively expanded the type of data regulated by the FCC compared to the light-touch approach of the FTC. The rule threatens not only the credit ratings of internet service providers but also could inhibit the growth of the advertising-driven internet ecosystem.

With a newly-designated chairman of the FCC and a new presidential administration, there are many new opportunities to roll back the overly-burdensome midnight broadband privacy regulation. We will take a look at the ways policymakers can restore reasonable broadband privacy rules.

The Congressional Review Act

The quickest and most efficient way to undo the FCC’s privacy rules is through Congress’ ability to use the Congressional Review Act (CRA). The CRA enables Congress to quickly undue overly-burdensome regulations. Congress can utilize the CRA within 60 legislative days of the adoption of a regulation and pass resolutions disapproving of the rule. What makes the CRA such a valuable tool to combat harmful regulations is that it provides for an expedited voting process in the Senate in which only a majority of its members are needed to pass a resolution of disapproval. Once both houses of Congress pass a resolution of disapproval, the President can sign the resolution, effectively terminating a regulation. After a resolution of disapproval is signed by the President, an agency cannot adopt a substantially similar rule. The CRA is particularly useful for rolling back midnight regulations that are put forward by an outgoing administration. 

Industry groups sent a letter to House and Senate leadership requesting that Congress use the CRA to eliminate the broadband privacy rule. Even industry sectors which disagreed on net neutrality and the Open Internet Order have come together in opposition to the FCC’s rule.

Activist groups’ main criticism of using the CRA to disapprove the rule is that consumers will be left without privacy protections for data used by their internet service providers. Arguments such as this overlook the fact the CRA cannot roll back the underlying statute behind a regulation and FCC still retains the ability to undertake enforcement actions against unreasonable and bad faith data practices, as described in its 2015 enforcement advisory, under Section 222 of the Communications Act.

The CRA enables Congress to quickly dispose of the broadband privacy rule while restoring regulatory fairness and innovation.

FCC Reconsideration of the Broadband Privacy Rule

The Federal Communications Commission could reverse the broadband privacy rules on its own. At the beginning of January, groups like US Telecom filed petitions for reconsideration with the FCC of the broadband privacy rule requesting the Commission harmonize its rules with the FTC. At the end of January, telecommunications trade associations petitioned the FCC to stay its broadband privacy order. At the same time, over twenty telecommunications organizations committed to privacy principles with regard to transparency, consumer choice, and data security.

Reversing the Open Internet Order’s Reclassification of Broadband

Another way to eliminate the FCC’s overly-burdensome privacy rules is to eliminate the FCC’s jurisdiction over privacy altogether, which could be done by either Congressional action or FCC proceedings to reverse the Open Internet Order’s classification of broadband like a public utility. The D.C. Circuit’s expansive grant of deference upholding the Open Internet Order last June could enable the FCC to easily change course on the classification of the internet. Reclassification would throw jurisdiction over broadband customer privacy back to the Federal Trade Commission, which has effectively refereed privacy in the past.

Last year compromise draft legislation was put forward in Congress to codify net neutrality protections for consumers while eliminating the reclassification of broadband providers. Representative Marsha Blackburn (R-TN), the new chairman for the House Communications & Technology Subcommittee and net neutrality opponent, has indicated that she is waiting for FCC Commissioner Ajit Pai to make the first move on reforming the Open Internet Order.