Pai, O'Rielly Seen Likely to Just Say No to Revised Privacy Proposal
FCC Republicans are unlikely to support Chairman Tom Wheeler’s ISP privacy proposal, even though Wheeler did move the draft closer to the FTC’s privacy framework, focusing more on protecting sensitive data, industry and FCC officials said. The eighth floor’s review of the order is still in its early stages, but commissioners Ajit Pai and Mike O’Rielly are likely to have some concerns about the amount of data considered sensitive under the Wheeler approach, which is considerably more sweeping than the FTC’s framework, and about the legal underpinning of the order, some said (see 1610070053).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Democratic Commissioner Jessica Rosenworcel is back in the spotlight, since her support will be critical if the two Republicans dissent. Rosenworcel raised concerns in the past, at least about Wheeler’s initial proposal (see 1609080054). Pai and O'Rielly dissented when commissioners approved an NPRM in March (see 1603310049).
An O’Rielly aide said at last month’s CTIA show the commissioner questions whether the FCC even has the authority to act on privacy. A former FCC aide said there’s no chance Pai or O’Rielly will vote yes since the FCC’s reclassification of broadband as a common carrier service under Title II of the Communications Act underpins the proposed order. FCC and industry officials said on the big orders, especially tied to reclassification, the Republicans are unlikely to vote for even part of an item.
Pai said in a High Tech Forum podcast he's hopeful the FCC will harmonize its rules with the FTC framework. The podcast was recorded before Wheeler circulated his latest draft for a vote at the Oct. 27 commissioners' meeting (see 1610060031).
Better aligning FCC rules with those of the FTC would be “terrific,” Pai said during the podcast. Wheeler may be feeling “political” pressure to change the rules, he said. “It’s rare to see a sister agency criticizing the FCC, but in this case the FTC said that the chairman’s proposal was not optimal, that it wouldn’t protect consumers and didn’t reflect how the marketplace operated,” Pai said. There are also technical reasons to harmonize the rules, Pai said. ISPs said in comments at the agency that mobile users might traverse a number of ISP networks as they move around, and edge providers, not ISPs, are the dominant players in online advertising, he said.
People want their sensitive data to be protected, but treating ISPs differently from edge providers like Google “doesn’t make a lot of analytical sense, if what we’re after is promoting consumer welfare,” Pai said. As much as 80 percent of data is now encrypted and ISPs have little information on the data that moves on their networks, he said.
The Republican commissioners don't believe Titles II or VI of the Communications Act give the FCC authority to expand its privacy powers beyond what was envisioned by Congress to be “customer proprietary network information,” including a user’s name, address and phone number, said a former FCC official who does work for ISPs. Wheeler “will expand the FCC's reach as far as his general counsel says the agency's action can be upheld in court,” the lawyer said. “And with many appellate judges affording the FCC a tremendous amount of deference these days, the commission may be able to stretch its reach into the privacy realm pretty darned far.” Pai and O’Rielly are trying to counterbalance what they see as an overreach, the former official said.
A second ISP lawyer said the FCC Republicans are strongly opposed to reclassification: “Combine that with Republican concerns that the chairman has eviscerated the statutory text and congressional intent behind section 222 with a policy-driven outcome, and I don’t see anything in it for them in supporting even a portion of the decision.”
“Assuming Wheeler can get the votes this month, yes, it is likely to be another party line vote on the 27th,” said Doug Brake, telecom policy analyst at the Information Technology and Innovation Foundation. “I certainly hope there is some movement away from Wheeler’s proposal. The outline presented by Wheeler’s fact sheet is entirely different from the FTC’s ex post enforcement model of holding companies to their commitments, and even significantly more onerous than the FTC’s non-binding guidelines. Commissioner Rosenworcel has previously extolled the virtues of harmonization with other privacy regimes. Hopefully she can help bring others around to something closer to true alignment with the FTC approach.”
“The FTC privacy approach and framework is still the gold standard and the FCC should come as close to that as possible,” emailed Adonis Hoffman, chairman of Business in the Public Interest. “A couple of trouble spots remain -- data sensitivity; opt-in; de-identified data; and first-party marketing. The last thing we should want to see is an FCC regime that penalizes business for commonplace usage of data in the course of implied consent. But all of this ignores the threshold matter of whether the FCC can legally regulate in this area, and if so, for how long?" The group doesn’t work for any clients on privacy.
“Now that Chairman Wheeler has changed course on the questions of sensitivity and de-identification, the discussion naturally shifts to the details,” said Richard Bennett, free market blogger and network architect. “The [privacy] fact sheet’s list of sensitive data is much too broad, including web browsing of all kinds as well as app usage history. The order still raises too many barriers to ISPs who want to deal in the same kind of information that websites are allowed to collect and sell without affirmative consent.”
An FCC spokeswoman cited comments the agency made last week that the FCC also must look at the context of the customer-ISP relationship, which goes beyond the relationship between customers and websites. ISPs “can see every web domain you visit and every app you use as well as a tremendous amount of personal information,” the spokeswoman said (see 1610070053).