ISPs Said to Be Losing on Key Privacy Provision, With Arbitration Clause Ban Possible
ISPs apparently failed in their attempts to get the FCC to drop web browsing and application-use history from the list of types of data to be treated as sensitive, requiring opt-in consent to use or share, as the ISP privacy rules head for a commissioner vote Thursday, we're told. Meanwhile, Commissioner Mignon Clyburn isn't expected to press for provisions that would ban plans that allow subscribers to sign up for cheaper broadband in return for reduced privacy protections (see 1610200044). But Clyburn is pushing for a rule change that would block ISPs from inserting mandatory arbitration clauses on privacy violations in service contracts, informed sources said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
ISPs came close to winning on web-browsing and app history, with Clyburn raising the issue of changing that part of the order during the give and take on the eighth floor, said lawyers who represent ISPs and agency officials. She has since backed away, they said. Advocates on both sides saw that as the single biggest issue in play (see 1610210051). The FCC declined to comment. Privacy has been raised as an issue as regulators start to take on AT&T’s proposed buy of Time Warner (see 1610240055).
ISPs face a new challenge. Clyburn recently penned an opinion piece in Time with Sen. Al Franken, D-Minn., criticizing mandatory arbitration clauses. She has been pushing for changes to the draft circulated by Chairman Tom Wheeler to address the issue, said agency and industry officials.
“When you are wronged in America, you are supposed to be able to find justice in our legal system. It doesn’t matter who you are -- and, importantly, it doesn’t matter who wronged you,” Clyburn and Franken wrote. “No entity is supposed to be too big or too powerful to hold accountable in a court of law. But communications providers who offer access to the internet in our homes and on our phones have found a way to evade accountability by effectively locking the courtroom doors on their customers.”
“Of course, web browsing and app usage histories should be subject to an opt-in standard,” said Laura Moy, of the Georgetown University Law Center's Institute for Public Representation. The information is “classic” customer proprietary network information, Moy told us. Consumers know they have to share it with their ISP in order to get service, but “they certainly don't expect it will be used or shared for other purposes without their permission,” she said.
“Contrary to what some ISPs argued in recent weeks, ‘sensitive’ under Title II privacy rules does not have to mirror the FTC’s definition or follow FTC precedent. The FCC isn't the FTC, the Communications Act isn't the FTC Act and network access provision is not like other services,” Moy said. “We are hopeful that a majority of the commissioners recognize that and the FCC will approve broadband privacy rules that require opt-in consent for a broadly defined category of sensitive information.”
The FCC faces an “historic” decision, emailed Center for Digital Democracy Executive Director Jeff Chester. “Will it cave in to the pressure brought by the cable and telco lobby, and its allies, to adopt a privacy framework that everyone knows is inadequate, the FTC’s,” he asked. “Or is it enacting strong rules tailored for today’s communications networks that protect the privacy of ISP subscribers? With both web browsing and app data having much needed 21st Century consumer privacy safeguards, broadband customers will benefit from such rules. We look forward to seeing the details of any proposal before we can say it will effectively protect the public.”
AT&T/Time Warner and Verizon's buying AOL and Yahoo provide an important backdrop to the order, Chester said. “The fundamental nature of the media business has changed. It’s access to consumer data, along with the capability to reach them on any screen, anytime, that is the basis of today’s digital marketplace,” he said. “ISPs such as AT&T and Comcast plan to reap a treasure trove of digital data, including our unique geolocation activities.” Only effective FCC privacy rules will protect the public, he said.
Whether limitations on arbitration clauses will make the final cut is unclear, industry lawyers said. The FCC initially raised the issue in a paragraph of the privacy NPRM, saying: “We seek comment on whether to prohibit [broadband] providers from compelling arbitration in their contracts with customers.” A lawyer who represents ISPs said “it’s such a political flash point that it will be tough.”
“My sense is that an FCC ban on arbitration clauses may prove difficult to defend should ISPs litigate the issue,” said Daniel Lyons, associate professor at Boston College Law School. “The Federal Arbitration Act creates a strong federal policy in favor of arbitration agreements. The FCC would need to point to a source of statutory authority that overrides that general policy in this context, and I'm not sure the requisite statutory hook exists.”
“There seems to be both a congressional and statutory preference for arbitration, as evidenced by the Federal Arbitration Act and the pendency of several bills in Congress,” said Adonis Hoffman, chairman of Business in the Public Interest. “The privacy jurisdiction of the FCC is tenuous enough without adding another potentially dubious element for the courts to decide." Hoffman's firm doesn't represent any clients on privacy.
“I guess I shouldn’t be surprised, in light of the fact that the Wheeler FCC has become much more overtly political than the norm, that Clyburn and Franken would try a last-minute push to ban arbitration clauses which otherwise are fairly standard in various types of service agreements,” said Randolph May, president of the Free State Foundation. “It’s one thing to require that such clauses be clearly written and conspicuously displayed, which I favor as a matter of consumer protection. It's another thing to ban them entirely when they serve valid public purposes such as reducing litigation costs and clogged court dockets. If I were cynical, which I don’t like to be, I might suggest this is a sop to the trial lawyers. It certainly might be a new trial lawyers’ bounty.”
Categorizing browsing and app history as sensitive data “would represent an extremely disappointing departure from the flexible oversight regime that has helped make the U.S. data-fueled economy the envy of the world,” said Doug Brake, telecom policy analyst at the Information Technology and Innovation Foundation. “The talk of 11th hour moves on mandatory arbitration just shows what a farce this process has been," he said. "The commission hasn’t been seeking informed comment on establishing a balanced regime that secures baseline consumer protection while recognizing and supporting the tremendous upsides to additional use and sharing of broadband data. It looks more and more about securing purely political wins, even if that comes at the cost of higher prices for consumers and less data innovation.”
The U.S. Chamber of Commerce said the Wheeler proposal is far from a compromise that aligns FCC rules with the FTC framework. “In reality the commission’s new proposal eliminates the need to distinguish between sensitive and non-sensitive data because opt-in consent will still be mandated for most of the consumer information useful for broadband providers,” the chamber said in a blog post. “The FCC’s revised rule in essence tells ISPs that they can now be smothered by a ton of regulatory feathers instead of a ton of stone.”