House Communications Members Mingle ISP Privacy CRA Barbs, CPNI at Hearing
House Communications Subcommittee members focused as much during a hearing on how to shape privacy legislation to reflect changes in access to customer proprietary network information as they did on trading barbs over the Congressional Review Act resolution of disapproval effort that last year abolished ISP privacy rules (see 1806110054). The hearing had been aimed at the CPNI issue, with a trio of witnesses offering legislative recommendations in written testimony (see 1807030041, 1807090015 and 1807100063).
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
FCC ISP privacy rules were “a consumer protection vehicle that drove at the wrong target” because CPNI rules cover only some phone calls made on mobile devices, such as those that travel over the public switched telecommunications network, said House Communications Chairman Marsha Blackburn, R-Tenn.: “The commission’s inability to locate all the other traffic out there is precisely why the wheels came off” of the privacy order. She cited her Balancing the Rights of Web Surfers Equally and Responsibly Act as “broad privacy legislation” to "give Americans seamless protection across all their electronic communications.”
Ranking member Mike Doyle, Pa., and other Democrats slammed HR-2520 and the ISP privacy CRA. “We are going to need a comprehensive solution that includes more resources, more manpower and more authority to go after bad actors, the ability to set rules of the road for the digital economy,” Doyle said: FCC ISP privacy rules “were an expansion” of the agency's existing CPNI rules “and would have meaningfully enhanced our nation's privacy laws” and “there's been no replacement.” Republicans “wiped out privacy protections,” said Rep. Anna Eshoo, D-Calif. HR-2520 isn't an effective replacement because it doesn't give the FTC additional rulemaking authority and pre-empts more effective state privacy laws, she said.
Blackburn, Vice Chairman Leonard Lance, R-N.J., and other lawmakers dug into how to incorporate CPNI issues into future privacy legislation. Blackburn raised concerns about the potential for users of services like Uber to find those services unusable if hybridized emergency location information they rely on were subject to CPNI rules. Technology & Democracy Project-Discovery Institute Director Hance Haney agreed, saying users might begin to experience “opt-in fatigue.” Haney and former FCC Commissioner Robert McDowell, Hudson Institute senior fellow, agreed with Republicans that legislation should enshrine a FTC-enforced uniform data protection authority covering ISPs and edge providers. "We must do something” given Americans' assessment they “lost control of their information," said Georgetown Law Center on Privacy and Technology Deputy Director Laura Moy.
Doyle, Rep. Jerry McNerney, Calif., and other Democrats criticized FTC ability to enforce such a law, citing its current lack of rulemaking authority and of staff with necessary technical expertise. The FTC “doesn't have the resources to enforce,” McNerney said. He promoted his Managing Your Data Against Telecom Abuses Act (HR-2356). Rep. Peter Welch, D-Vt., pushed Haney and others on why there's resistance to using legislation to make opt-out privacy settings the default, saying that would “empower consumers.” Rep. Debbie Dingell, D-Mich., invoked the unauthorized disclosure of wireless subscribers' real-time location data by LocationSmart and Securus. The FCC is currently investigating LocationSmart (see 1805110062).