Heather Garvey

Information Privacy Law

Professor Ira Rubinstein

February 28, 2017

Plans to Destroy FCC Privacy Regulations Could Signal Future Structural Changes to Privacy Regulation by the FTC

Congress and the Chairman of the Federal Communications Commission have recently been attempting to kill the FCC’s internet privacy rules.  These FCC opt-in rules, that were created during the Obama administration, require broadband service providers to obtain permission from consumers prior to using their information for marketing purposes and to take steps to protect personal data and notify customers of a breach.  In particular, the FCC Chairman, Ajit Pai, seeks to halt the rules before they go into effect this Thursday, claiming that all online entities should be regulated by the same guidelines.  Similarly, Senator Jeff Flake (R-Ariz.) announced his plan to introduce a resolution to undo the privacy rules, noting that the Federal Trade Commission (FTC) should have control over all privacy issues.

Commissioner Pai plans to hold a FCC vote to stay the implementation of the new rules.  Currently, there are two vacancies on the FCC, leaving only three FCC commissioners total.  Commissioner Michael O’Rielly supports Pai’s efforts to block the new rules, while Commissioner Mignon Clyburn wants to keep the rules and could potentially block a vote by denying a quorum.  However, Pai could direct the FCC staff to to stay the provisions and push for a vote later.  Either way, it appears Pai is likely to be successful in halting the implementation of the rules this week.  Since a future Democratic administration of the FCC could simply reinstate the rules, concrete change would be more effective coming from Congress than the FCC.

Senator Flake instead is focusing on using the Congressional Review Act (CRA) that allows Congress to revoke a regulation within 60 legislative session days, with only a simple majority and the president’s signature, to remove the FCC rules.  With the Republicans in control of both the House and Senate and with President Trump in the White House, the CBA can be used effectively to strip away many of the regulations passed under President Obama.

These recent efforts by both Congress and the FCC shed light on the future of the FCC’s privacy regulation of broadband companies and the FTC’s effort at privacy reform.  We may see a greater push to have privacy regulation of all online companies, including broadband companies, come under the purview of the FTC, rather than continuing with the carve-out of broadband companies with the FCC.  For example, Representative Frank Pallone (D-N.J.) has asked the Government Accountability Office (GAO) to study the status of broadband privacy regulation and the authority of the bifurcated process by the FCC and FTC.  Since technology increasingly is flooding our everyday lives, perhaps individual privacy and data security should be addressed via a constant regulator, rather than a fluctuating, unstable system.

One of the main concerns from Republicans and Pai is the opt-in system regulating broadband companies, where individuals must affirmatively consent to allow the companies to use their personal information.  This standard is higher for broadband companies than for other online businesses who only need to use an opt-out system.  For example, under the Administration Discussion Draft: Consumer Privacy Bill of Rights Act of 2015, online companies would be required to provide individuals a means to withdraw consent.  Instead of entirely eliminating data privacy rules as applied to the broadband companies, perhaps a future solution would be to have the FTC regulate the entire industry with uniform rules, such as those proposed in the Consumer Privacy Bill of Rights Act of 2015.  This change would eliminate the concerns of Republicans and Pai that broadband companies are treated unfairly, while simultaneously alleviating Democrats concerns about leaving online privacy entirely unregulated.  Nonetheless, while unification of the rules might solve unfairness concerns, there would still be a significant fight ahead of whether to regulate all online companies under an opt-in system or an opt-out one.

Sources

http://www.latimes.com/business/la-fi-fcc-privacy-20170227-story.html

http://thehill.com/policy/technology/320196-gop-sets-sights-on-internet-privacy-rules

http://thehill.com/policy/technology/321433-dem-senator-pushes-back-against-gop-efforts-to-rescind-internet-privacy

http://www.multichannel.com/news/congress/pallone-seeks-gao-study-broadband-privacy-oversight/411172