Given the Beltway reaction to the commendable work by Congress to reverse the FCC’s off-course privacy rules, it’s worth taking a step back to see what’s really going on.  First and foremost, all of the rhetoric that asserts – without any factual support – that the CRA vote suddenly eliminated consumer privacy protections is just plain wrong.  The reality is that the FCC’s new broadband privacy rules had not yet even taken effect.  And no one is saying there shouldn’t be any rules. Supporters of this action all agree that the rescinded FCC rules should be replaced by a return to the long-standing Federal Trade Commission approach.  But in today’s overheated political dialogue, it is not surprising that some folks are ignoring the facts.

AT&T’s privacy protections are the same today as they were five months ago when the FCC rules were adopted.  We had the same protections in place the day before the Congressional resolution was passed, and we will have the same protections the day after President Trump signs the CRA into law.  The Congressional action had zero effect on the privacy protections afforded to consumers.

It is also flatly untrue that the Congressional action eliminated all legal protections governing use of consumer information.  For example, AT&T and other ISPs’ actions continue to be governed by Section 222 of the Communications Act just as they were for the nearly two years that passed between reclassification of internet access as a Title II service and the passage of new rules last fall. Former FCC Chairman Wheeler wasn’t shouting then that consumers’ privacy was at risk because we had no rules.  The statute itself protected consumers.  And it will continue to do so until the misguided Title II reclassification decision is rescinded, at which time the FTC will resume regulating consumer broadband privacy, just as it has done since the internet was created decades ago.

Just to remind everyone, there was never any suggestion by the Obama Administration that the FTC’s privacy regulation was somehow inadequate or ineffective to protect consumers on the internet.  Quite the contrary, the Obama Administration spent a good deal of time arguing (particularly throughout Europe) that the FTC was an equal or even more ferocious privacy regulator than the European Data Protectorate.  The adequacy of the FTC to police privacy has never been questioned before this fact-free debate.

Query then why former FCC Chairman Wheeler decided to reject the FTC approach when adopting FCC rules in this area.  That decision did little, if anything, to enhance the protection of consumer internet information.  Instead, those rules were simply another example of putting the Administration’s hand on the scales to pick winners and losers in the marketplace.

In truth, companies that collect and use the most customer information on the internet are not the ISPs but other internet companies, including operating system providers, web browsers, search engines, and social media platforms. And the FCC rules had nothing – literally nothing – to do with these companies or their practices.  Indeed, in fashioning the rules, the Wheeler FCC gave consumers a false sense of security by limiting how ISPs – and ISPs alone – use internet data while knowing that other competitors in the internet ecosystem had access and freedom to use the same data across whatever platform the consumer used to access the internet.

AT&T was one of the first companies to move away from a privacy policy that looked like a legal document and towards a policy that communicated our practices to our customers in words that the consumer didn’t need a lawyer to help decipher.  In the same vein, we have long advocated the approach supported by the Obama Administration before the FCC acted last fall – a consistent framework that focuses on the sensitivity of the data, not the service or entity that obtains the data.

If the government believes that location data is sensitive and requires more explicit consumer disclosures and permissions, then those protections should apply to all players that have access to location data, whether an ISP or edge player or search engine. If the government bans the ISP from that data but allows, for example, OS providers, app developers and everyone else who has software running on your phone to collect your location and internet data, use it, share or sell it, that does not protect but rather confuses the consumer.

AT&T’s approach, which is to focus on the nature of the data and have a consistent framework on collection, use and sharing, was actually the Obama Administration policy for nearly eight years until the Wheeler FCC did a sudden about-face. Hopefully, this week’s action by Congress gets us back on the path to a more rational and consumer-friendly framework.  I am also hopeful that facts actually work their way back into the debate.

But I am a Cubs fan, and I always hope in March or April that this will be the year!  Oh wait a minute; it really happened.  Maybe a fact-based debate really can actually happen here after all. Bring on the goat!

Share this