The FCC Seizes the Reins on Privacy: Observations from Our Summer Internship

Posted by: AT&T Blog Team on August 10, 2016 at 2:13 pm

By Lindsey Knapton, Alex McLeod, Sean Vallancourt, AT&T Summer Interns 

(The opinions expressed in this blog are solely those of the student authors and are not attributable to AT&T)

When we each arrived at AT&T’s DC offices earlier this summer for our internships, we knew that we would have a front seat for policy discussions around some of the most hotly debated topics, including net neutrality, privacy and the march toward 5G wireless technologies. Little did we know the discussions would take such an interesting turn after the D.C. Circuit released its long awaited net neutrality decision. While some claimed victory, others were left with unanswered questions regarding the Court’s decision. In US Telecom v. FCC, the Court allowed the FCC to reclassify Internet Service Provider (“ISP”) offerings as telecommunications services rather than information services. The Court also determined that mobile broadband services are now commercial rather than private because mobile broadband is an interconnected service that is a part of the new public switched network that includes IP addresses. These decisions, which deviate from FCC precedent regarding ISPs and broadband Internet access services, were only marginally explained in the FCC’s 2015 Open Internet Order. Yet the Court accepted the FCC’s limited explanation as sufficient justification for its decision.

As a result of this decision, many scholars are left questioning: how much deference should administrative agencies receive in interpreting a Congressional statute? In Chevron, the Supreme Court required that an agency must give a reasonable explanation to justify its action but, after the DC Circuit decision, many question whether agencies should be held to a higher standard. As a result of the Court’s reclassification choices in US Telecom v. FCC, the FCC has extended its reach in regulating the telecommunications industry; and the impact of the D.C. Circuit’s decision will continue to affect all telecommunications operations, including privacy and wireless issues.

When the D.C. Circuit upheld the 2015 Open Internet Order, it was known that there would be significant restructuring of the privacy rules that govern ISPs. Before the FCC reclassified ISPs as common carriers, the sensitivity of data used and shared on the Internet by ISPs was subject to the Federal Trade Commission’s flexible regulation regime. The FTC’s rules did not apply only to ISPs – but to every player on the Internet, including edge providers, such as Google and Facebook. Since assuming sole authority over ISPs, the FCC has released a set of proposed privacy rules to provide clarity to an ecosystem it considers chaotic. Critics of the rules, however, assert that only confusion will arise from the FCC’s onerous proposals. While the FCC could have proposed rules to mirror the FTC’s longstanding regime, which has, according to many leading industry players, worked effectively, the FCC proposed a code of unprecedented heft, which could severely curtail the marketing practices of many major ISPs. While the rules have not yet been adopted – and while it is far too early to tell how they will affect the business practice of ISPs – they have already been tied to the recent merger of Verizon and Yahoo, which many observers interpret as a sign of things to come as ISPs expand their data marketing operation.

While some of the repercussions of the “net neutrality” order surfaced immediately, many are veiled in future FCC actions. The July Spectrum Frontiers order that propels the United States towards a 5G world, amended the service rules in four bands of spectrum above 24 GHz to allow for mobile service in bands that were previously impractical for mobile services. While the Order provides participants the opportunity to define 5G services, the FCC also included a security-by-design provision in the Spectrum Frontiers Order that requires all participants to submit a statement outlining their plans to ensure consumer security. Such regulation by the FCC reveals its intent to seize authority over mobile services and consumer security in the emerging 5G world.

While the security-by-design language itself is does not seem onerous for 5G participants, the inclusion of such language raises efficacy questions regarding the Commission’s approach to managing security. The Commission’s limited ex ante approach to security may do little more than spur chatter among the participants.  While the FCC’s intentions may be laudable, if the FCC is to stake a role in regulating the security of the 5G ecosystem, its plan should take a page from the FTC’s well-established approach to security and work collaboratively with industry moving forward.  The use of ex ante regulation in the world of rapidly changing technology does little to make networks more secure.  Such a security requirement only perpetuates the Commission’s continuing distrust of participants in the growing Internet and spectrum space.

It is only a matter of time before the market decides whether the FCC’s order will further its Open Internet agenda or whether the FCC simply created a hurricane headed for the Open Internet shores.

Whatever happens, we were thrilled to be in the throes of these debates for the summer and hope to continue to be part of these challenging policy discussions in the future.

Write a Comment

* Required

 characters available
 

COMMENT MODERATION POLICY

AT&T pre-moderates comments on our blog before they are published. This means there will be a delay between the time a comment is submitted and it appears on the post. Profanity, or topics that are not germane to the post will not be approved for posting. If you wish to communicate with AT&T regarding customer service you may do so via phone at 1-800-331-0500. We are also available on Twitter at @ATTCares.