Comcast and Charter Communications want the Federal Trade Commission to preempt California’s data privacy law, and any other state laws regarding broadband service. In comments filed last week, the National Cable and Telecommunications Association (NCTA), which serves as a Washington, D.C. lobbying front for Comcast, Charter and other cable companies, ask the FTC to tell state lawmakers and officials that they can’t enforce broadband service rules beyond what federal regulators think is appropriate (h/t to Jon Brodkin at Ars Technica for the pointer)…
The FTC should ensure that the Internet is subject to uniform, consistent federal regulations, including by issuing guidance explicitly setting forth that inconsistent state and local requirements are preempted…
California’s recently enacted California Consumer Privacy Act of 2018 imposes numerous requirements that differ from, and even conflict with, federal law.174 Moreover, a patchwork of state-level rules applying only to BIAS providers would undercut existing federal policy basing enforcement on what information is collected and how it is used, rather than on who is collecting the information. Any FTC guidance to state entities on the need to ensure consistency with FTC and FCC policy and precedent in the Internet arena thus should cover privacy and data protection issues as well.
NCTA argues, falsely, that the market for broadband service is “substantially” and “increasingly”. That’s true in a few isolated areas, but overall the trend is toward greater monopolisation of the Internet service industry. The minimum speed level necessary to take advantage of what NCTA calls “a wide array of Internet-delivered video offerings” continues to rise. More and more, cable operators are the sole source of broadband service that meets contemporary needs.
Charter and Comcast are preparing a new line of attack against state-level privacy and network neutrality rules. If, as some legal experts believe, the Federal Communications Commission has taken itself out of the broadband regulation business, then the FTC is their best hope to kill those laws. Particularly California’s new consumer privacy law and its pending resurrection of network neutrality standards.
The Federal Trade Commission can apply consumer protection laws to broadband service, even when a telephone company is delivering it. A federal appeals court in San Francisco made that clear on Monday when it rejected AT&T’s argument that the FTC’s authority doesn’t extend to telephone companies or other providers that have “common carrier” status.
An earlier ruling, made last year, would have barred the FTC from any oversight role regarding companies with common carrier status, even when the business line involved wasn’t a common carrier service. At the time, it seemed like a nonsensical decision, and the appellate judges agreed…
The case came about because AT&T began throttling broadband speeds on iPhones with unlimited mobile data plans. The FTC sued AT&T, saying it was an “unfair and deceptive” practice. It’s the kind of enforcement action that the Federal Communications Commission assumed the FTC would take when it scrapped network neutrality rules and declared that broadband is not a common carrier service.
It’s good news to the extent that telephone companies will have to follow the same consumer protection rules as other ISPs. But the case also highlight a major problem with giving the enforcement job to the FTC. Unlike the FCC, the FTC doesn’t directly enforce anything – it has to rely on federal courts, which takes a lot of time. The sin AT&T is accused of committing happened in 2011 and the FTC didn’t sue until 2014. It’s now 2018, with no end in sight.
Death threats kept Federal Communications Commission chair Ajit Pai away from CES, but the acting chair of the Federal Trade Commission, Maureen Ohlhausen, sat down for an interview on Tuesday with Consumer Technology Association CEO Gary Shapiro. Her agency is responsible for broadband consumer protection enforcement, after the FCC bucked the job over last month. Appropriately, Shapiro opened with a couple of questions about network neutrality.
Ohlhausen said her concern is transparency – service can be pretty much anything so long as terms are disclosed – and the FTC will look at one basic question: whether consumers get what they’re promised. She made vague references to anti-trust laws and the FTC’s reacquired authority over telecoms companies, now that broadband is no longer reckoned to be a common carrier service (although she neglected to mention that her new found authority is under challenge in court). Ohlhausen’s expertise and jurisdiction are clearly not broadband-specific.
Nevertheless, Shapiro tried to draw Ohlhausen out on broadband issues, noting there are “a hundred different telecommunications companies in Europe” that offer lower priced broadband at a variety of speeds, while the U.S. telecoms market is dominated by four players. Ohlhausen said mobile carriers would provide competition in the future, pointing out that they’re now delivering broadband at speeds that consumers would have considered to be adequate a few years ago.
True. But expectations are higher now and will continue to rise. The 5G networks that Ohlhausen is banking on may deliver speeds that consumers likewise consider adequate today. But those upgrades are many years away for most U.S. residents, and their expectations and their bandwidth consumption will continue to rise. Ohlhausen also forgot to mention that the two biggest mobile companies – AT&T and Verizon – belong to Shapiro’s gang of four.
When the FCC and FTC reached a working agreement on how to divvy up broadband responsibilities, Pai called the FTC “our nation’s premier consumer protection cop”. Perhaps. But Ohlhausen shows little enthusiasm for the job.
The etiquette of things.
“Good practice, when it comes to handling data, is not something new, it’s something we’ve already done well”, said Marc Rogers, an Internet security researcher. “We have to be careful we don’t get paralysed by worrying about exotic threats”. He was speaking on a panel this morning at CES that looked at the need, or not, for regulating the so-called Internet of things (IoT). When a device in a home, a thermostat for example, automatically sends information to a private company – an electric utility, say – it might not be done with the same degree of privacy and consent that’s involved when a person manually enters data on a website.
Regulations are coming. Federal trade commissioner Maureen Ohlhausen made it very clear that the FTC has consumer privacy and data security at the top of its agenda, although she tried to reassure everyone that it’ll come with a dose of “regulatory humility”.
“We should adopt a regulatory regime that allows innovation, even disruptive innovation, to thrive”, she said, pointing out that federal regulators already have a well-packed tool box, but they’re not quite sure what to do with it. “How do we insure that consumers get the benefits and minimise the risk, without an undue burden on business?”
“You can have a very serious negative impact if you regulate prematurely”, countered Robert Pepper, VP for global technology policy at Cisco. It’s better to wait for people to arrive at their own rules and expectations by social consensus if possible. “Etiquettes are not developed through regulation, they’re developed bottom up by users”.