Questions Dog Lawmakers After Enactment of Privacy Repeal Law

Rollback of the FCC’s ISP broadband privacy rules is “rapid implementation” of a “no-cops-on-the-beat approach,” which will continue to be the case until the common carrier exemption is lifted, said FTC Commissioner Terrell McSweeny at a Monday event hosted by New America’s Open Technology Institute and Public Knowledge. Congressional Republicans who voted for the law killing the FCC privacy rules, meanwhile, came under fire at town halls held during the congressional two-week recess. Sen. Richard Blumenthal, D-Conn., wants to ensure through legislation the FTC still has authority to act and is introducing the Managing Your Data Against Telecom Abuses Act, also known as the My Data Act.

“My bill makes sure the FTC has the authority it needs to restore consumer control and allow individuals to use the Internet without fear of invasive and intrusive practices that turn our private lives into yet another commodity on the open market,” Blumenthal said in a statement. The measure targets “an out-of-date loophole in the Federal Trade Commission Act” that prevents the FTC from acting on an ISP’s unfair or deceptive practices, a Blumenthal news release said. His staff didn’t provide the bill text or details when asked. The legislation "would make sure the FTC has the necessary jurisdiction, and would grant the Commission authority to establish safeguards for privacy and data security across the Internet," the news release said.

Blumenthal is among a group including several other congressional Democrats and House Digital Commerce and Consumer Protection Subcommittee Chairman Bob Latta, R-Ohio, who worry about the effects of a 9th U.S. Circuit Court of Appeals' ruling on trade commission authority over ISPs (see 1703310071). The FTC lacks authority over broadband privacy, though FCC Chairman Ajit Pai is believed to be working on specific plans to change that (see 1704070052). After the law killing the rules, the FCC still has enforcement authority under Communications Act Section 222. Latta’s HR-1754 would tweak the law to ensure that if Title II reclassification were undone, the FTC still would be able to act on ISPs. He gained two new co-sponsors earlier this month -- Reps. Leonard Lance, R-N.J., vice chairman of the Communications Subcommittee, and Paul Mitchell, R-Mich.

Within the Trump administration’s first 100 days, McSweeny said the U.S may see a “radical change” in a range of issues including first moves to undo the open internet order and “troubling” statements on encryption. The FTC has brought more than 500 privacy and data security cases, but McSweeny said the commission repeatedly has sought more tools to protect consumers, who are increasingly concerned about their private information being made public or falling into the wrong hands. Those who supported the FCC privacy rules want more simplicity and consistency, but she said if that were truly the goal it’s an argument for increasing protections for privacy rather than “unraveling” them. She said a one-size approach for privacy and data security isn’t realistic. McSweeny was a vocal backer of the FCC's broadband privacy rules and criticized the repeal effort (see 1704050027) in speeches and several written opinion pieces, including in The Hill, Slate and Wired, explaining why the FCC was important and complementary to the FTC in protecting consumer privacy and data security.

McSweeny said she wasn’t aware of the Latta bill but called Blumenthal’s bill good. She said the FTC can’t provide sufficient protection without lifting the common carrier exemption, and legislation that narrowly addresses that may not provide enough authority. “If the objective is to provide the [public] with meaningful privacy choices, one would approach these issues in a comprehensive way,” she told us.

Walden Under Fire

Constituents brought up the Congressional Review Act (CRA) vote during various town hall events hosted by GOP lawmakers over the past week. No Democrats voted for the measure in either chamber. Free Press urged such pressure on lawmakers during this recess period.

“Why do you believe that companies’ profit margins should be prioritized over consumer privacy?” a student asked House Commerce Committee Chairman Greg Walden, R-Ore., at a town hall in Grants Pass, with video of the event posted by anti-President Donald Trump group Indivisible. “I don’t,” Walden immediately responded. A page of text offering information on the CRA resolution of disapproval immediately went up on a screen behind Walden as he sought to explain his position.

“First of all, those rules have never been in effect; they never took effect, they weren’t there,” said Walden, an early backer of the CRA resolution strategy. He mentioned the privacy authorities of the FCC now under Sections 201 and 202 and said if companies violate their privacy policies, the FTC can act and ISPs “can be prosecuted.” He said the rules would have created disparity with the regulation of tech companies like Google: “They actually monetize your searches; they monetize your actions.”

At another town hall in Medford, a questioner pressed Walden on his campaign donors, naming NAB and Comcast as top contributors. She mentioned the “clean” campaign pledge of Jim Crary, Walden’s unsuccessful Democratic challenger last Congress who already is running against him in the 2018 midterms. The questioner asked if Walden would make the same pledge to not accept money from corporations and PACs. “Everything there is disclosed,” Walden said of his donors, declining to make such a pledge, according to video of that town hall meeting. “All I owe any of them is two words: thank you. That’s it.” Crary, in his recent campaign posts, tied Walden’s vote on ISP privacy to corporate donations.

Flake Also Targeted

Sen. Jeff Flake, R-Ariz., wrote the CRA resolution that ultimately became law and also was forced to defend the measure. The Democratic Senatorial Campaign Committee unveiled a filter for Snapchat users “highlighting Sen. Flake’s vote to sell out Arizonans’ internet privacy to big telecommunications companies,” it said, pegged to Flake’s town hall appearance. Flake “sold out American’s most confidential and personal information to big telecommunications companies because that’s what his wealthy, special interest allies wanted him to do,” said the DSCC’s David Bergstein in a release.

“We want to ensure that we have uniform privacy regulation across the internet,” Flake said during a recent contentious event marked by booing and shouts, according to video posted by the local Fox affiliate. The questioner initially pressed Flake on net neutrality order Communications Act Title II protections as a whole: “As your constituent, I’d like to know what you plan to do to defend Title II net neutrality, which protects our right to a free and open internet.” Flake slammed the FCC’s 2015 decision in that order to make ISPs common carriers. He told the questioner he disagreed and that such government regulation would hurt the vibrancy of the internet. He said policymakers may want to say that transmission of data such as emails should move faster than content or movies: “You don’t want to prohibit the internet from doing that. So we need a balanced approach, and I think the FTC offers that balanced approach.”

Another questioner pressed Flake on his comment about a vibrant internet and alleged the U.S. internet speed is the slowest in the developed world. “I simply don’t accept the premise that we have the slowest internet of anyone in the developed world,” Flake replied. “It just doesn’t make sense.”

Rep. Jim Sensenbrenner, R-Wis., who voted for the CRA measure, also was pressed during an event, according to video posted by the Democratic-aligned PAC American Bridge. “Nobody’s got to use the internet at all,” Sensenbrenner told a questioner who said she could choose among edge providers but not her ISP. “The thing is, if you start regulating the internet like a utility, if you did that right from the beginning, you’d have no internet.” He said he favors choice for consumers. Other Republicans have sought to provide information about that party-line CRA vote. Rep. Markwayne Mullin, R-Okla., issued a release trying to clarify what he called "fact" and "myth." “The FTC has successfully protected consumers for decades and I intend to work to restore the FTC’s ability to continue to protect consumer privacy,” Mullin said.

Consumer Concerns

Laura Moy, deputy director-Georgetown Center for Privacy and Technology, said during Monday’s panel discussion that there's a role for two cops on the beat because the FCC and FTC don’t do the same thing and their staffs have different skill sets and expertise. The FCC has a history of supporting the buildout of communications networks, expertise in network engineering and development of competition, whereas the FTC provides a general consumer protection backstop. Where the two agencies have overlapping jurisdiction they’ve worked well together, she said. TechFreedom Policy Counsel Tom Struble said the two agencies should be working cooperatively and toward their core competencies. For instance, the FCC is more of an expert in interconnection disputes than the FTC, he said.

McSweeny said over time people are getting more -- not less -- concerned about the vulnerability and sensitivity of their information because more things are being connected. She said this may affect their trust and adoption of IoT and possibly affect innovation. This is probably why there has been the “outcry” around having choice and control over who’s getting their data and likely driving state ISP privacy bills, she added. McSweeny said the repeal of the FCC privacy rules is a “setback” for consumer privacy but argued dismantling the open internet order would be an “even bigger disaster” because it would undermine the status quo driving innovation

Moy said the public is outraged by FCC privacy rules repeal and are driving proposed legislation in several states to mandate some consent mechanisms for broadband providers to use people’s personal information (see 1704120035). Struble said consumers should have choice but he said he would be happy to let ISPs use his personal data if he could pay less for internet service, as long as companies had good data security.