ACLU Asks Court to Reject ISP Suit Against Maine ISP Privacy Law

Maine should fight a lawsuit by national ISP associations challenging a state ISP privacy law, said the American Civil Liberties Union and an ex-FCC official Tuesday. CTIA, NCTA, USTelecom and the American Cable Association sued Maine Friday in the U.S. District Court of Maine, before the regulations take effect July 1. Maine Gov. Janet Mills (D) signed the bill in June countering Congress' 2017 repeal of 2016 FCC broadband privacy rules, after bipartisan votes in the legislature (see 1906060050).

The industry suit names Maine Attorney General Aaron Frey (D) and Maine Public Utilities Commission members as defendants. The PUC doesn’t comment on pending litigation, a spokesperson said. Frey and Mills didn’t comment.

Broadband ISPs support “a comprehensive national privacy framework that puts consumers first and applies to all companies, including all those operating online, in a uniform and technology-neutral manner,” the four associations said in a Tuesday statement. “Maine’s approach of regulating the collection and use of data by internet service providers only, and not the practices of other companies, including the largest internet companies, data brokers, and others that collect, use, and monetize even more data than ISPs, leaves a gaping hole in the law, is unconstitutional, preempted by federal law, and should be struck down by the courts.”

"Maine acted to put consumer privacy rights before corporate profits, and now those corporations have filed a federal case in a last ditch effort to protect their bottom line,” said ACLU Maine Staff Attorney Emma Bond in a statement to us. “The State has the authority to shield consumers from these sorts of predatory practices. We support Maine's Attorney General in vigorously defending this important law, and believe the courts will uphold it."

“The trial judge should see through the fancy but meritless constitutional arguments and allow this consumer protection law to stand,” emailed Benton Institute for Broadband & Society Senior Fellow Gigi Sohn, who advised then-FCC Chairman Tom Wheeler when the agency issued broadband privacy rules. “Apparently it wasn’t enough for ISPs and their trade associations to convince Congress to repeal the FCC’s popular 2016 broadband privacy rules,” she said. “After ISPs' high-priced DC lawyers failed to convince the Maine legislature not to pass nearly identical rules, they are now bullying a state of under 2 million residents with a high-priced lawsuit.”

Maine’s ISP privacy law violates the First Amendment by requiring ISPs to get opt-in consent for information that's not sensitive or personally identifying and opt-out consent for data that’s not customer personal information, by limiting ISP advertising of non-communications services, and by banning ISPs from offering discounts, loyalty program rewards or other deals in exchange for customer consent to use their personal information, ISPs said in the complaint. It’s discriminatory by targeting ISPs alone and alleged speech restrictions are "too vague to comply with due process because they force ISPs to guess at the boundaries of those restrictions,” it said.

"The Statute’s express purpose was to contradict Congress’s decision -- embodied in a binding joint resolution signed by the President -- to repeal and prohibit the federal adoption of an ISP-specific privacy regime in favor of privacy rules that apply uniformly to all companies holding consumers’ personal information,” said the ISP groups. It conflicts with the FCC “decision that a combination of disclosure, competition, and [FTC] oversight -- not prescriptive ISP-specific rules -- best balances the federal policies of promoting broadband and protecting consumer privacy." The FCC didn’t comment.