Senate Republicans Charge Problems With Wheeler's ISP Privacy NPRM

Subcommittee Chairman Jeff Flake, R-Ariz., said the FCC took more than a year to notice the proposed rules and then published a 150-page NPRM, offering more than 500 questions. The FCC approved 3-2 its ISP privacy NPRM in March (see 1603310049), and it has sparked much controversy. Flake asked if Wheeler thought it "appropriate and fair" to extend the comment deadline. “Golly, we’ve been discussing this issue for half a dozen years,” Wheeler replied, siding with the Wireline Bureau that rejected an attempt to extend the deadlines. He said ISPs last year unsuccessfully requested a net neutrality order stay on the grounds of wanting privacy regulation certainty. “We’re now providing certainty on privacy, like they asked for,” Wheeler said. “I think this has been an ongoing process. It has been a filling-up record.”

“I don’t think it’s too much to ask for a couple extra weeks,” FCC Commissioner Ajit Pai countered. He opposed the NPRM and underscored his opposition Wednesday. “There’s now a gaping hole in our privacy protections -- a hole that needs to be refilled,” Pai told lawmakers. “Given this highly elastic approach, the FCC could easily regulate the privacy practices of edge providers without a vote of Congress.”

Flake warned of “problematic consequences” to applying “unnecessary and static regulations” on the dynamic Internet ecosystem. He pressed Wheeler on whether he had authority to enact the broadband privacy regulation under Telecom Act Section 706. “We’re asserting these rules under Title II,” Section 222, Wheeler said, saying 706 has “a bearing.” The FCC repeatedly has said officials don't “intend to assert jurisdiction over edge providers,” he said.

“There have been a lot assertions, allegations, and alarms raised about our proposal,” Wheeler testified. “In the end, there is one indisputable fact: it’s the consumer’s information. The consumer should have information about and control over how that information is used. That’s why I am committed to adopting baseline privacy protections for broadband consumers.”

Sen. Mike Lee, R-Utah, said the path “would of course lead to the regulation” of edge providers such as Google and asked about past FTC enforcement. “I do think the FTC has been every effective,” FTC Commissioner Maureen Ohlhausen told him. She said it’s vital to harmonize opt-in and opt-out requirements and called the FTC’s case-by-case approach “one of our greatest strengths.” Lee questioned special regulation for ISPs: “Do you see any reason that ISPs in particular need to be or should be held to a higher regulatory standard as compared to other Internet companies that participate in the consumer data market?” She told Lee what matters is the type of information, sensitive or nonsensitive. Olhausen told Flake of the “longtime iterative process” at the FTC in developing privacy regulation, with workshops starting in 1996.

“I do believe we have been an effective agency when it comes to privacy,” FTC Chairwoman Edith Ramirez told Flake. “We do intend to file a comment” on the FCC NPRM, she said, citing close study of it. “The commission has a long history of successful cooperation with the FCC on consumer protection issues, including issues related to privacy and data security,” Ramirez said. She said the FTC unanimously asked for Congress to enact data security legislation to help provide “additional tools.”

Sen. Orrin Hatch, R-Utah, said he has “significant concerns” about the privacy rules and called the FCC’s “misguided” net neutrality order an overreach of authority. He worries the telecom and edge providers will deal with different rules, he said. Judiciary Committee Chairman Chuck Grassley, R-Iowa, lauded the FTC’s role over privacy and slammed the FCC’s Communications Act Title II reclassification of broadband that prompted the FCC NPRM’s development. “Nevertheless, as a result of the Obama Administration’s agenda that seeks to expand the executive branch’s power through increased federal regulations, the FCC is now forced to consider new Internet regulations,” Grassley said in his written opening statement.

Subcommittee ranking member Al Franken, D-Minn., was the only Democrat to attend the hearing and said the new privacy rules are a crucial part of preserving net neutrality. “I commend the FCC for starting this necessary process,” Franken said. “It seems to me that the whole point of what reclassification was was to preserve net neutrality and that’s because every time the FCC had tried to preserve net neutrality, the circuit court rejected it. … I don’t think that this endangers the growth of the innovation of the Internet. What would have endangered innovation on the Internet would have been to lose net neutrality. That’s what millions and millions of Americans wrote into the FCC about.”

Franken later attacked Pai as “wrong” and grew frustrated when asking him about the conditions of the Internet’s development. Franken said the Internet developed under net neutrality while Pai countered that it developed without such regulation. Franken repeatedly pressed witnesses about whether they wanted more or less privacy regulation for ISPs or for edge providers, prompting Pai and Olhausen to back uniformity of regulation.

Judiciary Committee ranking member Patrick Leahy, D-Vt., hopes the FCC will “carefully weigh” the “mechanism through which users ‘opt in’ to particular data sharing practices,” he said in his written opening statement. “An ‘opt-in’ rule is meaningless if consumers are expressly or effectively required to opt in as a condition of using their ISP, or if the ‘opt-in’ is misleadingly buried in pages of contractual fine print.” Leahy also said the FCC is seeking comment on whether to forbid ISPs from binding customers as part of the forced arbitration clauses, Leahy noted. “Studies have shown that forced arbitration has a direct chilling effect on consumers’ ability to enforce their rights and hold companies accountable,” Leahy said. “I commend the FCC for recognizing this fact, and urge the Commission to take strong steps against forced arbitration.”

ISP trade groups questioned the FCC’s role in such privacy issues, in a letter to subcommittee leaders (see 1605100066), and the Competitive Carriers Association sent a separate letter warning of harms and asking for consideration of smaller carriers. “These carriers have an inherent interest in maintaining their customers’ trust, including regarding treatment of any personally identifiable information, and can effectively protect this information under a flexible privacy regime without shouldering costly burdens that could accompany overly prescriptive new regulations,” CCA President Steve Berry told the subcommittee. “Any new rules should appropriately consider treatment of smaller carriers. “Creating prescriptive privacy rules that cause one part of this ecosystem to operate differently from others would not only create conflicting results, but also lead to confusion among the very consumers these rules are intended to serve,” said CTA Vice President-Regulatory Affairs Julie Kearney. Other industry groups also questioned the proposal. “The FCC does not have authority from Congress to establish new privacy restrictions in the very different area of online data collection,” said a letter signed by 10 groups including the Chamber of Commerce, the Association of National Advertisers and the National Retail Federation. “The NPRM, as drafted, would create unnecessary and inconsistent privacy regulations that would undercut the vibrant online ecosystem.”

“The FCC’s current proceeding is a direct result of its clear statutory mandate,” several groups defending the proposal wrote in a letter to the subcommittee, signed by the American Civil Liberties Union, Demand Progress, Free Press and Public Knowledge, among others. Consumer Action backs the NPRM, it said Wednesday. “Outside of service provision, customers should have absolute, opt-in control over what happens to their data,” Consumer Action’s Linda Sherry said. The group is preparing a letter to the FCC backing the NPRM, with a deadline of May 27.