Now that the FCC has officially voted to reclassify broadband Internet access service (BIAS) as an information service, (see the Regulatory Mix posted 12/15/17 and our Blog Checking In @ The FCC - December Open Meeting posted 11/30/17) you may be thinking that it's time to catch your breath and relax for the holidays. But no, there is no rest for the telecom weary!
The bill also contains provisions preempting state regulation of BIAS openness obligations, except for obligations relating to emergency communications services or law enforcement, public safety, or national security authorities consistent with or permitted by other laws and for copyright infringement. In addition, it makes it clear that BIAS service is eligible to receive funding from the federal universal service support mechanisms.
Another section of the bill deals with specialized services, which are defined as services other than BIAS that are offered over the same network as, and that may share network capacity with, BIAS. The bill codifies the right of BIAS providers to offer specialized services but would prohibit them from being offered in a way that threatens the meaningful availability of BIAS or that is designed to evade the openness requirements.
Initial reaction to the bill was generally positive, but the many parties have yet to weigh in on it and the bill will undoubtedly undergo several iterations before being signed into law (if ever). But, even if legislation is ultimately enacted and as long as BIAS is an information service, BIAS providers will have to look to the Federal Trade Commission (FTC) and not the Federal Communications Commission (FCC) for enforcement of privacy protections.
Since the FTC Act exempts telecom carriers from the FTC’s jurisdiction when they are providing telecom services, many BIAS providers have probably never had any interactions with this agency. They may think it's just like the FCC and all they need to do is find the rules and follow them. Unfortunately, it's not that straight forward. There is a big difference in how the two agencies operate.
The FCC has a broad public interest mandate and exercises its jurisdiction by adopting rules “before the event” (called ex ante regulation) that place certain defined obligations on a provider to offer certain services or file certain documents. In contrast, the FTC exercises its jurisdiction ex post facto, enforcing the FTC Act’s prohibition on unfair and deceptive acts and practices through enforcement actions taken against individual companies whose actions appear to have violated the Act. Thus, there are no codified rules to follow, only “guidelines” and case law generated by hundreds of court cases.
Fortunately, the FTC has adopted privacy guidelines, which provide a framework for developing best practices for companies that collect and use consumer data. It is designed to be flexible in order to permit and encourage innovation. Companies can implement the privacy protections in a way that is proportional to the nature, sensitivity, and amount of data collected as well as to the size of the business at issue. It has three major principles: privacy by design, simplified consumer choice, and transparency. Among other things, the principles specify that:
- Companies should promote consumer privacy throughout their organizations and at every stage of the development of their products and services;
- Companies should simplify consumer choice; and
- Companies should increase the transparency of their data practices.
TMI will examine these guidelines more closely and will continue to keep you updated on the changing regulatory landscape for BIAS services. In the meantime, if you have specific questions, our team is always available to help - - even through the holiday season.
Happy Holidays!
