On March 31 this year, the Federal Communications Commission (FCC) adopted a Notice of Proposed Rulemaking (NPRM) on broadband privacy regulations. This could seem a little tardy, as we’ve been using the internet at home and work for more than a quarter of a century, starting with those tuneful dial-up modems. If you remember them, can you get the unique rhythm of a successful connection out of your head? Back in those days the connections were a telecoms matter. Your telecoms provider was and continues to be regulated for telecommunications activity and the privacy requirements that surround it. Broadband, however, is a different matter. As broadband and fiber optic services proliferated, they did not fall neatly under the telecoms banner, and no explicit privacy rules have previously been laid down.
The United States’ legislative approach to privacy has been discussed previously within these archives. As an external observer, the adoption of the NPRM just a few weeks ago is yet another example of a legislative style which addresses privacy concerns around each technology as it arises, rather than applying an automatic standard of privacy and then adapting to suit. Regardless, the NPRM adopted by the FCC seems to be a very sensible and comprehensive proposal. It addresses the questions of whether consumers know what data collection they are agreeing to when they sign up for internet services. It defines three core principles of choice: transparency and security in the transmission, and storage of data. It specifically addresses permissions and protection of data handled by your broadband provider; although, government surveillance is outside the scope of the notice, which is another story altogether.
Do consumers really give informed consent?
As with all such guidelines, there are concerns around the degree of informed permission that consumers are able or willing to give. It is proposed that consent to the collection of data should be inherent in the agreement between consumer and provider. However, how meaningful is this type of consent? Consent is a thorny issue for all providers of internet-based services, as discussed at this year’s South by South West conference by the privacy leads of Facebook, Google and Microsoft. The European satirical website The Daily Mash has, as its compulsory privacy message under EU law, the following notice: “Hey, we use cookies to personalize ads and content and provide all those social media things you love, not that you really care. You can read about it here or click to get rid of this annoying box and carry on.” The button text reads ‘Whatever….’ This sums up the prevailing attitude to lengthy paperwork and tedious check boxes. If we want to do something badly enough – get online, for instance – then we have a tendency to skip through the terms and conditions to the tick box at the end. Consent is one of the many things that will need to be taken into consideration as broadband privacy regulation develops. However, there are deeper issues with the legislation itself and the jurisdictions within which it falls.
The Fourth Utility and Net Neutrality
There is a worldwide trend to define broadband as the fourth utility. In the U.K. there has been five years of sustained campaigning by the Federation of Small Businesses, and broadband service information is increasingly a factor in real estate decisions for the majority of homebuyers. In New Zealand on April 14 this year, Communications Minister Amy Adams announced that the future regulation of copper and fiber services would be similar to the way electricity lines were regulated. In rural France, my own family recently became one of the first homes to be connected to the village fiber optic supply.
This paradigm shift gives credence to the FCC’s position as the correct jurisdiction for broadband legislation. After all, they are responsible for regulating common carriers in telecommunications, and the internet seems to be moving toward the same market model. The FCC’s 2015 Open Internet rules established the principle of net neutrality and aimed to “protect and maintain open, uninhibited access to legal online content without broadband internet access providers being allowed to block, impair, or establish fast/slow lanes to lawful content.” However, appropriate jurisdiction has divided the House and seems a long way from being satisfactorily resolved.
FTC vs. FCC
At the heart of this division lies the conflict between the roles of the two federal commissions. The Federal Trade Commission is the leading enforcer of privacy and data security, so it could be argued that the whole matter of broadband privacy regulations should be set squarely at their door. Certainly, the FTC has a history of effective consumer protection in the broadband space and successful actions against internet service providers. As internet and telecommunications services began to converge, the concept of a fourth utility was effectively accepted with the Open Internet rules, defining broadband as a ‘common carrier.’
Shifting the jurisdiction over to the FCC, however, removed the FTC’s ability to act over unfair broadband pricing. The Open Internet rules prevent providers from employing ‘blocking, throttling, or paid prioritization’ measures, however this amounts to price control. As pricing is the sole responsibility of the FTC, the ball continues to bounce from one side of the court to the other. Although the two commissions have an established memorandum of understanding for cooperation, this does not seem to extend to rationalization of the legislation surrounding broadband internet access providers.
The No Rate Regulation debate
The Open Internet rules have been interpreted as the FCC’s attempt to micro-manage the internet. Its teeth are effectively drawn thanks to a third piece of legislation, the No Rate Regulation of Broadband Internet Access Act (H.R. 2666). This codifies into law the original promises that the FCC would refrain from regulating rates. The bill was passed by the Energy and Commerce Committee on March 15 this year. In the debate, Commissioners criticized the FCC’s adoption of responsibility for all aspects of the internet as leaving American consumers exposed to higher connection bills and lower competition.
H.R. 2666 has come in for considerable criticism, notably from the Center for Democracy and Technology (CDT), which asserts that the legislation would undermine public interest because in closing down rate regulation, the bill compromises the very consumer privacy concerns that started this whole debate.
Resolving a fractured approach
There is a raft of detail in the different pieces of legislation that have been developed over the past year or more on this topic. It’s clear that there is a problem, and that many well-meaning, competent people have developed comprehensive measures to deliver a future-proofed solution. The overarching problem is the conflict between the present situation and future vision.
Right now broadband internet is in its relative infancy. The delivery of infrastructure has fallen to independent commercial providers who need to reap the benefit of their investments. The market is competitive and occasionally bloodthirsty, and coverage is nowhere close to complete. The president reminded us, in his speech at South by Southwest, that 50 percent of Hispanic citizens and 46 percent of African American citizens do not have internet access. We have similar issues in the U.K.: I have a contract for 200Mbps fiber optic supply. I receive 60Mbps and a large credit each month because the required $15,000 investment to update the local relay will only be made when enough households are signed up. Two miles away in the countryside, friends struggle to reach 3Mbps on their outdated lines. If there is no profit in a service, it will not be supplied. Broadband is resolutely commercial right now, and consumers should enjoy the protection of the Federal Trade Commission.
The Open Internet rules and the Notice on proposed broadband privacy regulations, however, look to a future where internet access is as vital to life as water, power and telecoms, and provided to all. They lay down the ground rules for a fourth utility, prudent preparation for the inevitable shift in the broadband provision landscape. But has the Federal Communications Commission jumped the gun? The obvious course of action would seem to be joint jurisdiction over transitional arrangements, which avoid conflict and omission. Perhaps the policymakers will eventually reach this conclusion, too.
Add new comment