Agency’s Off-The-Rails Approach Warrants Revisiting Because Of Material Errors On The Law, Facts, And Policy
PITTSBURGH, January 4, 2017 – The American Cable Association filed a petition with the Federal Communications Commission requesting that it reconsider in its entirety the Privacy Order it adopted this past October and broadly applied to Broadband Internet Access Service (BIAS) providers alone among all the major participants in the highly competitive Internet ecosystem.
The FCC’s decision imposed unwarranted, rigid, and highly prescriptive requirements on broadband Internet service providers. It also led to consumer confusion because the new rules did not apply to most other participants active on the Internet.
“The Privacy Order is a train wreck that the FCC cannot just patch up and place back on the track. The FCC should reconsider its approach to privacy in its entirety, eliminating the rules adopted in the Privacy Order. If it must, the FCC should replace the Privacy Order with a proposed framework firmly grounded in the Federal Trade Commission’s (FTC) successful and time-tested section 5 privacy regime to avoid again imposing requirements that are unlawful and do not reflect the record,” said ACA President and CEO Matthew M. Polka.
In its reconsideration petition, ACA demonstrated that the Order went off the rails in numerous ways, including by making material errors on the law, facts, and policy:
First, the statutory provisions on which the FCC relied for its authority to adopt the new rules – sections 201(b), 202(a), and 222 of the Communications Act of 1934 – did not permit the FCC to adopt the sweeping, prescriptive broadband privacy rules set forth in the Order. Nor did the law allow the FCC to apply its rules to categories of data beyond customer proprietary network information (CPNI) as defined in the Act. Even assuming the FCC had authority to reach broadband privacy practices, ACA showed that the FCC lacked authority to apply such authority to ISPs with respect to information other than CPNI.
Second, even if the FCC had legal authority to adopt the rules contained in the Privacy Order, it failed to provide an evidentiary basis for its highly prescriptive rules in several respects.
- First, the FCC failed to base its rules on evidence of tangible and material harm to consumers.
- Second, the FCC failed to give virtually any weight to evidence that BIAS providers have been responsible stewards of their customers’ information.
- Third, the FCC failed to appreciate the harms that its rules would cause to providers and their customers. Most especially, the FCC erred by failing to meet its obligations under the Regulatory Flexibility Act (RFA). That resulted in the imposition of disproportionate burdens on small providers that will raise their costs and inhibit their ability to innovate, while upending broadband customer expectations and creating confusion.
- Fourth, the FCC in adopting new breach notification rules failed to consider, address, or appropriately balance arguments in the public interest. That resulted in rules that overreached in key respects and were both burdensome on BIAS providers, especially smaller ones, and badly at odds with existing federal and state law. As just one example, the new breach notification requirements created a serious deterrent to cybersecurity information sharing under the Cybersecurity Information Sharing Act of 2015 (CISA). That compounded the burdens on small providers by requiring them to cope with new notification requirements on top of 47 state data breach notification laws.
About the American Cable Association: Based in Pittsburgh, the American Cable Association is a trade organization representing nearly 750 smaller and medium-sized, independent cable companies who provide broadband services for nearly 7 million cable subscribers primarily located in rural and smaller suburban markets across America. Through active participation in the regulatory and legislative process in Washington, D.C., ACA’s members work together to advance the interests of their customers and ensure the future competitiveness and viability of their business. For more information, visit https://acaconnects.org/