The Federal Communications Commission is getting ready to police privacy under its open Internet order even before it promulgates any specific guidelines or rules for broadband internet service providers to follow.
Late Wednesday, the FCC enforcement bureau issued an advisory to broadband providers detailing how the bureau intends to enforce section 222, a privacy statute that was written for telephone customers and adopted as part of the FCC’s net neutrality order. The advisory covers the period between June 12 (when the order is expected to go into effect, barring a court stay) and whenever the commission issues further rules or guidance.
Just how to define how the telephone privacy statute should apply to ISPs was a subject of much debate during the FCC’s privacy workshop late last month. The debate centered on how to define what is Customer Proprietary Network Information (CPNI) within the context of the much more complex Internet service environment.
Until the FCC adopts a rule making or issue further guidance, the FCC will focus on whether it believes broadband providers are “taking reasonable, good-faith steps to comply with section 222, rather than focusing on technical details.” The enforcement bureau helpfully offers to give “advisory opinions” to ISPs to see if what they plan to do is in keeping with the open Internet order.
While seeking an opinion will help broadband providers, not seeking the FCC’s opinion won’t hurt.
“Although no broadband provider is in any way required to consult with the enforcement bureau, the existence of such a request for guidance will tend to show that the broadband provider is acting in good faith,” stated the FCC’s advisory. Plus, in a footnote, the FCC said: “The decision of a broadband provider not to seek the enforcement bureau’s views will not be relevant to a consideration of reasonableness or good faith.”
The FCC’s new privacy authority under Title II gives at the agency a lot of reach, a lot of discretion and comes with some serious teeth in the ability to levy monetary penalties. Depending on how far the commission goes, the privacy authority could extend to mobile apps and even edge providers. It’s also a high priority for FCC chairman Tom Wheeler, who said that “privacy is not a secondary activity here.”
“Today, the commission makes clear its two operating principles for regulating privacy online: ‘Mother, may I?’ and ‘We’ll know it when we see it,’” said Berin Szoka, president of TechFreedom. “Today these principles are used for regulating online privacy. Tomorrow, the commission will use them for regulating cyber security. And, after that, who knows what?