This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Sunday, September 27 • 10:05am - 10:35am
Out of the Frying Pan & into the Fire: The FCC Takes over Privacy Regulation

Sign up or log in to save this to your schedule and see who's attending!

Paper Link

In late 2014, the FCC imposed an unprecedented $10 million fine against Terracom — not for violating the FCC’s CPNI rules issued under Section 222(b) and (e), but for failing to provide “reasonable” data security, a duty the Commission found, for the first time, to flow from the general language of Section 222(a) and the “just and reasonable” standard of Section 201(b). In March, the FCC reclassified all broadband providers under Title II — and chose not to forbear from applying either of these sections to broadband. The FCC has promised to clarify what its approach will be in the future.

This paper will explore this evolving issue in depth, including several key legal questions: What does the Open Internet order’s discussion of IP addresses as the equivalent of phone numbers (in order to justify reinterpretation of “public switched network” and thus reclassification of wireless) mean for privacy regulation? How will CPNI regulation, traditionally focused on the adequacy of opt-in consent, evolve? How might the FCC use its sweeping “general conduct” standard or its claimed Section 706 authority over data practices? (The FCC’s 2014 706(b) NOI specifically asked how privacy and security concerns affect broadband deployment.) How might the FCC’s case-by-case enforcement approach work without clear limiting principles? Is the FCC essentially creating a murkier version of the FTC’s unfairness standard? What lessons can be learned from the experience of the FTC with unfairness and, more recently, with data security and privacy regulation?

How far might the FCC’s regulation extend? Might the FCC reclassify other services beyond broadband? Might it indirectly regulate non-common carriers by maintaining that telecom carriers have a duty not to “permit access” (Section 222(c)(1)) to CPNI by, say, mobile operating system or apps operators except subject to a flow-through of CPNI obligations? Will broadband providers, especially mobile operators, become the new intermediaries responsible for policing the data practices of other players in the ecosystem?

This paper will describe where the FCC may head, the pitfalls of various approaches, and offer normative suggestions for how the FCC, FTC and Congress should handle the privacy and data security practices of broadband providers (and other related services).


David Simpson

Chief Public Safety & Homeland Security Bureau, FCC

avatar for Berin Szoka

Berin Szoka

President, TechFreedom
Berin Szoka is the President of TechFreedom. Previously, he was a Senior Fellow and the Director of the Center for Internet Freedom at The Progress & Freedom Foundation. Before joining PFF, he was an Associate in the Communications Practice Group at Latham & Watkins LLP, where he advised clients on regulations affecting the Internet and telecommunications industries. Before joining Latham's Communications Practice Group, Szoka practiced... Read More →

avatar for Thomas Struble

Thomas Struble

Legal Fellow, TechFreedom
Legal Fellow @TechFreedom. Tech policy enthusiast. @GWLaw alumni. @KUAthletics & @LFC supporter.

Sunday September 27, 2015 10:05am - 10:35am
GMUSL - Room 120

Attendees (17)