Online privacy

The Federal Communications Commission released an Order taking a necessary procedural step so that the Code of Federal Regulations contains an accurate reflection of the FCC’s current privacy rules.

Specifically, the FCC’s pre-2016 Privacy Order rules that applied to wireless and wireline telephone carriers have been reinstated following the recent resolution of disapproval of the FCC’s 2016 privacy regulations under the Congressional Review Act (CRA). The resolution of disapproval of the FCC’s privacy regulations, signed by President Trump on April 3, 2017, declared that the 2016 Privacy Order “shall have no force or effect” and “shall be treated as though [it] had never taken effect.” In addition, the June 29, 2017 Order also dismisses as moot 11 petitions for reconsideration of the Commission’s 2016 Privacy Order.

Ever since Congress repealed the Federal Communication Commission’s broadband privacy rules, consumers have expressed outrage over their lack of privacy protections when accessing broadband networks. In response to the public outcry, members of Congress have introduced legislation to enhance consumers’ online privacy protections.

Thus far, Sens Ed Markey (D-MA), Richard Blumenthal (D-CT), and Reps Jerry McNerney (D-CA), and Marsha Blackburn (R-TN) have all introduced online privacy legislation. Each bill has strong components that provide various levels of online privacy protections for consumers. However, the three bills all have limitations that must be addressed to provide Americans all the privacy protections they deserve. Fortunately, the bills at least open the door to a discussion on what true comprehensive online privacy legislation should look like and what protections consumers expect when it comes to their online privacy.

Rep Katherine Clark (D-MA) has proposed legislation to specifically outlaw internet harassment-based crimes like swatting and devote $24 million a year to stopping them. The Online Safety Modernization Act of 2017 collects several of Clark’s earlier bills, with sponsorship from Rep Susan Brooks (R-IN) and Patrick Meehan (R-PA).

It imposes penalties on several relatively new forms of abuse that may be only indirectly covered under other laws, while funding research and investigation into internet safety issues. The bill includes six sections, all addressing “cybercrimes against individuals” — as opposed to attacks on businesses or government infrastructure, which are a higher priority in most cybercrime policy. Three of the sections outline punishments for “sextorting” sexual imagery from people through blackmail, falsely reporting an emergency to provoke a swat team response, and “doxxing” people by disclosing personal information to cause harm.

[Commentary] Some partisan activists have sought to leverage the public’s privacy concerns to advance their political agenda and have resorted to spreading accusations and false information that misleads the public. Immediately after the Congressional vote, the media was flooded with stories suggesting that internet privacy had been “repealed.” Other stories made misleading claims that Congress “voted to allow your web history to be sold to the highest bidder.” None of this is true. Congress did not repeal internet privacy. They kept the FTC’s two decades of privacy rules in place while preventing the inequitable Obama mandates from going into effect.

Congress did the right thing by stopping the FCC’s power grab to protect consumer privacy and indeed protect the internet itself. It is far better public policy to leave the internet in the free market to continue to bring us innovation after innovation which has transformed our lives for the better in the past generation. Take a moment and send an email of appreciation to the members of the Iowa delegation who stood up for you, your family, and your neighbors in this cause.

[Donald P. Racheter is president of the Public Interest Institute, a public policy research institute in Muscatine]

Is privacy a relic of the past given the array of governments and corporations determined to hoover up information about all of us as fully as technology permits it? Julia Angwin doesn’t think so.

The Pro Publica journalist argues that those fighting to better protect privacy aren’t wasting their time, even as the Information Age accelerates. Consider the Industrial Revolution, she urged.vLike advances in information technology, industrialization made societies more efficient, more productive, and wealthier––but those gains came at a heavy cost, for those who lived through the period of rapid industrialization made due with dangerous factories and horrific pollution, among other ills. At the time, those ills struck many as permanent features too entrenched or perhaps even too inevitable to counter. But others fought for industrial reforms, pushing society toward measures that better protected the environment and workers. Indeed, the conditions that prevailed in the early years of the Industrial Revolution would be unthinkable in the U.S. today. Why shouldn’t the Information Age prove as malleable to reformers?

Even if you didn’t commit a crime, and so no warrant has been issued (per your Fourth Amendment rights), the government can still take away your online anonymity, says a court. Even if all you did was use your First Amendment-protected right to speak about a private company online, the government can unmask you. This is what occurred in a ruling against Glassdoor, an online job-review website.

Judge Diane J. Humetewa of the US District Court for the District of Arizona ruled that the US Department of Justice can compel a private company—say, Facebook, Yelp, Twitter…—to give up your private information just because you expressed an opinion online. Glassdoor, which is a California-based company, has appealed the ruling to the Ninth Circuit Court of Appeals. If it stands, this case could crack the foundation of online freedom. How could a labor union organize if its members’ views, through no fault of their own, might be made public by the government? How could any whistleblower act with this threat being a real possibility?

In what they concede on the surface is a surprising alliance, major Internet service providers have aligned with the Federal Trade Commission and the Federal Communications Commission against AT&T Mobility over the issue of the FTC's ability to enforce edge provider privacy. That came in an amicus brief to the US Court of Appeals for the Ninth Circuit.

"At first glance, amici’s position might seem surprising—four leading corporations are arguing in favor of restoring the FTC’s authority to regulate their non-common carriage activities," they said. "On closer inspection, however, this position aligns with the companies’ desire to reinstate a predictable, uniform, and technology-neutral regulatory framework that will best serve consumers and businesses alike." Signing on to that brief were Charter, Comcast, Cox, and Verizon.

Federal Communications Commission Chairman Ajit Pai has circulated an item for a vote that provides guidance on the broadband privacy rules that were in effect before its 2016 privacy order, apparently. That is opposed to a brand new framework for rules.

That broadband privacy order, adopted last fall by a Democratic majority under former chairman Tom Wheeler and against the dissents of the current Republican majority, was invalidated earlier in 2017 by a Congressional Review Act (CRA) resolution, essentially with the blessing of Chairman Pai and acting Federal Trade Commission chair Maureen Ohlhausen. The CRA did not roll back FCC authority over internet-service provider broadband privacy, which it has had since the 2015 Open Internet order classified web access as a common-carrier service exempt from FTC oversight. But just what authority the FCC had has been a bit unclear since the agency’s common-carrier privacy regulations are tailored to phone service, stemming from an effort to prevent telcos from using information about who was changing to another carrier to try and incentivize them not to switch. Following that Open Internet order, the FCC had teamed with the FTC on a memorandum of understanding outlining how — in a generally worded document — they could, together, protect broadband privacy going forward.

[Commentary] There are steps Congress can and should take to improve consumer privacy. Here are three big ones.

First, Congress should repeal the common-carrier exemption.
Second, Congress should pre-empt the current patchwork of state privacy laws by setting a single standard to govern consumer privacy throughout the country.
Third, Congress should direct the FTC to update its current privacy regime and reconsider which types of data are sensitive.

[Tom Struble is a technology policy manager with the R Street Institute. Joe Kane is a tech policy associate at the R Street Institute.]

Apparently, an item Federal Communications Commission Chairman Ajit Pai has circulated for a vote on "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services" essentially clarifies that the telecommunication customer proprietary network information (CPNI) privacy rules that were in effect before the Tom Wheeler FCC adopted a new broadband privacy regime are still in effect after that regime was nullified by Congress. It is a way to remind carriers that they are still responsible for submitting an annual certification of compliance with those CPNI privacy rules.

The item was described as administrative in nature and focused on voice privacy, rather than providing any new guidance on broadband privacy, apparently. In addition, the item dismisses petitions to reconsider the Wheeler-era rules, since they were mooted by the Congressional Review Act resolution. Chairman Pai has proposed reclassifying ISPs as information service providers, rather than telecoms, after which the Federal Trade Commission would reclaim its authority over broadband privacy, which it lost when ISPs were classified as common carriers in the 2015 Order. The FTC is prevented from enforcing regulations on common carriers.