The National Cable & Telecommunications Association and American Cable Association have joined with other trade and tech groups to offer up what is being billed as a consensus privacy framework outlining guiding privacy principles.
In essence, the framework is an articulation of NCTA's argument that rather than come up with new rules and regs, the FCC should, as the new proposal says, "[pursue] reasonable enforcement actions against telecommunications service providers that have clearly violated these principles." That is the Federal Trade Commission model. The FTC has enforcement authority but very limited authority to promulgate new regulations.
The proposal, which was offered up in a letter to FCC chairman Tom Wheeler comes as the FCC prepares a proposal on how to oversee broadband sub privacy--a new authority under its Title II reclassification--as it currently does traditional video CPNI (customer network proprietary information). A vote on that proposal could come as early as this month's public meeting.
NCTA and ACA, joined by USTelecom, CTIA and the Competitive Carriers Association, said the FCC should focus on four things: "(1) transparency; (2) respect for context and consumer choice; (3) data security; and (4) data breach notification."
The letter to Wheeler has a caveat: "If the courts determine that the FCC has authority over broadband privacy..." That is a reference to the legal challenge to Title II to which the same groups are party.
The letter also suggests those groups know the FCC is getting ready to weigh in: "We respectfully request that [the FCC] seek comment on the entirety of the Privacy Framework we submit today. Because regulation of broadband privacy is a new area for the Commission, it should take the necessary time to build a robust record rather than prejudge the issues by adopting tentative conclusions before there is a public discussion of the consensus Privacy Framework."
The proposal is for the FCC to follow the lead of the FTC, which had been overseeing broadband privacy via using its authority over unfair and deceptive practices before the Title II reclassification moved broadband CPNI under the FCC.
The proposal says the FCC should provide flexibility, identifying privacy goals and giving providers flexibility in achieving them.
It also says the FCC's privacy framework should not apply to nontelecommunications services and products and any information not made available to a carrier by a customer solely by virtue of its carrier-customer relationship.
It also proposes that any de-aggregated or anonymized data should not fall under the scope of that framework.
The trade groups want the FCC to use the following definitions of unfair and deceptive when exercising its authority.
"Unfair Conduct: A provider acts unfairly if its act or practice (1) causes or is likely to cause substantial injury to consumers (2) which is not reasonably avoidable by consumers themselves, and (3) is not outweighed by countervailing benefits to consumers or to competition."
Deceptive Conduct: "A provider acts deceptively if (1) it makes a statement or omission, or engages in a practice, that is likely to mislead a customer, (2) viewed from the perspective of a consumer acting reasonably under the circumstances, and (3) the deceptive statement, omission, or practice is material—meaning that the misrepresentation or practice is likely to affect the consumer’s conduct or decision with regard to a product or service."