The National Cable & Telecommunications Association said the FCC's broadband privacy proposal is unworkable, counterproductive, harmful (to consumers and competition), illegal (the FCC lacks authority) and unconstitutional, and that its supporters are limited to a "handful" of parties with no experience in operating networks or providing service.
That damning assessment came in reply comments, which were due to the commission Thursday (July 7).
FCC chairman Tom Wheeler, backed by the other two Democrats who voted for the proposal, wants to require ISPs to get their subscribers' permission before sharing most information with third parties. By contrast, the Federal Trade Commission, which used to oversee broadband privacy and still oversees edge-provider privacy, polices voluntary privacy policies for unfair or deceptive practices.
The FCC assumed oversight of broadband privacy when it reclassified ISPs under Title II common-carrier regs. The FTC is prevented from regulating common carriers.
In its comments, NCTA pointed to critics of the FCC approach, including former Democratic FTC chairman Jon Leibowitz, current and former Republican FTC commissioners.
FCC chairman Tom Wheeler has said the FCC can't regulate edge-provider privacy, but also has argued that ISPs are singularly situated as gatekeepers.
"The record simply cannot support a conclusion that ISPs should be subject to singularly onerous rules because they are somehow uniquely situated," the NCTA said. "To the contrary, the record demonstrates not only that ISP visibility over broadband customer data is rapidly shrinking, but also that ISPs have heightened incentives to effectively safeguard their customers’ information and a track record of responsible conduct under the FTC framework."
The trade group argued that information should be protected based on the sensitivity of the data, not on who is collecting and using it.
NCTA said the proposal's defects are legion, then proceeded to call the roll:
- "The huge swath of data covered by the proposal – which includes IP addresses, MAC IDs and other data elements that cannot on their own identify individuals – coupled with its stringent permissions regime threatens to encumber basic Internet functionality and burdens the provision of services and capabilities seamlessly enjoyed by broadband customers today. This is compounded by an unworkable “linkable” standard and unlawful treatment of de-identified data;
- "The proposed restrictions on first-party marketing conflict with well-established policies supported by both the White House and the FTC, and would unduly interfere with the ability of consumers to benefit from new products and services offered by their broadband provider;
- "The unwarranted departure from the FTC’s core principle of establishing an optout/opt-in choice architecture that distinguishes between non-sensitive and sensitive uses of data harms consumers and competition;
- "The narrowness of the specified exceptions to the permissions regime could adversely affect basic network operations, delivery via broadband transmission of services and capabilities requested by consumers, and efforts to protect ISP networks from cybersecurity threats, spam and malware;
- "The unreasonable data security standard imposes a strict liability regime that unnecessarily encompasses a raft of non-sensitive data;
- "The specifically enumerated data security requirements proposed by the Commission are out of step with well-established federal policy preferences for relying upon voluntary mechanisms and industry-driven solutions to secure networks effectively; [and]
- "The vastly overbroad data breach notification rules are predicated upon an illconsidered definition of “breach,” and in conflict with virtually every existing breach notification law."