iStock_000006131068MediumThis is Kelley Drye’s preview of the items under consideration at the Federal Communication Commission’s (FCC’s) upcoming monthly Open Meeting, to be held on June 22, 2017.  Chairman Ajit Pai continues to schedule a large number of items each month, reflecting an ambitious agenda for the agency.  Indeed, for the fifth month in a row, the Commission has six or more items on its agenda.  This month, the agenda consists of seven items; three Notices of Proposed Rulemaking, one Notice of Inquiry, two final actions and one enforcement item.  The topics are varied this month, with at least one item from every Bureau except the Wireless Telecommunications Bureau.

Each agenda item is summarized below.  Note: these brief summaries are based on draft items, which may differ from the final items released following the Open Meeting.  Please check with Kelley Drye after the meeting for more information on the items below.

 

“Blue Alerts” Notice of Proposed Rulemaking (NPRM)

Chairman Pai has set forth a proposal to amend the Commission’s Emergency Alert System (EAS) rules to add a dedicated event code, “BLU,” for “Blue Alerts.”  This is modelled on the highly successful Amber Alerts used during instances of child abduction.  Blue Alerts would notify the public when there is actionable information related to a law enforcement officer who is missing, seriously injured or killed in the line of duty, or if there is an imminent and credible threat to an officer.  The Department of Justice has previously identified the need for a dedicated Blue Alert EAS code.  The Commission is proposing that any required technical changes to equipment be made within 6 months of the effective date of the rules.

The Commission seeks comment on several issues, including the effectiveness of the EAS to deliver Blue Alerts, whether Blue Alerts can be sufficiently geographically targeted, how Blue Alerts can be incorporated into states’ existing Blue Alert plans, the proposed alerts’ costs and benefits, and how the public will likely respond to Blue Alerts.

 

Report and Order on FirstNet Opt-Out Plans

Under the Middle Class Tax Relief and Job Creation Act of 2012, states that are opting out of the First Responder Network Authority’s (FirstNet’s) national plan are required to obtain FCC approval for their own radio access network (RAN) plan.  The FCC will determine if the plan meets interoperability requirements.  If the FCC rejects a state’s alternative plan, the state must accept FirstNet’s plan.

The draft Report and Order gives states 90 days following receipt of FirstNet’s plan to notify the Commission, FirstNet, and the National Telecommunications and Information Administration (NTIA) of their decision to opt-out of FirstNet’s plan.  After notifying all parties of its decision, a state has 180 days to conduct an RFP process (including picking a winner), and then an additional 60 days to further develop the alternative plan it must submit to the FCC.

States’ alternative plans must address the RAN construction, maintenance, operation, and improvements on the existing state RAN.  They must also address interoperability requirements, and all requirements of the Technical Advisory Board for First Responder Interoperability.  The FCC establishes for itself an “aspirational” 90-day shot clock to review states’ alternative plans.  This review will solely focus on the RAN elements, and will not include elements related to user equipment, or issues related to coverage or financing.  The Commission believes these other factors will be adequately addressed by NTIA’s subsequent review.

 

NPRM on Law Enforcement Accessing Caller ID Information

This NPRM would allow law enforcement and interested parties to have quick access to blocked caller information in cases of threatening phone calls.  The Commission argues that threatening callers have no legitimate privacy interest.  The Commission has previously found public interest reasons to waive the rules, such as calls to 911, a poison control line, or other public emergency lines.

The rules propose to define a “threatening call” as any call that includes a threat of serious and imminent unlawful action posing a substantial risk to property, life, safety, or health.  The Commission seeks comment on whether it should require anyone reporting a threatening call do so in conjunction with a law enforcement agency, to prevent individuals from circumventing existing caller ID privacy protections.  The Commission also asks what requirements it should impose on recipients of caller information to safeguard it.

This NPRM follows an earlier waiver of the rules following a series of bomb threats against Jewish community centers across the country.

 

Order and Declaratory Ruling on WorldVu Satellites Limited, d/b/a OneWeb’s Request to Launch an NGSO Constellation for Broadband Service

In a draft Order and Declaratory Ruling, the Commission proposes to grant OneWeb access to the U.S. market with a proposed Ku- and Ka-band non-geostationary-satellite orbit (NGSO) constellation in the fixed-satellite service (FSS) to provide broadband service.  This would be the first Commission approval of an anticipated new generation of NGSO constellations that seek to provide low latency broadband connectivity across the United States and enhance prospects for rural broadband access.  Eleven other applications were filed in November 2016 in response to the processing round initiated when the FCC put the OneWeb petition for U.S. market access on public notice in July 2016. Those applications remain pending and would not be affected by adoption of the draft Order, although ten of the eleven applications were accepted for filing on May 26, 2017.

The proposed grant to OneWeb of U.S. market access would be conditioned on, among other things, ITU coordination, power limits, avoidance of in-line interference, orbital debris mitigation, the outcome of pending and future rulemakings, and satisfaction of bond and milestone requirements.

The draft Order would grant OneWeb several waivers.  OneWeb seeks waivers to operate on a non-interference, secondary basis in the 17.8-18.3 GHz band (not allocated for FSS operations) and the 18.3-18.6 GHz band (allocated for FSS operations, but not NGSO systems).  OneWeb also seeks a waiver allowing shared operations between OneWeb and other NGSO constellations in the 17.8-18.6 GHz, 27.5-28.6 GHz, and 29.5-30 GHz bands via in-line interference avoidance procedures rather than the existing band-splitting requirements.

 

Notice of Inquiry (NOI) Broadband Deployment in Multitenant Buildings

The Commission will consider a Notice of Inquiry seeking comment on ways to facilitate greater consumer choice and broadband deployment in multitenant environments (e.g., apartment buildings, condominium facilities, shopping malls)(MTEs).

In 2000, the FCC prohibited common carriers from entering into contracts that restrict owners and managers of commercial multitenant buildings from permitting access to competing carriers, and in 2007 expanded those rules to apply to multichannel video programming distributors (MVPDs).

In this NOI, the Commission asks whether there are any state and local regulations that may inhibit broadband deployment and competition in MTEs and whether the Commission should revisit an earlier decision not to prohibit MVPDs from entering into exclusive marketing and bulk billing arrangements.  The FCC also seeks comment on several issues about revenue sharing agreements and exclusive wiring arrangements.  The Commission also invites comment on its legal authority to address the issues raised in the NOI.

 

NPRM and Order to Modernize Payphone Compensation Rules

Chairman Pai circulated a Notice of Proposed Rulemaking and Order that would begin the process of eliminating the payphone call tracking system annual audit requirement and associated reporting requirement.  Given the decline in payphone usage, the NPRM and Order is intended to eliminate requirements that are no longer necessary.  The Commission also waives the 2017 audit and associated reporting requirement for the interim period while it considers the NPRM.

 

Enforcement Bureau Order

The Commission will consider an Enforcement Bureau order, which will remain confidential until the day of the meeting.

 

Deleted Item:

On Monday, June 19th, the Commission adopted and removed the following item from its agenda.   The final text of the item was not available at the time this advisory was published.

Declaratory Ruling on Delivery of Cable Operators’ Annual Notice

The Commission adopted a Declaratory Ruling granting a 2016 petition by the National Cable & Telecommunications Association and the American Cable Association to clarify that the “written information” that cable operators must annually provide to their subscribers under FCC rules can be provided via e-mail.

All parties in the record agreed that e-mail delivery would satisfy this obligation.  Under the text of the public draft, the Commission will require that the cable operator use a “verified” email address, which must satisfy one of the following criteria: (1) an e-mail address that the customer has provided to the cable operator (and not vice versa) for purposes of receiving communication, (2) an e-mail address that the customer regularly uses to communicate with the cable operator, or (3) an e-mail address that has been confirmed by the customer as an appropriate vehicle for the delivery of notices.  If no verified e-mail contact information is available for a particular customer, cable operators must continue to deliver the annual notices via paper copies.

The FCC declines to allow cable operators to meet this obligation by providing a link to a publicly available website within a customer’s bill.

Pole-2On June 5, 2017, the United States Supreme Court granted cert in Carpenter v. United States, a case in the hotly contested area of mobile cellular location data privacy.  The question before the Court is whether law enforcement must obtain a warrant for historical cell-site location information.

The case stems from 2014, when Timothy Carpenter was sentenced for his alleged role in coordinating a series of armed robberies of smartphone vendors.  To support its case, law enforcement obtained access to 127 days’ worth of Mr. Carpenter’s cell-site location records through what is commonly referred to as a “D order” (after the subsection of the act under which the records were requested).  Whereas warrants require the government to show probable cause, under the Stored Communications Act, a D order merely requires that law enforcement present “specific and articulable facts showing that there are reasonable grounds to believe” that the records requested “are relevant and material to an ongoing criminal investigation.”  18 U.S.C. § 2703(d).  Continue Reading Carpenters, Carriers, and Cell-Sites (Oh My!): SCOTUS to Hear Mobile Locational Privacy Case

On May 19, 2017, House Communications and Technology Subcommittee Chairman Marsha Blackburn (R-TN) introduced the Balancing the Rights of Web Surfers Equally and Responsibility Act of 2017 (the Browser Act or the bill), which overhauls privacy requirements for both Internet service providers (ISPs) and edge providers (e.g. Facebook, Netflix) (collectively, service providers).  The bill adopts policies similar to the broadband privacy rules adopted by the Federal Communications Commission (FCC or the Commission), which were overturned by a Congressional Review Act resolution in late March of this year.

The Browser Act would require service providers to provide their users with notice of the provider’s privacy policies; require user opt-in for sensitive information and an opt-out option for non-sensitive information; prohibit the conditioning of service on waivers of privacy rights; and specifically authorize the Federal Trade Commission (FTC) to oversee the privacy practices of ISPs.  Co-sponsor Rep. Brian Fitzpatrick (R-PA) said in a statement the bill is intended to “introduce comprehensive internet privacy legislation that will more fully protect online users in their use of Internet service providers, search engines and social media.”  The bill is likely to face an uphill battle in both the House and the Senate, and has drawn mixed reviews from industry and public interest groups.

Continue Reading Blackburn Introduces Sweeping Internet Privacy Reform Legislation

On Wednesday, May 17, 2017, the Federal Communications Commission (FCC or the Commission) published in the Federal Register a Notice of Proposed Rulemaking (NPRM) which aims to develop rules and solutions to reduce the number of illegal robocalls placed to consumers.  The NPRM was adopted at the Commission’s March open meeting.

Continue Reading Deadlines Set for Robocall NPRM

On May 9, 2017, the U.S. Court of Appeals for the Ninth Circuit issued an order granting a Federal Trade Commission (FTC) request for rehearing en banc of the court’s earlier decision to dismiss an FTC case against AT&T Mobility over allegedly “unfair and deceptive” throttling practices in connection with wireless data services provided to AT&T’s customers with unlimited data plans.  In a brief order, Chief Judge Thomas noted that “[t]he three-judge panel disposition in this case shall not be cited as precedent by or to any court of the Ninth Circuit.”

The original Ninth Circuit decision was notable because it held that the “common carrier exemption” in section 5 of the FTC Act—which excludes common carriers from FTC jurisdiction—was “status based” rather than “activity based,” and as such AT&T was not subject to the FTC’s jurisdiction even for non-common-carrier activities.  The original decision had the effect of resetting the jurisdictional boundaries between the FTC and the Federal Communications Commission (FCC) and removing a wide swath of the telecommunications and technology ecosystem from the FTC’s jurisdictional reach.

In a statement, FCC Chairman Ajit Pai applauded today’s order, noting that it will make it “easier for the FTC to protect consumers’ online privacy” and “strengthens the case for the FCC to reverse its 2015 Title II Order,” which classified broadband Internet access service (BIAS) as a common carriage “telecommunications service” and established the FCC’s current open Internet rule framework.  The 2015 Title II Order is now the subject of a draft Notice of Proposed Rulemaking scheduled for a Commission vote at its May 18, 2017 open meeting.

On April 3, 2017, President Trump signed into law a Congressional joint resolution eliminating new broadband and voice privacy rules set forth in a November 2016 order (the 2016 Privacy Order) by the Federal Communications Commission (FCC) (the Joint Resolution).  Members of Congress largely voted along partisan lines. The House approved the Joint Resolution by a 215-205 vote and the Senate approved it by a 50-48 vote. Continue Reading Client Advisory: Congress Repeals FCC 2016 Privacy Order via Congressional Review Act

On Tuesday, January 10, 2017, in his confirmation hearing before the Senate Judiciary Committee, Senator Jeff Sessions, (R., AL), the president-elect’s nominee to lead the Department of Justice (DOJ), said that he intends to follow the USA FREEDOM Act, which prohibits the National Security Agency (NSA) from bulk collection of phone records.  For more on the USA FREEDOM Act, please read our client advisory here.

During the hearing, Senator Patrick Leahy, (D., VT), asked Senator Sessions various questions about the law, noting that Sessions had been among the “very small minority of members” who opposed passage of the law.  In response to Senator Leahy’s questions, Senator Sessions stated “I will follow the law”, and added “I do not believe [the USA FREEDOM Act] can be disregarded and it should be followed.”

The USA FREEDOM Act is a complicated piece of legislation with important compliance implications.  Although the Act does not expand upon carrier data retention requirements, it forces telecommunications carriers to process requests for records previously collected directly by the NSA.

Moreover, carriers remain subject to various statutory and regulatory customer record retention obligations.  For example, carriers offering toll telephone services must retain billing records on long distance calls for 18 months.  These records must contain the name, address and phone number of the caller, the number dialed, and the date, time, and length of the call.  In addition, providers of services for E-Rate and the Connect America Fund must retain documents pertaining to their delivery of services for at least ten years.

While the USA FREEDOM Act does not change such obligations, it may change the acceptable means of processing law enforcement requests.  For example, whereas previous FCC definitions of call detail records included location information, the USA FREEDOM Act explicitly excludes cell site location information and GPS information from the definition of call detail records.

Over time, the USA FREEDOM Act is likely to increase the number of law enforcement requests carriers face.  The presidential transition period is an ideal time for carriers to review their data retention practices to ensure compliance with federal law and FCC rules.

Kelley Drye’s Communications and Privacy & Information Security practice groups are well-versed in privacy law at the federal and state level, and stand ready to help interested parties understand the scope of these obligations and how to operationalize them. Should you have any questions, please contact the authors or your regular Kelley Drye contact.

On Wednesday, November 2, 2016, the Federal Communications Commission (FCC) released the text of its long-awaited Broadband Privacy Order, which it adopted on October 27, 2016. For an overview of the Order, you may read our client advisory here.

The practical impact and reach of the rules will not be known for some time, but at this point we can offer a few of our key takeaways from the Order:

  • All carriers must prepare and maintain public-facing privacy notices. The Commission’s new notice rules will require all telecommunications carriers to draft and post public-facing privacy policies that describe their collection, use, and sharing of customer PI. Formerly, this obligation only applied to BIAS providers (through the Commission’s transparency rule). We expect that disclosures in these privacy policies will be a significant area of enforcement, similar to the Commission’s enforcement of annual CPNI certifications.
  • The sensitivity-based consent framework upends the existing CPNI approval framework. The Commission’s adopted rules fundamentally reshape the consent framework for telecommunications carriers, focusing on the sensitivity of the information, rather than on the particular uses and recipients of the information (as the voice CPNI rules did). As a result, all carriers should carefully review and revise their policies, procedures, and systems for obtaining and tracking customer approval.
  • The Order leaves a significant interpretive role for FCC’s Enforcement Bureau with respect to data security. Unlike the existing voice CPNI rules and the Commission’s proposed data security rules, which mandated specific data security compliance practices, the new rules simply require carriers to adopt “reasonable” data security practices. By focusing on the “reasonableness” of carriers’ privacy and data security practices, the Commission leaves significant room for its Enforcement Bureau to interpret whether particular practices are reasonable, in a manner similar to the FTC’s approach to privacy and data security enforcement. For this reason, providers should carefully review the Commission’s “exemplary” data security practices and Enforcement Bureau consent decrees in order to gauge which practices the Commission expects of providers.
  • Now is the time to begin reviewing contracts with vendors. In the Order, the Commission makes clear that carriers will be held responsible for the acts of their agents, vendors, and other third parties with whom they share customer PI. As a result, carriers should take the opportunity now to review contracts with those third parties to determine whether they include specific terms addressing privacy and security. This is particularly important for non-BIAS telecommunications carriers serving enterprise customers, who will be able to take advantage of the Commission’s expanded business customer exemption.
  • Kelley Drye’s Communications and Privacy & Information Security practice groups are well-versed in privacy law at the federal and state level, and stand ready to help interested parties understand the scope of these rules and how to operationalize them. Should you have any questions, please contact any of the attorneys listed in the margin.

iStock_000019536561Large

At the Federal Communications Commission’s (“FCC”) Open Meeting on October 27, the Commission voted along party lines (3-2) to impose more stringent rules on broadband Internet service providers (“ISPs”). Chairman Tom Wheeler, along with Commissioners Rosenworcel and Clyburn voted in favor of the item, while Commissioners Pai and O’Rielly voted against it.

The new rules clarify the privacy requirements applicable to broadband ISPs pursuant to Section 222 of the Communications Act. The new rules also apply to voice services and treat call-detail records as “sensitive” in the context of voice services.

According to an FCC press release issued immediately after the meeting, these rules “establish a framework of customer consent required for ISPs to use and share their customers’ personal information that is calibrated to the sensitivity of the information.” The Commission further asserts that this approach is consistent with the existing privacy framework of the Federal Trade Commission (“FTC”).

Continue Reading FCC Votes to Impose Aggressive New Privacy Rules on Broadband Providers

On October 6, 2016, Federal Communications Commission (FCC or Commission) Chairman Tom Wheeler published a blog entry on the Commission’s website outlining proposed privacy rules for broadband Internet Service Providers (ISPs). The proposed rules are scheduled to be considered by the full Commission at its monthly meeting on October 27, 2016. These rules come after the Commission received substantial public comment on its March notice of proposed rulemaking (discussed in an earlier blog post) from stakeholders representing consumer, public interest, industry, academics, and other government entities including the Federal Trade Commission (FTC). The proposed rules appear to soften several elements of the Commission’s initial proposal, which received considerable industry criticism.

Continue Reading FCC Chairman Outlines Proposal for New Broadband Privacy Rules