On Tuesday, January 10, 2017, in his confirmation hearing before the Senate Judiciary Committee, Senator Jeff Sessions, (R., AL), the president-elect’s nominee to lead the Department of Justice (DOJ), said that he intends to follow the USA FREEDOM Act, which prohibits the National Security Agency (NSA) from bulk collection of phone records.  For more on

iStock_000019536561Large

At the Federal Communications Commission’s (“FCC”) Open Meeting on October 27, the Commission voted along party lines (3-2) to impose more stringent rules on broadband Internet service providers (“ISPs”). Chairman Tom Wheeler, along with Commissioners Rosenworcel and Clyburn voted in favor of the item, while Commissioners Pai and O’Rielly voted against it.

The new rules clarify the privacy requirements applicable to broadband ISPs pursuant to Section 222 of the Communications Act. The new rules also apply to voice services and treat call-detail records as “sensitive” in the context of voice services.

According to an FCC press release issued immediately after the meeting, these rules “establish a framework of customer consent required for ISPs to use and share their customers’ personal information that is calibrated to the sensitivity of the information.” The Commission further asserts that this approach is consistent with the existing privacy framework of the Federal Trade Commission (“FTC”).


Continue Reading

On October 6, 2016, Federal Communications Commission (FCC or Commission) Chairman Tom Wheeler published a blog entry on the Commission’s website outlining proposed privacy rules for broadband Internet Service Providers (ISPs). The proposed rules are scheduled to be considered by the full Commission at its monthly meeting on October 27, 2016. These rules come after the Commission received substantial public comment on its March notice of proposed rulemaking (discussed in an earlier blog post) from stakeholders representing consumer, public interest, industry, academics, and other government entities including the Federal Trade Commission (FTC). The proposed rules appear to soften several elements of the Commission’s initial proposal, which received considerable industry criticism.

Continue Reading

As we discussed in our earlier blog post, on March 31, 2016, the Federal Communications Commission (FCC or Commission) voted along party lines (3-2) to launch a notice of proposed rulemaking (NPRM) to establish privacy rules for Broadband Internet Access Service (BIAS) providers.  These proposals, if adopted, could impose prescriptive and complex privacy obligations that would be among the most extensive in the country.

Today we release a client advisory that provides a deep dive into the item and its key proposals and questions.  Comments on the NPRM are due on May 27, 2016, and reply comments are due on June 27, 2016.


Continue Reading

On March 31, 2016 at its Open Meeting, the Federal Communications Commission (FCC or Commission) voted along party lines (3-2) to launch a notice of proposed rulemaking (NPRM) to establish privacy rules for broadband Internet Service Providers (ISPs). As we explained in our blog post in anticipation of this vote, this rulemaking stems from the

stock_03082013_0826It’s official: next Thursday, March 31, 2016, the FCC will vote on a Notice of Proposed Rulemaking seeking comment on a proposed framework for new privacy and data security rules for broadband Internet access service (BIAS) providers.  This proceeding will have important implications for not only the broadband providers subject to the rules, but also for the Internet ecosystem as a whole.

This rulemaking proceeding stems from the 2015 Open Internet Order, which reclassified BIAS as a telecommunications service and applied several of the FCC’s core consumer protection provisions—including Section 201 and 222 of the Communications Act—to BIAS.  Section 201(b) prohibits “unjust or unreasonable” practices, which the FCC has interpreted to require reasonable data security practices.  Section 222 (and the Commission’s interpretations of that section) establishes a complex framework for the protection of proprietary information (PI), carrier proprietary information (CPI), and customer proprietary network information (CPNI).  CPNI, in short, is the information that a carrier has about its customer solely by virtue of the customer-provider relationship.  However, because the CPNI rules promulgated pursuant to Section 222 were designed with traditional telecommunications services in mind, the FCC declined to impose those rules on BIAS, instead opting for a rulemaking proceeding to create new broadband CPNI rules.


Continue Reading

warning sign 2On July 9th, the Enforcement Bureau (EB) of the Federal Communications Commission (FCC or the Commission) reached a $3.5 million Consent Decree to resolve an investigation into whether TerraCom, Inc. (TerraCom) and YourTel America, Inc. (YourTel) (collectively, the Companies) violated laws protecting “phone customers’ personal information,” and whether YourTel failed to timely de-enroll Lifeline subscribers following an audit by the Universal Service Administrative Company (USAC).  The Consent Decree solidifies a trend in FCC enforcement of carrier data security obligations.

Continue Reading

grid2On Wednesday, May 20, 2015, the FCC’s Enforcement Bureau issued its first enforcement advisory in the post-Open Internet Order  era.  Not surprisingly, the Bureau’s first advisory addressed the consumer privacy obligations of broadband providers.  In the Advisory, the Bureau reminded broadband Internet access service (“BIAS”) providers that they will need to take “reasonable, good faith steps to protect consumers’ privacy” pursuant to Section 222 of the Communications Act when the 2015 Open Internet Order goes into effect on June 12, 2015.  The Advisory also advises broadband providers to seek informal FCC guidance regarding particular practices during the initial implementation of the order.

Continue Reading

iStock_000019536561LargeThe FCC’s Wireline Competition and Consumer and Governmental Affairs Bureaus recently announced that they will hold a joint workshop on Tuesday, April 28 to “explore the Commission’s role in protecting the privacy of consumers that use broadband Internet access service.”  Discussions will center around the FCC’s recent Open Internet Order and its implications for the obligations that broadband providers will have going forward with respect to consumer privacy and data security.

Continue Reading

In the days leading up to Tuesday’s State of the Union address, President Obama has been previewing his Administration’s communications and technology priorities for 2015, including calling for an end to state laws that restrict municipal broadband deployments and new steps to promote cybersecurity.
Continue Reading