Skip to main content
Menu Icon Menu Icon

InfoBytes Blog

Financial Services Law Insights and Observations

FCC, FTC Issue Joint Statement on Broadband Data Security Regulation; Senate Resolution Introduced to Repeal FCC Privacy Rules

Privacy/Cyber Risk & Data Security FCC FTC U.S. Senate

Privacy, Cyber Risk & Data Security

On March 1, FCC Chairman Ajit Pai and acting FTC Chairman Maureen K. Ohlhausen issued a Joint Statement  announcing an FCC Order (Stay Order) staying the enactment of certain data security provisions (§ 64.2005) adopted by the Commission late last year as part of its Broadband Privacy Order while the Commission and Congress consider an appropriate resolution of the broader Net Neutrality proceeding. Absent a stay, the rule was set to go into effect on March 2.  Separate and apart from explaining the Stay Order, the Joint Statement effectively serves as a commitment by both the FCC and FTC to return “jurisdiction over broadband providers’ privacy and data security practices … to the FTC, the nation’s expert agency with respect to these important subjects.” Moreover, the statement also highlights what might be considered a guiding principle behind the new leadership at both the FCC and the FTC – namely, that “[a]ll actors . . . should be subject to the same rules” and “[t]he federal government shouldn’t favor one set of companies over another.”

The Stay Order arose out of an October 2016 decision to amend the Broadband Privacy Order to include new “sector-specific privacy rules” that the FCC determined were “necessary to address the distinct characteristics of telecommunications services.”  This final version, the Broadband Privacy Order – was published in the Federal Register (81 Fed. Reg. 87,274) on December 2, 2016.

This amendment marked a substantial change from the original language included in the order as proposed back in March 2016, where the Commission “propose[d] to apply the traditional privacy requirements of the Communications Act to . . . broadband Internet access service (BIAS).” Then-commissioner and current FCC Chairman Pai strongly disagreed with the amendment at the time, filing a dissenting statement in which he argued, that “it makes no sense” for the FCC to enact “rules that apply very different regulatory regimes based on the identity of the online actor” because, among other reasons,  it will inhibit competition in the online advertising market and also “lead to consumer confusion about which online companies can and cannot use their data.” Thereafter, eleven separate timely petitions to reconsider the October 2016 Order were filed, along with a petition requesting that the Commission stay the effective date of the Order. 

The decision to delay the enactment of the new privacy regulations relied on Chairman Pai’s earlier argument that the data security rule as amended is not consistent with current FTC privacy standards, and thus found the March 2 effective date to be based on the incorrect underlying assumption that “carriers should already be largely in compliance with these requirements because the reasonableness standard adopted in [the] Order . . . resemble[] the obligation to which they were previously subject pursuant to Section 5 of the FTC Act.” As made clear by Chairman Pai in the Joint Statement, “[t]he stay will remain in place only until the FCC is able to rule on a petition for reconsideration of its privacy rule.”

Notably, shortly after the release of the Joint Statement, on March 7, Sen. Jeff Flake (R-Ariz), chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, introduced a joint resolution to formally provide for “congressional disapproval” of 81 Fed. Reg. 87,274, i.e., the Broadband Privacy Order referenced above, under the Congressional Review Act (CRA).  The CRA is a 1996 law that empowers Congress to repeal federal regulations.  According to a statement released by his office, Sen. Flake—who has long opposed the privacy regulations at issue—sent a letter back in January of last year to FCC Chairman Tom Wheeler expressing concerns that the FCC is “overreaching its authority” with its planned broadband regulations. The Arizona Senator thereafter, on May 11, 2016, chaired a Privacy, Technology and the Law Subcommittee hearing seeking “answers on the legality of the proposed FCC rules and the consequences for consumers and the future of the internet.” And, most recently, on March 1, Sen. Flake wrote a Wall Street Journal op-ed laying out his position on the matter.

Share page with AddThis