Broadband CPNI Could Be New Privacy Battleground

At press time, 59 privacy and activist groups and others had signed on to a letter to FCC chairman Tom Wheeler petitioning the FCC to "quickly" open a rulemaking on broadband privacy oversight that insures it is a "brawny cop" on the privacy enforcement beat.

When it reclassified Internet access under Title II common carrier regs in its new Open Internet order, the FCC assumed authority over broadband CPNI (customer proprietary network information).

Jeff Chester, executive director of the Center for Digital Democracy and one of the leading voices for privacy protections, thinks muscular oversight by the FCC could be a game-changer.

"[T]he FCC’s Network Neutrality rules set the stage for FCC to regulate how ISPs use consumer data via CPNI and related regs," he said. "Unlike the Federal Trade Commission, FCC can actually issue real regulations on privacy (the FTC can only do that for kids under the Children's Online Privacy Protection Act). So, if FCC acts, this could be a major change in the way the consumer data business is conducted, and have far-reaching impact."

In November, the FCC got together with the Federal Trade Commission on a memorandum of understanding (MOU) on how to divvy up their oversight.

While the FCC now has privacy oversight over broadband that used to be the province of the FTC, the MOU says that the agencies don't believe that the FTC's common carrier exemption precludes the FTC from addressing non-common carrier conduct by common carriers.

Chester called the letter the launch of an "intensive campaign" that unites net neutrality activists with privacy and consumer advocates and said the issue "will likely be a new battleground for privacy."

The FCC has held a workshop on privacy and said it is working on a new broadband CPNI framework but has yet to open a rulemaking. It did put out a general advisory to ISPs on protecting privacy in the interim, but the groups say that is not enough.

Those groups, which include Free Press, Center for Digital Democracy, Public Knowledge, Consumer Watchdog and others, want to make sure the FCC carries a big nightstick.

They want the rulemaking opened ASAP and include notice of data breaches, disclosure of data collection and protection practices and disclosure of who data is being shared with.

According to Marc Rotenberg, president of EPIC (the Electronic Privacy Information Center), his group planned to send a separate letter to Wheeler Wednesday supporting the group's effort and adding that the FCC should look beyond ISPs to the edge. "[T]he FCC should take a comprehensive approach to communications privacy, recognizing the full range of threats to consumers, from Verizon and Comcast to Facebook and Google," he told B&C.

Wheeler has consistently said that the FCC is not going to regulate edge providers under its new Title II rules.

John Eggerton

Contributing editor John Eggerton has been an editor and/or writer on media regulation, legislation and policy for over four decades, including covering the FCC, FTC, Congress, the major media trade associations, and the federal courts. In addition to Multichannel News and Broadcasting + Cable, his work has appeared in Radio World, TV Technology, TV Fax, This Week in Consumer Electronics, Variety and the Encyclopedia Britannica.