The FTC and Net Neutrality

One of the lynchpins of the FCC’s plans to reverse net neutrality is their assertion that the Federal Trade Commission (FTC) is ready to step in and protect consumers from any abuse by the big ISPs. FCC Chairman Ajit Pai argues that the FTC should always have been the go-to agency for privacy issues and issues like broadband rates. However, it’s possible, and perhaps even likely that the FTC will be legally unable to take on that role.

There is an open lawsuit that challenges whether the FTC has any authority over big ISPs like AT&T. The FTC sued AT&T and levied a $100 million fine on the company for abuses of their unlimited cellular data plans. AT&T stopped selling unlimited data plans in 2011. But the company had sold millions of limited plans that had promised that customers could keep the plans for life. This is about the time that customers could actually begin using large amounts of cellular data due to the burgeoning OTT video market, and AT&T started to pressure customers to drop the grandfathered unlimited plans. AT&T eventually took steps to throttle unlimited data users and even went so far as to block customers from using Facetime, the Apple product that lets customers video chat.

AT&T immediately appealed the FTC decision using the argument that Section 5 of the original FTC charter precluded the agency from regulating ‘common carriers’. The original Telecommunications Act of 1934, which established the FCC, had defined common carrier to be a company that provide public telecommunications facilities – which has been taken to mean facility-based telecom providers. Originally the common carrier definition meant the old Ma Bell and other regulated telephone companies, but over the years the FCC has expanded that definition to include other telecom facility-based providers including cellular carriers and long-haul fiber owners.

In February of 2016 the appeals court agreed with AT&T and said that the FTC had no jurisdiction to regulate a common carrier, even for “non-common carrier activities”. This means that the FTC could not regulate AT&T for its telecom business, but also couldn’t regulate other endeavor that the company might undertake, such as AT&T’s actions as the owner of DirecTV or their future actions as a programmer after a merger with Time Warner.

The FTC appealed that decision and the case is still open. The agency pointed out that the ruling created a huge enforcement gap. At the time it of the FTC appeal it was assumed that the FCC would continue to regulate telecom-related issues for common carriers, but the FTC pointed out that the ruling meant that nobody was regulating non-common carrier activities of common carriers like AT&T.

Almost immediately after this court ruling the formerly unthinkable happened and the FCC now wants to walk away from regulating broadband – the most important of the common carrier activities of AT&T and other ISPs. In doing so, the FCC argues that the FTC will be able to take over the regulation of issues like privacy, billing abuses, excessive rates, etc. However, the 2016 court ruling says that the FTC has no jurisdiction over any of the actions of a common carrier like AT&T.

The fact that the FCC is walking away from its responsibilities does not somehow create the right for the FTC to step in and regulate common carriers. This means that after the FCC reverses Title II authority that there might be no agency in the federal government able to regulate any consumer activities of common carriers like AT&T, even in areas that are not telecom related. It would free up AT&T and other common carriers to subject customers to enormous abuses with nobody able to step in to protect customers. AT&T and other common carriers could inflict unimaginable abuses on customers without consequence, up perhaps to the point of outright fraud, at which point the Justice Department could probably intervene.

To make matters worse, the FTC is not sure that they can really regulate companies like AT&T even should they win the appeal of the AT&T lawsuit. FTC Commissioner Terrell McSweeny says in this opinion piece that the FTC is ill-equipped to regulate companies like AT&T. He says the agency is underfunded for such activities and doesn’t have a staff that has the technical expertise to understand complex telecom issues – exactly the kind of expertise that resides at the FCC.

https://qz.com/1144994/the-fcc-plans-to-kill-the-open-internet-dont-count-on-the-ftc-to-save-it/

 

McSweeny further says that even if the FTC is able to take on this role that the agency doesn’t really regulate companies. Instead, the agency punishes companies for consumer abuses, many years after transgressions. That is not the same thing as proactively establishing rules to regulate corporations. He says that the FTC could not really preclude AT&T from abusing customers, and at best could occasionally fine them for the worst of such abuses, many years after they occurred.

Sadly, we have an FCC that is aware of the regulatory gap and which is still willing to walk away from regulating broadband. It’s not hard to imagine what a company like AT&T might do with zero constraints. It’s likely that we’ll see huge price increases, unsavory practices like stringent data caps, constant violations of customer privacy through the mining of customer data, etc. The only constraint against such practices would be competitive pressures, but the other big ISPs in the market would also be unregulated and it’s not hard to imagine that cable companies would match AT&T abuses rather than compete against them.

Broadband Regulation is in Limbo

We have reached a point in the industry where it’s unclear who regulates broadband. I think a good argument can be made that nobody is regulating broadband issues related to the big ISPs.

Perhaps the best evidence of this is a case that is now in Ninth Circuit Court of Appeals in San Francisco. This case involves a 2014 complaint against AT&T by the Federal Trade Commission based on the way that AT&T throttled unlimited wireless data customers. The issue got a lot of press at the time when AT&T started restricting data usage in 2011 for customers when they hit some arbitrary (and unpublished) data threshold in a month. Customers got shuttled back to 3G and even 2G data speeds and basically lost the ability to use their data plans. The press and the FTC saw this as an attempt by AT&T to drive customers off their grandfathered unlimited data plans (which were clearly not unlimited).

AT&T had argued at the FTC that they needed to throttle customers who use too much data as a way to manage and protect the integrity of their networks. The FTC didn’t buy this argument ruled against AT&T. As they almost always do the company appealed the decision. The District Court in California affirmed the lower court ruling and AT&T appealed again, which is the current case in front of the Ninth Circuit. AT&T is making some interesting claims in the case and is arguing that the Federal Trade Commission rules don’t allow the FTC to regulate common carriers.

There are FTC rules called the ‘common carrier exemption’ that were established in Part 5 of the original FTC Act that created the agency. These exemptions are in place to recognize that telecom common carriers are regulated instead by the FCC. There are similar carve-outs in the FTC rules for other industries that are regulated in part by other federal agencies.

The common carrier exemption doesn’t relieve AT&T and other telecom carriers from all FTC regulation – it just means that the FTC can’t intercede in areas where the FCC has clear jurisdiction. But any practices of telecom carriers that are not specifically regulated by the FCC then fall under FTC regulations since the agency is tasked in general with regulating all large corporations.

AT&T is making an interesting argument in this appeals case. They argue since they are now deemed to be a common carrier for their data business under the Title II rules implemented in the net neutrality order that they should be free of all FTC oversight.

But there is an interesting twist to this case because the current FCC filed an amicus brief in the appeal saying that they think that the FTC has jurisdiction over some aspects of the broadband business such as privacy and data security issues. It is this FCC position that creates uncertainty about who actually regulates broadband.

We know this current FCC wants to reverse the net neutrality order, and so they are unwilling right now to tackle any major issues that arise from those rules. In this particular case AT&T’s throttling of customers occurred before the net neutrality decision and at that time the FCC would not have been regulating cellular broadband practices.

But now that the FCC is considered to be a common carrier it’s pretty clear that the topic is something that the FCC has jurisdiction of today. But we have an FCC that is extremely reluctant to take on this issue because it would give legitimacy to the net neutrality rules they want to eliminate.

The FCC’s position in this case leads me to the conclusion that, for all practical purposes, companies like AT&T aren’t regulated at all for broadband issues. The prior FCC made broadband a common carrier service and gave themselves the obligation to regulate broadband and to tackle issues like the one in this case. But the new FCC doesn’t want to assert that authority and even goes so far as to argue that many broadband related issues ought to be regulated by the FTC.

This particular case gets a little further muddled by the timing since AT&T’s practices predate Title II regulation – but the issue at the heart of the case is who regulates the big ISPs. The answer seems to be nobody. The FCC won’t tackle the issue and AT&T may be right that the FTC is now prohibited from doing so. This has to be a huge challenge for a court because they are now being asked who is responsible for regulating the case in front of them. That opens up all sorts of possible problems. For example, what happens if the court rules that the FCC must decide this particular case but the agency refuses to do so? And of course, while this wrangling between agencies and the courts is being settled it seems that nobody is regulating AT&T and other broadband providers.

Broadband CPNI?

FCC_New_LogoA group of consumer and privacy groups has asked the FCC to begin enforcing customer privacy rules. In the industry this process is called CPNI (customer proprietary network information) when applied to telephone and cable TV.

Now that the FCC has classified broadband as a common carrier service, they have the authority to investigate and regulate broadband privacy issues. This is something that the industry needs. Until now there has been very limited regulation of broadband by the Federal Trade Commission since the FTC authority was drawn only from the Children’s Online Privacy Act. But the FCC now has much stronger authority.

Current CPNI rules for telephone and cable TV are focused to a large degree on billing issues and on protecting private data like social security numbers, credit card numbers or other sensitive customer information. There is also a prohibition against disclosing the details of what customers do with those services – such as the calls they make or the channels they watch. (Of course, I guess we now know that the NSA is immune from the obligation to protect telephone records).

As sensitive as privacy matters are in those areas there are larger concerns with broadband. What people do online is extremely personal and the vast majority of Americans think that details of their online life should not be recorded or sold to others.

There are a whole lot of places that the FCC could go with broadband CPNI over and above the normal protections of billing data. For example, what are the obligations of companies to notify people when there has been a data breach and customer information has been compromised? Should ISPs have to disclose to customers if they use their data for any purposes or sell it to others in any form? And if so, how much do companies have to disclose?

An ISP is in very powerful position with a customer. If they wish to record what a customer does online they know everything that the customer isn’t somehow encrypted. They are the first in line to see outgoing bits and the only one to see all of the incoming bits.

The FCC has already started some internal work on the topic and held a workshop. From there the FCC has a number of options. They can first solicit comment and ideas from the public to see what kinds of sentiments are out there. It seems for almost everything the FCC does there are two sides of opinion, and there will be those that are in favor of very strong rules and those in favor of a very light touch. But the FCC would do well to hear all of these opinions before trying to formulate specific rules.

But they do have the option to go straight to a rulemaking. They could propose specific CPNI rules and let everybody take pot shots at them. I’m suspecting that for something this new and different that they are going to want to hear all sides of the arguments first before developing rules. The FCC also might be slow-rolling this. The whole Title II regulatory process is under appeal in the courts and they might not want to go too far down any path until they feel more secure that the courts believe they have the authority to regulate broadband in this manner.

One thing that we can probably expect from the FCC is that whatever they do is going to apply to ISPs but not to what they call edge providers. That would be all of the companies like Google and Facebook that operate on the web and that are not under the Title II regulatory regime. I know that consumer groups are going to want that kind of protection because I think it’s generally assumed that it’s the edge providers – and not the ISPs – that are using and misusing people’s data today.

The Gigabit Dilemma

common carrierCox recently filed a lawsuit against the City of Tempe, Arizona for giving Google more preferable terms as a cable TV provider than what Cox has in their franchise with the city. Tempe undertook the unusual step in creating a new license category of “video service provider’ in establishing the contract with Google. This is different than Cox, which is considered a cable TV provider as defined by FCC rules.

The TV offerings from the two providers are basically the same. But according to the Cox complaint Google has been given easier compliance with various consumer protection and billing rules. Cox alleges that Google might not have to comply with things like giving customers notice of rate changes, meeting installation time frames, and even things like the requirement for providing emergency alerts. I don’t have the Google franchise agreement, so I don’t know the specific facts, but if Cox is right in these allegations then they are likely going to win the lawsuit. Under FCC rules it is hard for a city to discriminate among cable providers.

But the issue has grown beyond cable TV. A lot of fiber overbuilders are asking for the right to cherry pick neighborhoods and to not build everywhere within the franchise area – something that incumbent cable companies are required to do. I don’t know if this is an issue in this case, but I am aware of other cities where fiber overbuilders only want to build in the neighborhoods where enough customers elect to have them, similar to the way that Google builds to fiberhoods.

The idea of not building everywhere is a radical change in the way that cities treat cable companies, but is very much the traditional way to treat ISPs. Since broadband has been defined for many years by the FCC as an information service, data-only ISPs have been free to come to any city and build broadband to any subset of customers, largely without even talking to a city. But cable TV has always been heavily regulated and cable companies have never had that same kind of freedom.

But the world has changed and it’s nearly impossible any more to tell the difference between a cable provider and an ISP. Companies like Google face several dilemmas these days. If they only sell data they don’t get a high enough customer penetration rate – too many people still want to pay just one provider for a bundle. But if they offer cable TV then they get into the kind of mess they are facing right now in Tempe. To confuse matters even further, the FCC recently reclassified ISPs as common carriers which might change the rules for ISPs. It’s a very uncertain time to be a broadband provider.

Cities have their own dilemmas. It seems that every city wants gigabit fiber. But if you allow Google or anybody into your city without a requirement to build everywhere within a reasonable amount of time, then the city is setting themselves up for a huge future digital divide within their own city. They are going to have some parts of town with gigabit fiber and the rest of the town with something that is probably a lot slower. Over time that is going to create myriad problems within the city. There will be services available to the gigabit neighborhoods that are not available where there is no fiber. And one would expect that over time property values will tank in the non-fiber neighborhoods. Cities might look up fifteen years from now and wonder how they created new areas of blight.

I have no idea if Google plans to eventually build everywhere in Tempe. But I do know that there are fiber providers who definitely do not want to build everywhere, or more likely cannot afford to build everywhere in a given city. And not all of these fiber providers are going to offer cable TV, and so they might not even have the franchise discussion with the city and instead can just start building fiber.

Ever since the introduction of DSL and cable modems we’ve had digital divides. These divides have either been between rich and poor neighborhoods within a city, or between the city and the suburban and rural areas surrounding it. But the digital divide between gigabit and non-gigabit neighborhoods is going to be the widest and most significant digital divide we have ever had. I am not sure that cities are thinking about this. I fear that many politicians think broadband is broadband and there is a huge current cachet to having gigabit fiber in one’s city.

In the past these same politicians would have asked a lot of questions of a new cable provider. If you don’t think that’s true you just have to look back at some of the huge battles that Verizon had to fight a decade ago to get their FiOS TV into some cities. But for some reason, which I don’t fully understand, this same scrutiny is not always being applied to fiber overbuilders today.

It’s got to be hard for a city to know what to do. If gigabit fiber is the new standard then a city ought to fight hard to get it. But at the same time they need to be careful that they are not causing a bigger problem a decade from now between the neighborhoods with fiber and those without.