What is Light-Touch Regulation?

One thing I’ve noticed recently is that a lot of people are climbing on board the idea of building better broadband to rural America. A lot of people seem to think that the FCC can somehow act to fix a lot of the shortcomings of rural broadband – but in doing so they have missed the entire point of what the FCC calls ‘light-touch’ regulation – because, from a practical perspective, broadband is not regulated at all.

It’s not hard to understand why people would misunderstand the situation, because ‘light-touch regulation’ is one of those euphemisms that governments invent to disguise what they are really doing. Chairman Pai at the FCC never misses an opportunity to talk about his regime of light-touch regulation. I have to wonder if there would be as much support for the light-touch regulation if that phrase was replaced with the simpler and more descriptive phrase ‘deregulated’. I suspect a lot of people would be uncomfortable that one of our largest industries is largely deregulated.

The FCC pulled off this huge change by hiding the deregulation inside of their move to undo net neutrality. The FCC didn’t just reverse the net neutrality rules put into place by the previous FCC, they killed Title II regulation – which is the authority given to the FCC by Congress to regulate ISPs as common carriers. The FCC gave up Title II authority and gave the tiny remaining vestiges of broadband regulation to the Federal Trade Commission – even though the FTC is not a regulatory agency. The FTC doesn’t create or enforce new rules – they are more like corporate police that fine corporations when they’ve abused their customers too egregiously.

What does it mean to give up Title II authority? The FCC can no longer judge, or even track broadband prices. ISPs are free to raise rates to any level they want and make any profits they want. There hasn’t been an FCC since the dawn of the broadband industry that has invoked price regulation – but the fact that they could always acted as a brake on bad ISP behavior.

The FCC can no longer intervene in disputes between ISPs or with their biggest customers. Under Title II regulation, the FCC could decide if an ISP was fairly dealing with Netflix or some other large user of broadband. When Title II regulation was killed, the FCC stopped acting as the arbiter in industry disputes – ISPs are free to act in any way they want.

The FCC can’t even intervene when ISPs abuse customers. I recently wrote about the FCC complaint process. Before the end of Title II regulation, ISPs would try to resolve issues raised during the complaint process. The FCC had the authority to make ISPs treat customers fairly if they decided to exercise it – and it was the threat of the FCC creating new rules that made ISPs willing to curb some of their worst behavior. But now the FCC is nothing more than a gatekeeper – they lamely pass on consumer complaints to ISPs, which the ISPs largely toss into the wastebasket since the FCC no longer has any regulatory teeth.

It’s not completely fair to say that ISPs are 100% deregulated because there are a few areas of regulation that were not created under Title II authority that are still in place. For example, the Patriot Act created the requirement that ISPs have to allow federal law enforcement to be able to ‘wiretap’ broadband connections in the same way they used to wiretap telephone connections. The FCC can’t shed that responsibility and so they still enforce the CALEA rules that require ISPs to respond to subpoenas.

There are also various types of privacy and billing rules that were the result of other acts by Congress, and the FCC still oversees these remaining vestiges of regulation. As an example, the whole recent controversy over removing Section 230 protections for online companies like Twitter also applies to ISPs and is enforced by the FCC.

But the core basis for FCC regulation of ISPs was due to the fact that ISPs are common carriers, similar to telephone companies or cellular carriers. ISPs provide a two-way communications path with customers, and it is that basic function that justified regulating them under Title II regulations.

The FCC undertook one of the most bizarre steps in regulatory history when their voluntarily neutered themselves as broadband regulators. They no longer have the authority to force the big telcos to provide better rural broadband. They no longer have the authority to stop an ISP from raising rates to the point of unaffordability. They no longer even have the power to stop an ISP from billing customers for non-existent products. This is all easy to remember if you replace the term light-touch regulation with unregulated.

The Government Needs to Address the Homework Gap

I’ve been at a bit of a loss over the last few days on what to write about, because suddenly newspapers, blogs, and social media are full of stories of how impossible it is for some students to work at home during the Covid-19 shutdowns. I’ve been writing this topic for years and there doesn’t seem to be a lot I can add right now – because the endless testimonials from students and families struggling with the issue speak louder than anything I can say.

There have been some tiny reactions of the federal government to help solve the issue. For example, the FCC removed the E-Rate exemption that said that government-powered broadband couldn’t be used for the general public. This allowed schools and libraries to aim their broadband outside for the general public and for students trying to keep up with homework. This was always a stupid restriction and I hope whatever DC bureaucrat originally dreamed this up is forced to use satellite broadband for the next year.

I’ve also seen notices from small ISPs that are distributing WiFi hotspots to students that need them. That is a great idea and I totally support. What I haven’t seen is anybody talking about who is going to pay the cellular data bills on those hotspots when they come due. Verizon has halped a little by temporarily adding 15 GB of usage to its data plans, but it doesn’t take long to rack up a big cellular data bill working on a hotspot.

These fixes are temporary bandaids. I’m sure any students benefiting by these recent changes are grateful. But it’s still second-class broadband that makes families park in cars while kids do homework. And as much as cellular hotspots are a great solution that brings broadband to the home – it’s also a curse if this brings monthly broadband bills of hundreds of dollars per month just to do homework.

I’m sure that most school systems will somehow slog through the rest of this school year. However, I’ve talked to several rural school administrators in the last week who worry that half of the children working at home are learning little or nothing while at home. I’ve seen school systems already asking if they should push all students to the next grade this year, whether they are ready or not.

The big challenge is going to come if this crisis carries forward into the next school year starting this fall. I doubt that there are many school systems with rural students that are ready to face this for a whole school year. Let’s hope that doesn’t happen, but if it does then our lack of broadband for students becomes a national shame.

I don’t have many suggested quick solutions that will help the homework gap by the fall. It’s hard to even predict how much fiber construction will be done this summer due to social distancing – likely less than was planned.

One might hope that communities will install many more outdoor-facing hotspots. It would be nice to see these at every government building and at socially-minded businesses everywhere. This is a fix that is within the reach of every community. Any business that has broadband ought to consider sharing it during the times of the day or night when the business isn’t using it. Let’s turn all parking lots for towns of all sizes into WiFi zones.

It would also be nice if the FCC could somehow turn up the pressure on the wireless carriers to provide fixed cellular broadband. This is the technology used by AT&T that beams data using cellular frequencies from cell sites to small dishes at homes. This provides a better indoor signal than regular cellular service, and the cellular companies price this more like a broadband service than cellular service. AT&T has halfheartedly rolled out the product as a way to implement their CAF II obligations – but the word from rural areas is that it’s not marketed and nearly impossible for customers to buy. T-Mobile promised to roll this product out in every rural market as part of the agreement to merge with Sprint and the government needs to hold their feet to the fire to make this happen quickly this year.

Unfortunately, the FCC sabotaged their ability to push for better broadband solutions when they killed Title II authority and stopped regulating broadband. The solution we really need this year is for Congress to resolve the Title II issue once and for all and to make the FCC responsible for finding broadband solutions. Right now everything the FCC says on the topic is rhetoric because they have no power to compel ISPs to do anything. This is no time for politics and rhetoric, but a time for action.

California’s Net Neutrality Bill

On the last day possible, Jerry Brown, the Governor of California passed SB 822, a state net neutrality bill into law. Within hours the US Justice Department filed a lawsuit against the California legislation.

As bill is relatively short and straightforward. The law applies to both landline and mobile broadband. The prohibitions against ISP behavior are detailed more clearly than in the old FCC net neutrality rules. Specifically, the California net neutrality law:

  • Prohibits ISPs from blocking lawful content;
  • Prohibits ISPs from impairing or degrading lawful Internet traffic except as is necessary for reasonable network management;
  • Prohibits ISPs from requiring compensation, monetary or otherwise, from edge providers (companies like Netflix or Facebook) for delivering Internet traffic or content;
  • Prohibits paid prioritization;
  • Prohibits zero-rating;
  • Prohibits interference with end user’s ability to select content, applications, services or devices;
  • Prohibits ISPs from offering any product that evades any of the above prohibitions;
  • Requires the full and accurate public disclosure of network management practices, performance, and clearly-worded terms of service.

As you would expect, the big ISPs in the state like AT&T and Comcast vehemently opposed the legislation and almost derailed its passage. Interestingly, the big edge providers like Google, Facebook and Netflix have remained quiet on the new law.

This is already shaping up to be one of the most interesting legal fights we’ve ever seen concerning the FCC. Chairman Pai and the other Republican FCC Commissioners immediately declared that the new law is invalid and that states can’t override FCC policy. The lawsuit filed by the Justice department says that California is “attempting to subvert the Federal Government’s deregulatory approach” to the Internet.

That’s where it gets interesting, because the FCC didn’t deregulate broadband. They instead took themselves out of the picture as a broadband regulator by cancelling Title II regulation of broadband, and passing regulation to the Federal Trade Commission.

The FCC could have chosen a different path, which would have been to continue to regulate broadband, but choosing to not require any specific regulatory requirements. That’s the tactic the agency has taken in the past when it decided to end some telephone regulations. The FCC still has the legal authority to re-regulate those telephone issues, but exercises its authority to not regulate – and maintaining the authority to authority is the key issue in this case. The FCC deliberately killed Title II regulation to make it harder for future a FCC to regulate broadband – but in doing so they literally wrote the agency out of the broadband regulation business.

The courts will have to decide if the federal government has any basis for overriding the California law. The FCC created a legal void when they walked away from regulating broadband. In regulatory terms broadband is not deregulated – it is not regulated, and while perhaps a subtle language difference, it’s a huge distinction.

The legal question is not if California is challenging the FCC’s authority to deregulate broadband, because the FCC themselves say they no longer have any authority over broadband. The courts will have to instead decide if a state can step into a regulatory void when the federal government walks away from regulating an industry. There are numerous lawyers saying that California has a strong legal position.

This is such a major decision that I’m guessing it’s going to have to eventually get resolved by the Supreme Court – and that’s going to take a while. The FCC created this situation by abrogating their responsibility to regulate broadband. It’s nearly unthinkable that one of the major industries in the country, operated mostly by a small number of giant companies should not be regulated. But the regulatory mess we have with broadband ultimately lies with Congress which has not passed an update to the telecom rules since 1996, when dial-up was our portal to the Internet.

The FTC and Net Neutrality

One of the lynchpins of the FCC’s plans to reverse net neutrality is their assertion that the Federal Trade Commission (FTC) is ready to step in and protect consumers from any abuse by the big ISPs. FCC Chairman Ajit Pai argues that the FTC should always have been the go-to agency for privacy issues and issues like broadband rates. However, it’s possible, and perhaps even likely that the FTC will be legally unable to take on that role.

There is an open lawsuit that challenges whether the FTC has any authority over big ISPs like AT&T. The FTC sued AT&T and levied a $100 million fine on the company for abuses of their unlimited cellular data plans. AT&T stopped selling unlimited data plans in 2011. But the company had sold millions of limited plans that had promised that customers could keep the plans for life. This is about the time that customers could actually begin using large amounts of cellular data due to the burgeoning OTT video market, and AT&T started to pressure customers to drop the grandfathered unlimited plans. AT&T eventually took steps to throttle unlimited data users and even went so far as to block customers from using Facetime, the Apple product that lets customers video chat.

AT&T immediately appealed the FTC decision using the argument that Section 5 of the original FTC charter precluded the agency from regulating ‘common carriers’. The original Telecommunications Act of 1934, which established the FCC, had defined common carrier to be a company that provide public telecommunications facilities – which has been taken to mean facility-based telecom providers. Originally the common carrier definition meant the old Ma Bell and other regulated telephone companies, but over the years the FCC has expanded that definition to include other telecom facility-based providers including cellular carriers and long-haul fiber owners.

In February of 2016 the appeals court agreed with AT&T and said that the FTC had no jurisdiction to regulate a common carrier, even for “non-common carrier activities”. This means that the FTC could not regulate AT&T for its telecom business, but also couldn’t regulate other endeavor that the company might undertake, such as AT&T’s actions as the owner of DirecTV or their future actions as a programmer after a merger with Time Warner.

The FTC appealed that decision and the case is still open. The agency pointed out that the ruling created a huge enforcement gap. At the time it of the FTC appeal it was assumed that the FCC would continue to regulate telecom-related issues for common carriers, but the FTC pointed out that the ruling meant that nobody was regulating non-common carrier activities of common carriers like AT&T.

Almost immediately after this court ruling the formerly unthinkable happened and the FCC now wants to walk away from regulating broadband – the most important of the common carrier activities of AT&T and other ISPs. In doing so, the FCC argues that the FTC will be able to take over the regulation of issues like privacy, billing abuses, excessive rates, etc. However, the 2016 court ruling says that the FTC has no jurisdiction over any of the actions of a common carrier like AT&T.

The fact that the FCC is walking away from its responsibilities does not somehow create the right for the FTC to step in and regulate common carriers. This means that after the FCC reverses Title II authority that there might be no agency in the federal government able to regulate any consumer activities of common carriers like AT&T, even in areas that are not telecom related. It would free up AT&T and other common carriers to subject customers to enormous abuses with nobody able to step in to protect customers. AT&T and other common carriers could inflict unimaginable abuses on customers without consequence, up perhaps to the point of outright fraud, at which point the Justice Department could probably intervene.

To make matters worse, the FTC is not sure that they can really regulate companies like AT&T even should they win the appeal of the AT&T lawsuit. FTC Commissioner Terrell McSweeny says in this opinion piece that the FTC is ill-equipped to regulate companies like AT&T. He says the agency is underfunded for such activities and doesn’t have a staff that has the technical expertise to understand complex telecom issues – exactly the kind of expertise that resides at the FCC.

https://qz.com/1144994/the-fcc-plans-to-kill-the-open-internet-dont-count-on-the-ftc-to-save-it/

 

McSweeny further says that even if the FTC is able to take on this role that the agency doesn’t really regulate companies. Instead, the agency punishes companies for consumer abuses, many years after transgressions. That is not the same thing as proactively establishing rules to regulate corporations. He says that the FTC could not really preclude AT&T from abusing customers, and at best could occasionally fine them for the worst of such abuses, many years after they occurred.

Sadly, we have an FCC that is aware of the regulatory gap and which is still willing to walk away from regulating broadband. It’s not hard to imagine what a company like AT&T might do with zero constraints. It’s likely that we’ll see huge price increases, unsavory practices like stringent data caps, constant violations of customer privacy through the mining of customer data, etc. The only constraint against such practices would be competitive pressures, but the other big ISPs in the market would also be unregulated and it’s not hard to imagine that cable companies would match AT&T abuses rather than compete against them.

The New FCC Broadband Privacy Rules

FCC_New_LogoThe FCC passed new privacy rules last week and the new rules are largely aimed at Comcast, AT&T, Verizon and other large ISPs. Most small ISPs do not participate today in the practices that the new rules are aimed at stopping. For the most part the rules won’t affect smaller companies much other than having more annual pieces of paper to file at the FCC saying that you follow the rules – and you probably already do.

The rules are aimed at protecting customers from abuse by ISPs, who by definition have the most access to a customer’s data. An ISP knows every web site visited, every web purchase made, every email and every instant message sent.

This is probably the FCC’s biggest use so far of its new Title II authority over broadband. The FCC knows this is going to be challenged in court, so the new rules don’t go into effect for a year, giving the lawsuits a chance to resolve.

I’m not going to repeat all of the specifics of how this works, but rather concentrate on what it means to the industry as a whole:

Customers have a right of privacy. The new rules create a new right that a customer’s data – where they search on the web, what they say in emails and texts – all belong to them. Each customer now has the right to decide if the ISP can use it. Today an ISP knows everything a customer does on the web that is not encrypted, and even with encryption they know the web sites visited. But the FCC now makes it clear that this customers can keep this personal information private if they so desire.

ISPs need to ask for permission to use customer data. The new rules compel ISPs to explicitly ask for permission to use customer data. I suspect ISPs are not going to be allowed to bury this choice inside a terms of service.

I would expect that big ISPs are going try to entice people to be able to use their data. They might offer lower prices or entice people by forwarding coupons to them from around the web for things they are interested in. But at the end of the day it’s the customer’s choice to allow or not allow their ISP to use the data. And there might be nuances. ISPs might ask to track where customers go on the web but not read emails. The rules would allow options for the ISP.

ISPs must say what they do with customer data. If somebody gives an ISP permission to use their data the ISP must disclose how they are going to use it. Are they using it only for their own marketing efforts or are they going to sell it to others? Right now, consumers don’t know what information is being collected by their ISPs, nor what’s being done with it.

ISPs will have to protect customer data. The new rules also place more responsibility on ISPs to protect customer data from hackers. This is perhaps the one area of the new rules that will have the most impact on smaller ISPs. ISPs must use best industry practices and also notify customers when there has been a data breach. And they must notify the FBI if a breach involves more than 5,000 customers.

This does not affect edge providers. The new rules only apply to ISPs. They do not apply to ‘edge providers’ like social media sites or search engines. Those companies are still allowed to use customer data in any manner they want since customers come to them voluntarily. So Facebook and Google are still free to use customer data since people use those sites voluntarily. This is the killer for the giant ISPs because they see how much money the edge providers make from using customer data from advertising and other uses. But it’s not clear if the FCC has any authority over edge providers.

Another big gap is the Internet of Things. As we saw in the recent giant denial of service attack, the devices used in the Internet of Things – thermostats, cameras, smart appliances, etc. – are not well protected. IoT companies also are capable of gathering a lot of information about customers. This will become a much bigger issue as people start using devices that include artificial intelligence like the Amazon Echo. It would be natural for the FCC to declare that IoT providers are also ISPs of a sort and regulate them that way. I expect that nothing will be done with IoT until this set of rules makes it through the court challenges.