The Republican-led FCC’s effort to get out of the business of regulating broadband providers’ consumer practices took a step forward on Monday.  In an appeal that has been proceeding in parallel with the FCC’s “Restoring Internet Freedom” reclassification proceeding, the U.S. Court of Appeals for the Ninth Circuit issued an opinion giving the Federal Trade Commission (FTC) broad authority over practices not classified by the FCC as telecommunications services.  Specifically, the Ninth Circuit, sitting en banc, issued its long-awaited opinion in Federal Trade Commission v. AT&T Mobility, holding that the “common carrier exemption” in Section 5 of the FTC Act is “activity based,” exempting only common carrier activities of common carriers (i.e., the offering of telecommunications services), and not all activities of companies that provide common carrier services (i.e., rejecting a “status-based” exemption).  The case will now be remanded to the district court that originally heard the case.  Coupled with the FCC’s reclassification of Broadband Internet Access Services (BIAS) in the net neutrality/restoring internet freedom proceeding, the opinion repositions the FTC as top cop on the Open Internet and broadband privacy beats.

Background

As we discussed in several earlier blog posts, this case stems from a complaint that the FTC filed against AT&T Mobility in the Northern District of California in October 2014 alleging that AT&T deceived customers by throttling their unlimited data plans without adequate disclosures.  AT&T moved to dismiss the case on the grounds that it was exempt under Section 5, based on its status as a common carrier, but the district court denied the motion, finding that the common carrier exemption was activity-based, and AT&T was not acting as a common carrier when it offered mobile broadband service, which, at the time the FCC classified as a non-common-carrier “information service.”  AT&T appealed and a three-judge panel of the Ninth Circuit reversed the district court, holding that the common carrier exemption was “status-based,” and the FTC lacked jurisdiction to bring the claim.  As we noted then, the three-judge panel’s decision was the first recent case to address the “status-based” interpretation of the common carrier exemption, and the decision – if it stood – could re-shape the jurisdictional boundaries between the FCC’s and the FTC’s regulation of entities in the communications industry.

The En Banc Court’s Analysis

The FTC appealed the case to an en banc panel of the Ninth Circuit, which issued its opinion this week.  The court’s decision relied on the text and history of the statute, case law, and significant deference to the interpretations of the FTC and FCC, which both view the common carrier exemption as activity-based rather than status-based.

The Court first analyzed the history of Section 5 and the common carrier exemption.  It found that the Congress intended the exemption to be activity based and rejected textual arguments advanced by AT&T that other statutory provisions—including Section 6 of the FTC Act and the Packers and Stockyard Exception—demonstrated that the common carrier exemption was status based.  The Court gave significant weight to the understanding of common carriers in 1914, when the FTC Act was first passed, and legislative statements made during consideration of that Act.

The Court then addressed case law that an entity can be a common carrier for some activities but not for others.  The Court found this case law to support an activity-based interpretation of the common carrier exemption.  Specifically, the Court found that while Congress has not defined the term “common carrier,” Supreme Court case law leading up to and following the passage of the FTC Act interpreted the term “common carrier” as an activity-based classification, and not as a “unitary status for regulatory purposes.”  The Court found that its approach was consistent with the Ninth Circuit’s longstanding interpretation of the term “common carrier” as activity-based, as well as the interpretations of the Second, Eleventh, and D.C. Circuits.  (AT&T did not contest these cases, but instead argued that the FCC had many legal tools to address non-common carrier activities, including Title I ancillary authority and potential structural separation.)

Notably, the Court also provided significant deference to the views of the FTC and FCC, both of which have recently expressed the view that the FTC could regulate non-common carrier activities of common carriers.  The Court cited the FCC’s amicus brief before the en banc panel and a 2015 Memorandum of Understanding between the two agencies that interpreted the common carrier exemption as activity-based.

Finally, the Court rejected arguments that the FCC’s 2015 Open Internet Order reclassifying mobile broadband as a common carrier service (or the FCC’s 2017 Restoring Internet Freedom Order reversing that classification) retroactively impacted the outcome of the appeal.

Agency Response

After the court issued its opinion, both FTC Acting Chairman Maureen Ohlhausen and FCC Chairman Ajit Pai applauded the ruling.  Chairman Ohlhausen stated that the ruling “ensures that the FTC can and will continue to play its vital role in safeguarding consumer interests including privacy protection, as well as stopping anticompetitive market behavior,” while Chairman Pai stated that the ruling is “a significant win for American consumers” that “reaffirms that the [FTC] will once again be able to police Internet service providers” after the Restoring Internet Freedom Order goes into effect.

Our Take

The Ninth Circuit’s ruling is unsurprising in some senses.  When a court grants en banc review, it often is for the purpose of reversing or at least narrowing the panel’s initial decision.  AT&T also faced fairly strong questioning during the oral argument in September.  Further, the Court’s decision affirms a position that the FTC had taken for many years and that the FCC – as evidenced by the 2015 Memorandum of Understanding – supported.  Thus, the en banc court here effectively affirms current practice.

All of that said, the issue is not settled.  AT&T’s reaction was decidedly muted, and it may still seek Supreme Court review of the question.  This option may be particularly attractive to AT&T because it noted several times during the oral argument that it faced both FTC and FCC enforcement actions against it for allegedly the same activities.  The Ninth Circuit did not mention the FCC enforcement action or the potentially conflicting interpretations of AT&T’s obligations.  It is not clear whether both actions could or would proceed as a result of the decision.

Going forward, once the FCC’s Restoring Internet Freedom Order takes effect, we can expect that the FTC will serve as the top cop for alleged broadband consumer protection violations, including with respect to open Internet- and privacy-related complaints.  And yet, there is still some uncertainty.  The FCC’s Restoring Internet Freedom Order is under appeal.  If the appeals court that ultimately hears the challenges to the Restoring Internet Freedom Order were to reverse the Order, the possibility exists that broadband services would again come under FCC common carrier jurisdiction, thereby exempting the provision of such services from FTC jurisdiction even under an activity-based interpretation of the FTC Act.  Thus, we may not have finality on broadband regulation, despite the Court’s decision this week.

More broadly, we expect that the FTC will continue to push for eliminating the common carrier exemption altogether before the Congress, as it has for many years.  Congressional action to repeal the exemption appears unlikely in the near term.

At least for now, broadband providers should continue to ensure that their privacy and broadband practices are in line with FTC guidelines and judicial interpretations of Section 5, and should comply with remaining FCC Open Internet requirements, such as the transparency rule.

On Thursday, February 22, 2018, the Federal Communications Commission (FCC or Commission) published the Restoring Internet Freedom Order (the Order) in the Federal Register.

As we previously discussed, the Order effectively reverses the Commission’s 2015 Open Internet Order, reclassifying broadband Internet access service as a lightly regulated Title I “information service” and eliminating the 2015 Order’s open Internet rules (while retaining a modified version of the transparency requirement).

The Order will not go into effect until after the Office of Management and Budget completes its Paperwork Reduction Act review, which could take several months. However, last Thursday’s publication is significant because it triggers deadlines for challenges to the Order, both in the courts and in Congress.

The Federal Register publication gives litigants ten days to file petitions for review in federal courts of appeals if they would like to be included in a court lottery to determine the venue for consolidating the Order’s challenges. The following petitions have already been filed:

  • New York District Attorney General Eric Schneiderman announced he and 22 other Democratic attorneys general filed a petition for review at the U.S. Court of Appeals for the D.C. Circuit;
  • Public Knowledge, Mozilla, Vimeo, National Hispanic Media Coalition, and New America’s Open Technology Institute each filed petitions for review in the D.C. Circuit;
  • The California Public Utilities Commission and Santa Clara County each filed appeals in the Ninth Circuit;

Several other parties, including the Internet Association (representing Google, Microsoft, and Amazon, among others), INCOMPAS, the Computer & Communications Industry Association (CCIA), and Free Press are expected to file petitions for review in the near term.

Federal Register publication also allows lawmakers to formally introduce a Congressional Review Act (CRA) resolution of disapproval, which would reverse the Order and prevent the Commission from subsequently introducing a substantially similar Order. While CRA resolutions are a powerful tool in the hands of the majority – as we saw with the rollback of the Broadband Privacy Order earlier this year – as the minority party, the Democrats are at a significant disadvantage. Senator Ed Markey, D-MA, and House Communications Subcommittee ranking member Mike Doyle, D-PA, have led the Democrat’s effort to draft a CRA resolution to nullify the Order. At the time of this blog post, the CRA resolution had 50 Senator co-sponsors, including all 49 Democratic senators and Senator Susan Collins, R-ME.  President Trump is not expected to support the CRA resolution, even if the measure passed both chambers of Congress.

In addition to activities in federal court and in Congress, 26 states are considering net neutrality legislation, and five state governors have issued executive orders regarding net neutrality following the Commissioners’ December 2017 vote.

We will follow up this blog post with a more comprehensive review of the Restoring Internet Freedom Order soon. In the meantime, contact any of the authors of this blog post for more information on the proceeding.

On November 21, 2017, FCC Chairman Ajit Pai issued a statement announcing that he had circulated his draft Restoring Internet Freedom Order to his fellow commissioners. The draft Order will largely undo the 2015 Open Internet Order and limit FCC jurisdiction over broadband Internet access services, although it appears that the order will retain a transparency requirement for broadband providers.  Fellow Republican FCC Commissioners Brendan Carr and Michael O’Rielly cheered the anticipated release, while Democratic Commissioners Mignon Clyburn and Jessica Rosenworcel opposed it.  Commissioners of the FTC—which could be the largest jurisdictional beneficiary of the Order, subject to a pending en banc proceeding in the Ninth Circuit—were similarly split down party lines in their reaction to the news.  Acting FTC Chairman Maureen Ohlhausen issued a statement expressing gratification that the FCC appeared to take the FTC Staff’s and Acting FTC Chairman’s public comments into consideration in formulating the draft Order.  The FCC will release the draft item on November 22nd, and is set to vote on the item on December 14th.  We will update you on the scope and implications of the draft Order when Chairman Pai releases it.

On October 6, 2016, Federal Communications Commission (FCC or Commission) Chairman Tom Wheeler published a blog entry on the Commission’s website outlining proposed privacy rules for broadband Internet Service Providers (ISPs). The proposed rules are scheduled to be considered by the full Commission at its monthly meeting on October 27, 2016. These rules come after the Commission received substantial public comment on its March notice of proposed rulemaking (discussed in an earlier blog post) from stakeholders representing consumer, public interest, industry, academics, and other government entities including the Federal Trade Commission (FTC). The proposed rules appear to soften several elements of the Commission’s initial proposal, which received considerable industry criticism.

The actual text of the proposed order is not available, however, a fact sheet along with the Chairman’s blog post outlines the details of the proposal. Under the proposal, mobile and fixed broadband ISPs would have the following requirements:

  • Clear Notification. ISPs would be required to notify consumers about the type of information they collect; explain how and for what purposes that information can be shared or used; and identify the types of entities with which they share information. ISPs will also be responsible for providing this information to customers when they sign up for a service and regularly informing them of any significant changes. The Commission’s Consumer Advisory Committee will be tasked with creating a standardized privacy notice format that will serve as a “safe-harbor” for those ISPs that choose to adopt it.
  • Information Sensitivity-Based Choice. ISPs must get a customer’s “opt-in” consent before using or sharing information deemed sensitive. Geo-location information, children’s information, health information, financial information, social security numbers, web browsing history, app usage history, and communications content are the broad categories of data that would be considered sensitive. All other individually identifiable customer information would be deemed non-sensitive, and will be subject to an “opt-out” approval requirement. For example, the use of service tier information to market an alarm system would be considered non-sensitive and opt-out policies would be appropriate, consistent with customer expectations.  Finally, the rules will infer consent for certain purposes identified in the Communications Act, including the provision of broadband service or billing and collection.
  • Security.
    • Protection: ISPs must take reasonable measures to protect consumer information from vulnerabilities. To help ensure reasonable data protection efforts, ISPs may: a) adopt current industry best practices; b) provide accountability and oversight for security practices; c) use robust customer authentication tools; and d) conduct data disposal consistent with FTC best practices and the Consumer Privacy Bill of Rights.
    • Breach Response: ISPs must notify customers when data is compromised in a way that results in unauthorized disclosure of personal information. ISPs must notify a) the customer no later than 30 days after discovery of the breach; b) the FCC no later than 7 business days after discovery; and c) if it affects more than 5,000 customers, the FBI and U.S. Secret Service no later than 7 business days after discovery.

The proposal addresses other issues, such as,

  • sharing and using de-identified information consistent with the FTC framework;
  • the use of take-it-or-leave-it data usage or sharing policies; and
  • heightened disclosure requirements for discount plans based on consent to data use.

The proposal emphasizes its focus on broadband services. The proposed rules will not apply to the privacy practices of websites or apps, including those operated by ISPs for their non-broadband services, as the Commission believes this is the purview of the FTC.  This is particularly notable in light of the recent 9th Circuit AT&T decision, which has further blurred the boundaries of the FCC and FTC’s jurisdiction (addressed in an earlier blog post). In that case, the Court determined that the FTC’s “common carrier exemption” is “status-based,” and as such exempts telecommunications carriers (like ISPs) from FTC jurisdiction, regardless of whether the company in question is engaging in common carrier activities. Presumably, the 9th Circuit’s reading of the common carrier exemption would extend to websites and apps provided by an ISP, although Chairman Wheeler appears to take a different reading in his privacy proposal.

In response to Chairman Wheeler’s proposal, FTC Chairwoman Ramirez expressed her pleasure with the FCC’s efforts to protect consumer privacy.

We will be tracking this proceeding as it develops, and will follow up with a client advisory when the Commission releases its final rules.

*Avonne Bell, an associate in Kelley Drye’s Communications Practice Group, co-authored this post.