TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

On January 3, several US trade associations and internet service providers (ISPs) submitted petitions requesting that the Federal Communications Commission (FCC) reconsider its broadband privacy rules mandating consumer opt-in before using data for marketing purposes.

Among those groups submitting petitions are the United States Telecom Association, NCTA - Internet and Television Association, Competitive Carriers Association, Association of National Advertisers, American Association of Advertising Agencies, American Advertising Federation, Data & Marketing Association, Interactive Advertising Bureau, and Network Advertising Initiative.

On April 27, the US House of Representatives (House) voted 419-0 to approve the Email Privacy Act (Act). Background information on the Act can be found in our April 19 Sourcing @ Morgan Lewis post.

It remains unclear as to whether or when the US Senate may address or act on the Act; however, the unanimous House vote may add some pressure on the Senate to move towards approval. We will continue to provide updates as they occur.

On April 13, the US House Committee on the Judiciary (the Committee) voted 28-0 to approve the Email Privacy Act (Act), which would, among other things, require federal authorities to obtain a warrant from a judge to access all emails or other digital communications. 

The Act would amend the Electronic Communications Privacy Act of 1986 (1986 Act), which prohibits providers of remote computing services or electronic communication services from knowingly divulging to government entities the contents of any communication that is in electronic storage or otherwise maintained by a provider, subject to certain exceptions. Under the 1986 Act, as currently in effect, law enforcement and civil agencies may request such communications so long as they are more than 180 days old (and considered abandoned property) with only a subpoena. Unlike warrants, subpoenas can be issued without proof of probable cause. The Act would now require government authorities to obtain a warrant before requiring providers to disclose the content of such communication, regardless of how long the communication has been held in electronic storage.   

On March 31, the Federal Communications Commission (FCC), voting 3-2 along party lines, adopted a Notice of Proposed Rulemaking (NPRM) to establish a set of regulatory data security and privacy rules for broadband Internet access service providers (ISPs). If approved, these proposed rules would regulate how ISPs use and share consumer data. The FCC has commenced a comment period—comments are due May 27, 2016, and reply comments are due June 27, 2016.

Background

In its 2015 Open Internet Order (Order), the FCC reclassified ISPs as “common carriers,” which are subject to certain privacy protections of Title II of the Communications Act of 1934 (Act). Although section 222 of the Act (Section 222) was included, the FCC conceded that its existing Consumer Proprietary Network Information (CPNI) rules were specific to voice services and would not apply to ISPs. The FCC noted then that this NPRM would be forthcoming. (See our LawFlash discussing the Order: FCC Adopts Open Internet (Net Neutrality Rules).)

Beyond imposing new rules on ISPs, the FCC’s reclassification may have ultimately dispossessed the Federal Trade Commission (FTC), much to its opposition, of its jurisdiction over ISP privacy violations, because common carriers are an exception to the FTC’s consumer marketplace enforcement authority. In the NPRM, the FCC reasons that “the current federal privacy regime, including the important leadership of the [FTC] . . . does not now comprehensively apply the principles of privacy protection to these 21st century telecommunications services provided by broadband networks. That is a gap that must be closed...”