The House Communications Subcommittee sparred in a hearing Wednesday (July 11) over protecting Customer Proprietary Network Information (CPNI), with sharp differences over how consumer data privacy should be protected.
Subcommittee chair Marsha Blackburn (R-Tenn.) joined other Republican members and some two of three hearing witnesses in calling for uniform data protection authority over edge providers, as well as networks, enforced by the Federal Trade Commission.
Their main theme was that it made no sense for calls made over a cell phone using the public switched network or interconnected VoIP to be subject to FCC CPNI rules, but not if that same call were placed to the same person using a third-party app and non-interconnected VoIP. The bottom line: Calls made over packets and switched-access lines should have the same regulatory treatment.
Democrats argued that the FTC's lack of rulemaking authority, lack of staff and lack of specific technical expertise made it a rather toothless watchdog; and that "uniform" meant one-size-fits-all, and under a regime less able to prevent breaches than one under a rulemaking authority like the FCC, or under the FTC if Congress were to give it rulemaking authority.
Blackburn has proposed the Balancing the Rights of Web Surfers Equally and Responsibly (BROWSER) Act of 2017, which would designate the FTC as the sole enforcer of online privacy and apply the same privacy regime to ISPs and edge providers, a regime similar to the one the FCC imposed on ISPs before it was nullified.
Since Blackburn led the successful effort to nullify the FCC's broadband privacy regime, she came in for some hefty criticism from Democrats for "repealing privacy rules in the name of protecting consumer privacy," as Rep. Jerry McNerney (D-Calif.) put it.
Rep. Anna Eshoo (D-Calif.) was more blunt about the impact of Blackburn's successful Congressional Review Act (CRA) resolution rolling back the FCC privacy regime: "Congress wiped out privacy protections for the American people. Period. "
Democrats were mostly focused on how ISPs were no longer subject to an FCC, rulemaking authority-driven regime and how they might abuse that, while Republicans were focused on the fact that edge providers were not subejct to the same voice CPNI privacy protections as common carriers -- including cable VoIP -- simply because of the technology involved.
Democrats also were dissing the BROWSER Act because it did not provide any rulemaking authority to the FTC, for one thing, and did preempt state privacy efforts, like the recent California privacy bill.