Microsoft Has Issues With FCC Set-Top Proposal

Suggests fixes in meeting with top FCC officials
Author:
Publish date:
452292684.jpg

Executives from Microsoft met with FCC officials last week—including a top advisor to FCC chairman Tom Wheeler—armed with some issues related to Wheeler's set-top box proposal, currently circulated to the commissioners for a vote, including that the company does not want the FCC to apply overbroad privacy certifications to navigation device makers or expand the definition of personally identifiable information (PII).

The company focused on the assertion that "the privacy protections that exist today for consumers of pay-TV providers will be preserved no matter what device is used.”

Microsoft said that the FCC needs to clarify that any obligation to apply MVPD privacy rules "should apply only to data that is derived exclusively from the MVPD data stream. Overbroad application of the certification requirement would interfere with the collection and use of data to support other legitimate functions of multi-use devices, including operations to maintain the security of the device." 

Related: Wheeler Open to Set-Top Plan Changes

Given that the FCC was coming up with the privacy certification requirement, but the FTC had authority over enforcing it—and the certification would govern collection of PII—the company said there was a risk that the FTC "could enforce the certification requirement differently than the FCC intends because the FCC and the FTC may afford different meanings to the term 'personally identifiable information.'”

"The FCC’s rule should specify that certifications made under its rules will certify to the treatment of PII only as that term has been interpreted to date under Sections 551 [cable privacy] and 338 [satellite privacy] of the Communications Act," Microsoft said. Under that current interpretation, PII does not include aggregate data that does not identify a particular person, for example.

Lastly, Microsoft said that if device makers have to comply with the annual notice requirements in MVPD privacy rules, they should be able to do it in an online privacy policy notice.

That is because since device manufacturers don't routinely mail bills to customers, they would have to collect more personal info from device owners—names and addresses—than they ordinarily do, "which would be inconsistent with overarching data minimization principles."

Related