Sen. Jeff Flake (R-Ariz.) is among the latest from Capitol Hill to weigh in on the FCC's broadband CPNI (customer proprietary network information) privacy proposal. But rather than simply fire off a letter to FCC chairman Tom Wheeler—which he also did—he sent the commission a nine-page formal comment—complete with appropriate header and docket number—outlining his problems with the plan, which are many.
He says the proposal—to require subs to opt in to third party marketing use of their info—rather than simply be informed of its use and allowed to opt out—is flawed as a matter of law and policy, is unnecessary, burdensome, unconstitutional, and is only defensible due to the FCC's reclassification of ISPs under Title II common carrier regs, which he clearly doesn't like much, either.
Flake is chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, which held a hearing on the proposal two weeks ago.
Flake is one of those who asked Wheeler to extend the comment period for the proposal—the FCC did not.
He argues in his comments that ISP use of customer data for marketing is lawful and non-misleading commercial speech protected by the First Amendment, which he says makes the FCC proposal to restrict it to opt in unconstitutional.
He pointed to the Tenth Circuit Court of Appeals ruling on cable CPNI back in 1998 that said by "restricting the advertisers audience through data use, the FCC was restricting advertiser's speech."
Flake says the same applies to the broadband CPNI proposal. "In allowing ISPs to use so-called customer proprietary information (CPI) for marketing purposes only after having obtained affirmative [opt in] consent, the FCC is employing the same exact kind of marketing speech restriction. This ISP data use is entitled to protection under the Constitution."
The FCC is not prevented from restricting speech, but it becomes a higher bar to justify than non-speech-related regs and must be narrowly tailored to further a substantial government interest.
Flake says the "generalized interest" in privacy does not rise to that level.
"While it might be too much to ask that the FCC abandon the folly that is its crusade to regulate the Internet through common carrier reclassification, it should at least adopt the light-touch, opt-out approach to data privacy employed by the Federal Trade Commission."
The FTC used to oversee broadband privacy but had to deed that to the FCC after the commission reclassified it as a common carrier beyond the reach of the FCC.
MVPDs have argued that the FCC should take the same approach as the FTC, which, lacking strong rulemaking authority, enforces privacy by suing companies that violate privacy policies as an unfair and deceptive practice.