In the past five months, we’ve seen a significant shift in the direction of privacy regulation at the federal level. As discussed in our previous post, Congress voted (and President Trump signed) a resolution repealing last year’s FCC Order that imposed greater obligations on broadband Internet service providers and other carriers regarding the protection of customer data. The FCC and FTC also announced that they intend to reverse the FCC’s 2015 decision to treat broadband Internet service providers as Title II common carriers, which would effectively return jurisdiction over broadband Internet service providers to the FTC. Then, at the beginning of this month, the Ninth Circuit granted a petition by the FTC to rehear its ruling from last year that the FTC lacked authority under the FTC Act to regulate AT&T as a common carrier.
Continue Reading

On October 27, 2016, the Federal Communications Commission (FCC) adopted an Order requiring broadband Internet service providers and all other telecommunications carriers providing telecommunications services to take greater steps to protect the privacy of their customers, including current and former subscribers and new applicants. Specifically, the new rules create three categories for the use and sharing of customer information based on sensitivity: opt-in, opt-out, and exceptions to the consent requirements. Acting pursuant to its authority under Section 222 of the Communications Act, which governs the protection of telecommunications service customers’ proprietary information (defined as (i) individually identifiable Customer Proprietary Network Information (CPNI); (ii) personally identifiable information (PII); and (iii) content of communications), the FCC clarified that the new rules are designed to ensure that customers are in control regarding use of their information.

The Order was issued on November 2, 2016 and is available here. Here’s a summary of the key obligations imposed on carriers:


Continue Reading