Monday, March 15, 2010 - The Progress & Freedom Foundation Blog

A Busy Week for Tech Policy: Broadband Plan, Privacy Regulation, .COM Anniversary & FTC Authority

This will be a busy week for tech policy in Washington! First, tomorrow the FCC is expected to release the National Broadband Plan that it's been working on since Congress passed the "Recovery Act" passed in January 2009, tasking the FCC with formulating "a detailed strategy for achieving affordability of such service and maximum utilization of broadband infrastructure and service by the public." Under Chairman Julius Genachowski, the FCC has issued a flurry of inquiries about extending FCC regulation to various aspects of the Internet, as we've lamented. Perhaps most troubling is the agency's open-ended inquiry about regulating the use and collection of data by the private sector on the grounds that concerns about online privacy might slow broadband adoption. For the reasons I laid out in my comments on that inquiry, I very much hope the FCC does not attempt to shoe-horn this regulatory agenda into the Broadband plan. Unfortunately, the just-released executive summary suggests (mid-way down column 1 on page 2) the FCC may take a hard line on this issue.

At the same time that the FCC will be launching its "Five Ten Year Plan" for our infrastructure tomorrow, Verisign will be celebrating the 25th anniversary of the first .COM registration with a Policy Impact Forum in the Reagan Center. The all-start cast includes President Clinton, former FCC Commissioner Reed Hunt, ICANN President Rod Beckstrom, All Things Digital editor Kara Swisher, U.S. CTO Aneesh Chopra, Huffington Post founder Arianna Huffington and... my personal favorite, comedian Mo Rocca! They'll all come together to celebrate what how the private sector--symbolized by .COM--has transformed the Internet from a defense research project to a vibrant marketplace of ideas, goods, services, ads and personal sharing. Talk about Internet optimism!

On Wednesday, the Federal Trade Commission will hold its third and final Exploring Privacy Roundtable. Adam Thierer spoke at the first Roundtable on privacy polls and surveys, something I've written a lot about. I talked about the benefits of online advertising, as summarized in my comments to the FTC. We remain concerned that, for all the talk about improving self-regulation, this process is going to lead to increased regulation of data use and collection without first looking to the kinds of "less restrictive" we've been emphasizing to address real, non-conjectural harms: user education, user empowerment, increased enforcement, technological innovation at all levels, and enhanced protection from the clearest harm of all, government snooping.

Also on Wednesday (at 3pm), the Senate Commerce Committee will hold a hearing (in SR-253) on "Financial Services and Products:  The Role of the Federal Trade Commission in Protecting Consumers, Part 2." What's at stake in this hearing is far more than financial regulation, but how pending legislation already passed by the House--originally the Consumer Financial Protection Act (CFPA), which was reborn as the "Wall Street Reform and Consumer Protection Act of 2009" (HR 4173)--would, if enacted, expand the FTC's powers to regulate vast swathes of our economy.

In general, as Jim Miller, FTC chairman 1981-85 has said bill "is like putting the FTC on steroids. But when it comes to Internet policy, as Braden has noted), the CFPA could be the vehicle by which FTC Chairman Jon Liebowitz gets the authority he craves to implement sweeping, aggressive regulation of online activity in the name of protecting "privacy," defending "kids," punishing "blogola," or whatever else the FTC decides requires action to "protect consumers."

At the first hearing in this series, on Feb. 4, FTC Chairman Jon Liebowitz called for:

APA rule-making authority to replace the special Magnuson-Moss procedures under which the FTC must currently operate with the APA simple-notice-and-comment rulemaking authority enjoyed by other agencies--which would make it far easier for the FTC to issue preemptive regulations instead of punishing bad actors on a case-by-case basis.

Civil penalty authority and "independent litigation authority (instead of referring cases to the DOJ): This would represent a fundamental change from the current system, in which the FTC uses administrative orders and judicial injunctions to bring an end to unfair or deceptive acts or trade practices, and companies look to the FTC to tell them when they might be breaking the law and have a chance to come into compliance. Civil penalties are used today only to punish companies that violate prior orders. Under the bill, companies could get hit with a lawsuit and face serious penalties. Thus, they would have to become far, far more careful in everything they do about avoiding an FTC lawsuit. That might seem like a good thing, but the problem is that the FTC regulates just about everything in our economy (except for certain industries like banks and FCC-regulated telecom providers) and the FTC's own policy statements recognize that, even where a practice is alleged to be unfair, consumer harm must be weighed against consumer benefits. In short, the FTC is in the cost/benefit business of trying to assess the trade-offs of the real world--and so are the companies that constantly have to consider the risk of an FTC enforcement action. The bill would dramatically change how that calculation is made, at a significant cost to consumers.

Authority to punish "aiding and abetting": While justified in terms of punishing financial scams (and perhaps useful in that context), this power could have disastrous consequences if applied to online activity, especially in conjunction with civil penalties and aggressive litigation. The bill's drafters seem to realize just how disastrous this could be for the Internet, so they've included the following disclaimer: "Nothing in this section shall be construed as limiting or superseding the protection provided to any provider or user qualifying for protection under Section 230(c)(1)," which grants immunity to online intermediaries for third party content. This is a critically important limitation, but it may not be enough to stop the FTC from imposing heavy civil penalties on online intermediaries involved in the complex relationships of data sharing typical among online operators, especially for advertising purposes--or at least creating sufficient fear of such penalties to substantially change their behavior. As Prof. Eric Goldman (a renown Section 230 expert) explains, growing loopholes to Section 230 (such as under the Roommates.com decision) might make it possible for the FTC to target online intermediaries who "aided" or "abetted" violation of an FTC privacy rule. If nothing else, this new regulatory authority could increase pressure on Section 230 in two senses: (1) The FTC could further "probe" the immunity through litigation and get courts to create new loopholes and (2) if the FTC could claim its consumer protection efforts were stymied by Section 230, political pressure might increase for Congress to amend or even repeal the law itself.

Increased FTC funding: I might actually support this if it really meant increasing the agency's ability to enforce its existing authority to punish unfair and deceptive trade practices, or to expand consumer education efforts--rather than funding ever-more aggressive regulatory activity.

These statutory changes (items 1-3) are all contained in Section 4901 of HR 4173 (although it's not exactly easy to parse). A broad industry coalition expressed some of concerns and more in an open letter to Congress in December. More on this important issue to come...

posted by Berin Szoka @ 6:50 PM | Advertising & Marketing , Broadband , Privacy