CommLawBlog : Broadcast & Communications Lawyers & Attorneys : Fletcher Heald & Hildreth Law Firm : Telecommunications, FCC Regulation, Communications Act

In search of a solution, it has now turned to crowd-sourcing. The concept is simple: find the best way to block illegal robocalls, while letting the legal ones through, and the FTC will write you a check for $50,000 and pay your way to Washington to pick it up. It’s pretty much that simple, believe it or not, despite six dense pages of rules in the Federal government’s preferred font size (tiny).

Entries will be judged on three criteria:

Does it work? (50%) How likely is the entry to block all illegal calls and let all legal calls ring through? On how many kinds of phones does the proposal work (landline, cell, VoIP, etc.)? How easily can robocallers circumvent the scheme?

Is it easy to use? (25%)  How hard will it be for consumers to use the solution? What kinds of mistakes might consumers make, and how severe are the consequences? (Hint: keep it simple. The Federal government has a pretty low opinion of consumers’ abilities.)

Can it be rolled out? (25%) Will the solution work in the ecosystem as is, without having to change phone providers’ infrastructure? (Further hint: “yes” is a good answer here.)

If you have an idea, first read the rules (really), then wait till after 5 pm EDT on Thursday, October 25, 2012, and sign up here. The deadline for entries is January 17, 2013.

Oh, one more thing. We’d really appreciate it if you let us in on your idea right away. We promise not to submit it to the FTC. But we do want to install it on our phone.

The White House’s “bill of rights” is intended to provide a “baseline of clear protections for consumers and greater certainty for companies.” It is based on longstanding, globally recognized, Fair Information Practice Principles (FIPPs), and bears a striking similarity to the European Union’s influential Data Protection Directive. Under the Administration’s proposals, consumers would be entitled to the following, while affected companies would be expected to respond as indicated:

Individual Control – Consumers would get the right to exercise control over what personal data companies collect from them and how they use it. Companies would be expected to enable consumer choice over use of their personal data by providing easy-to-use mechanisms reflecting the “scale, scope and sensitivity” of the data being collected.

Transparency – Consumers: the right to easily understandable and accessible information about privacy and security practices. Companies: provide clear descriptions of what personal data they collect, why they need the data, how they will use it, when they will delete or de-identify it, and whether and for what purposes they will share the data with third parties.

Respect for Context – Consumers: the right to expect that companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data. Companies: “heightened measures of Transparency and Individual Choice” would be required if, after collecting data, a company were to decide to use the data for purposes inconsistent with the original context under which it was collected

Security – Consumers: the right to secure and responsible handling of personal data. Companies: assess their data collection and protection practices, and maintain reasonable safeguards to control risks of loss, unauthorized access, and improper disclosure.

Access and Accuracy – Consumers: the right to access and correct personal data in usable formats, in a manner that is appropriate to the sensitivity of the data and the risk of adverse consequences to consumers if the data is inaccurate. Companies: use reasonable measures to ensure that they maintain accurate personal data.

Focused Collection – Consumers: the right to reasonable limits on the personal data that companies collect and retain. Companies: collect only as much personal data as they need, consistent with the Respect for Context right.

Accountability – Consumers: the right to have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights. Companies: accountability to enforcement authorities and consumers for adhering to these principles.

These concepts are obviously broad and vague. But that appears to be purposeful, since the “bill of rights” as envisioned by the White House is intended to serve merely as a basic framework for protections in the myriad commercial areas not already subject to more specific federal privacy regulation (e.g., healthcare, financial services, education, telecommunications.)

Implementation – As it stands now, the “bill of rights” is little more than a wish list, a set of desirable goals the Administration would like the commercial world to embrace. Turning the “rights” into enforceable codes of conduct will not be simple. The White House proposes to do that through an “open, transparent, multistakeholder” process. The stakeholders would include “international partners” in the process. The goal there is presumably to assure that any U.S. codes of conduct would qualify for international “safe harbor” standards, thus facilitating international trade for U.S. companies.

The job of soliciting input from all of the stakeholders has been given to the Department of Commerce’s National Telecommunications and Information Administration (NTIA). While Commerce has previously waded into privacy policy, the FTC has as well. The choice of NTIA as the locus of the process may be an effort to encourage on-line industry participants to participate. Also, since the White House appears to contemplate that the FTC would be the agency with primary enforcement authority relative to any codes of conduct that get developed, the Administration may feel it more appropriate to leave the development to a separate agency.

Several consumer groups have already expressed concerns, though, that one or more stakeholders may attempt to impose “unilateral solutions” on consumers. Those groups have proposed their own process principles.

Notwithstanding the involvement of NTIA, or the FTC, in the development phase of any codes of conduct, the Administration sees such codes as being primarily private initiatives that “can provide the flexibility, speed, and decentralization necessary to address Internet policy challenges.” As models, the White House is looking at such non-governmental organizations as the Internet Engineering Task Force, and the Internet Corporation for Assigned Names and Numbers (ICANN) which are responsible for important Internet-related technical standards.

Is This Enforceable? – Um, no.   As matters now stand, the components of the Administration’s “bill of rights” are not enforceable. But there are at least two ways in which they might become enforceable, directly or otherwise.

First, as noted above, the White House hopes that the stakeholder discussions it is initiating will lead to the adoption of specific codes of conduct to which companies will publicly commit themselves. Such commitment to compliance could provide the FTC the hook necessary to enable it to bring enforcement actions against companies whose conduct falls short of their commitment to the code they have embraced. (This would be similar to the FTC’s current practice, under its authority to prevent deceptive trade practices, of bringing enforcement actions based on a company’s violation of its own website privacy statements.)  

Along the same lines, private codes of conduct might also serve as a measure of the reasonable standard of conduct applicable to parties engaged in on-line activities involving data collection. For instance, plaintiffs in defamation cases often seek to use the Code of Ethics of the Society of Professional Journalists to establish that a defendant acted negligently because he or she failed to strictly adhere to that Code.  The consumer privacy code of conduct envisioned by the White House could provide a similar yardstick for treatment of personal information collected on-line.

Second, the White House Report urges Congress to pass legislation adopting the proposed “Consumer Privacy Bill of Rights”, but with more specific terms that would be worked out between the White House and Congress during the drafting stage. 

As the White House sees it, that legislation would provide a number of enforcement mechanisms. First, the FTC would be given the authority to (a) review any private codes of conduct that companies might adopt and (b) effectively grant those companies forbearance from enforcement under the statutory provisions provided that the companies commit to adhere, and do in fact adhere, to their private codes.  Such FTC review would be subject to a number of limitations (e.g., require public comment, complete agency review within 180 days, etc.). Importantly, such private codes would have to reflect the “consensus of all participants in the multistakeholder process”.  

The “safe harbor” approach – i.e., forbearance from compliance with a statutory “bill of rights” – would theoretically encourage companies to devise their own codes of conduct, subject to the FTC review process. (While the White House Report does not address the possibility expressly, it appears at least possible that a company that adopts a code not reviewed and approved by the FTC might still also be subject to FTC enforcement for violating that code, under the FTC’s existing Title 5 authority to prevent deceptive trade practices.)

Second, the FTC would be given authority to directly enforce each element of the statutory “bill of rights”. 

So would state attorneys general (at least as long as they coordinate their enforcement actions with the FTC). But the ability of individual states to provide their own separate privacy protections would be limited. In the hope of establishing nationally uniform privacy rules, the White House recommends that state privacy laws be preempted to the extent that they are inconsistent with whatever “bill of rights” Congress may enact. And companies that adopt FTC-approved private codes of conduct would be exempt from enforcement activities based on state privacy laws. The Administration Report does suggest that states could enact their own privacy laws, but only so long as they “not disrupt the broader uniformity the Report seeks in consumer data privacy protections.” State officials are not likely to be happy with the proposed federal preemption of their existing privacy laws.

While it may be politically necessary for the Administration to suggest joint federal/state enforcement of federal privacy requirements, the result could become a confusing and dangerous quagmire for consumers, and negate the regulatory certainty that companies seek.

What’s Next? – The process the White House hopes will ultimately lead to enforceable private codes of conduct has started. The NTIA has called for comments on the “substantive consumer data privacy issues that warrant the development of legally enforceable codes of conduct, as well as procedures to foster the development of these codes.” (Comments are due by March 26, 2012.) The NTIA is seeking input on a wide range of threshold issues, including privacy issues associated with mobile apps, cloud computing services, and on-line services targeted to children. The NTIA also asks numerous questions regarding process, including how the term “consensus” should be defined.

With regard to the prospects for legislation, it’s probably best not to hold your breath. While some Senators and Representatives have publicly concurred that legislation to protect on-line consumers is a good idea, let’s not forget that a number of privacy bills have been sitting on the Hill for years already with no action. Given that, a betting man would not stake much on seeing such legislation any time soon.

Of course, it’s impossible to predict what impact, if any, the White House proposal will ultimately have. Time alone will tell.

What we do know is that the Obama Administration has clearly embraced the issue of on-line privacy and is seeking to position itself as a champion of the on-line consumer. In view of recent, highly public, privacy flaps involving a number of the major on-line players (e.g., Apple, Google), that may be a smart move, particularly with a presidential election fast approaching. But note also that the White House proposal constitutes yet another effort by the Administration to try to assert some measure of federal control over Internet-related conduct. Such efforts might ordinarily alienate many on-line companies – as have the FCC’s net neutrality initiatives. But the White House’s proposed approach to privacy protection does include the notion of “private” codes of conduct. That notion arguably gives companies some opportunity to take control of their own fates (if you don’t focus too closely on the “consensus” obligation the White House Report would impose), which might deflect some opposition.

In any case, the White House is trying to set the tone, and possibly establish some preliminary parameters, of the debate about on-line privacy protections. We won’t know whether that effort is going to be successful for some time. Check back here on CommLawBlog – we’ll keep you updated as developments warrant.

All four companies provided a “dial-around” long distance telephone service in which customers paid a monthly fee for a certain number of long distance minutes. The customers could access the service by dialing a toll-free access number and then entering a PIN to make long distance calls – although, in fact, the vast majority never did. The monthly fees were nonetheless included in bills received by the consumers from their local telephone carriers. Some of the dial-around service companies cited by the FCC had common ownership and all, coincidentally, were based in Pennsylvania. 

The companies claimed they had multi-step procedures for verifying each customer’s order for the dial-around service. Aggrieved customers responded that they had never heard of the companies before noticing suspicious charges on their phone bills. Records provided to the FCC by the companies showed that fewer than one-tenth of one percent of the customers who were billed actually used the service.

The FCC concluded that the companies had deliberately engaged in illegal cramming activities. Even if the actions were not deliberate, said the FCC, the companies should have known they were improperly charging people who hadn’t ordered their service, based on the large number of complaints (and possibly also based on the large number of customers who never used the service they were paying for).

Cramming is a violation of Section 201(b) of the Communications Act of 1934, which requires all charges for communications services to be “just and reasonable.” The Act authorizes the FCC to charge up to $150,000 for each violation. The FCC proposed fines calculated to exceed the allegedly fraudulent charges, to serve as a deterrent. In addition, the FCC will be monitoring these companies for future compliance, and threatens to revoke their operating authority if they continue cramming. Unfortunately for the affected consumers, these fines are remitted to the U.S. Treasury, and not to them individually. The customers who took the time to go through the complaint process at least have the satisfaction of knowing the four companies have been punished for their cramming ways.

Minimum label size: 1.5” x 5.23”. And all the minutiae detailed above apply just to the front. For the back, adhesive labels must have “an adhesion capacity sufficient to prevent . . . dislodgment during normal handling”. A “minimum peel adhesion capacity for the adhesive of 12 ounces per square inch is suggested.” Alternative means of affixing the label (e.g., “cling labels” using the screen’s static charge) are also permitted.

Variations on the horizontal example shown above include a vertical design and a triangular design.

Surprisingly, the rule as initially proposed applied to any device with a built-in viewing screen, regardless of screen size.  Didn’t they realize that pasting a big label on a Dick Tracy wristwatch TV screen wouldn't be easy? The FTC appears to have gotten the word, though. The final version of the rule exempts TVs that “are designed to operate on built-in rechargeable batteries or inserted batteries.”

The FTC is also looking at requiring similar labeling for devices without screens, such as cable boxes and DVRs – but that’s for another day.

No word yet on when the new rules will appear in the Federal Register but, as noted above, they are currently set to apply to all non-exempt TVs manufacturer on or after May 10, 2011. Energy Guide labels will also have to be included in catalogs and website listings as of July 11, 2011.

And finally, the careful and law-abiding observer will note that the labels must include the warning that “Federal law prohibits removal of this label” –  just like a mattress or pillow label! Oh sure, the TV version limits that prohibition to “before consumer purchase”, suggesting that it’s OK to remove the label once you’ve got the TV all set up at home. But do you really want to take that chance?

You could take up Rockefeller’s suggestion and ask Congress to give the FCC express statutory authority. But there are downsides of going to Congress for a remedy: chairs could shift during the November elections, and besides – would you really want to risk opening the Communications Act to amendments (shot clock, anyone?) And let’s not forget about timing – you want the NBP to move ahead now, not at some indefinite future point, after the full range of Congressional process has managed to inch its way to some (unpredictable) conclusion at some point in the indefinite future.

Or you could take Hutchison up on her challenge and reclassify internet access as a Title II telecommunications service. But as many have observed, that would almost certainly lead back to court. 

Or maybe, as Fletcher, Heald’s own Mitchell Lazarus has suggested, the FCC could find a more tailored way out.

Both of the last two options, however, involve the FCC re-jiggering its own legal authority from within – which risks potential punishment from the minority party (not a purely hypothetical risk, as Hutchison’s comments, noted above, demonstrate).

So what’s the answer? 

If I were Mr. Genachowski, stuck between a legal rock and a political hard place, I might look for some other way out of the bind – a way that would permit regulation of net neutrality while keeping my agency both out of court and out of any politically costly cross-fire in Congress. If only I had a protector. Or in this case, a consumer protector. You see where I am going with this: I would consider handing off the net neutrality hot potato to my regulatory siblings at the Federal Trade Commission (FTC). 

The FTC can’t regulate common carriers. But so far ISPs aren’t common carriers, thanks to the FCC’s consistent reluctance thus far to so categorize them. And if ISPs aren’t common carriers, the FTC can step in. (See tech attorney Glenn Manishin’s analysis of Comcast on this point.) 

Section 5(a) of the FTC Act gives the agency jurisdiction over “unfair or deceptive acts or practices”, and FTC Chairman Leibowitz has been willing in the past to assert jurisdiction in order to protect consumers. 

Remember, dear Readers, Chairman Leibowitz has sunk significant political capital into asserting his agency’s power over online commerce issues and other consumer protection initiatives that are threatened if someone in the government can’t enforce net neutrality. So the FTC could be expected to welcome the authority to regulate ISPs and implement net neutrality.

And – just as politically important here – if the FTC were to be deemed the principal locus of control over the issue, Chairman Rockefeller and his Senate Commerce Committee – and their colleagues on the House side – would lose no power. The Commerce Committees have oversight authority over both the FCC and the FTC, so allowing one of the two agencies to take up regulation in an area – say, net neutrality – previously controlled by the other agency would not realign Congressional power in any way. All Chairman Rockefeller has to do is ask his Consumer Protection Subcommittee Counsels to join his meetings with his Communications Counsels. 

But even if the FTC is standing by, ready, willing and able to take over, and even if that approach would likely be acceptable to the powers-that-be on the Hill, there’s still one big question: would Mr. Genachowski voluntarily give up the power he believes his agency has? Jurisdiction does not switch hands easily or often in this town, but Mr. Genachowski’s boss, President Obama, might not care which of his agencies holds authority, as long as his National Broadband Plan’s infrastructure is protected.

One thing, I believe, is certain: net neutrality enforcement authority will be assigned eventually. Like a handful of chips thrown into the air on a casino floor, no part of government’s power will be left un-gathered and unused. The only question left is who will pick them up.

• Robocallers would be required to get “express written consent” before delivering prerecorded telemarketing messages to any residential customer, whether or not he/she has registered on the FTC’s “do not call” list. (Current FCC rules require such written consent only for those on the “do not call” list.) The proposed requirement would apply even if an established business relationship exists between the caller and the customer which otherwise permits live telemarketing calls. Under the FCC’s proposal, “written” consent for robocalls would not actually need to be “written”, but could also be obtained in other ways, including pressing a particular number on the phone keypad. That flexibility would, of course, cushion the blow for telemarketers. BUT the written “consent” would have to: (a) reflect that the telemarketer had provided “clear and conspicuous notice” to the consumer that he/she was authorizing delivery of robocalls and that the consumer is willing to receive such calls; and (b) make clear that the consent was not obtained as a condition to the purchase of any good or service; and (c) include the consumer’s phone number.
• Robocaller messages would be required to include an automated, interactive mechanism to allow consumers to opt out of receiving future robocalls from that particular company.
• During any one campaign, telemarketers using automated dialing equipment to connect consumers to live pitchmen (or pitchwomen) would be permitted to abandon no more than three percent of the calls that people answer. (A call is abandoned, according to the FCC, if the consumer is not connected with a sales representative within two seconds after the end of the greeting.) The FCC’s current rule allows the same abandonment rate over a 30-day period, thereby permitting the telemarketer to average its rate over multiple campaigns.
• Healthcare-related prerecorded messages from certain federally regulated entities would be exempt. This includes messages such as flu shot and prescription refill reminders, requests for documents needed for insurance billing, and calls to encourage enrollment in treatment programs.

The proposed amendments would not change other robocall exemptions, such as fundraising calls from non-profit organizations, calls from politicians or political campaigns, and calls from commercial entities that are purely informational, such as airline flight cancellation notices. Emergency alerts are also exempt.

Comments regarding the proposed rules are due 60 days after the Notice of Proposed Rulemaking is published in the Federal Register, which has not yet occurred. Reply comments are due 30 days after the comment deadline.   We will publish the dates when they become available.