Daily Digest 6/8/2018 (News from FCC Meeting)

The Federal Communications Commission set aside enforcement of rules, granting a petition for forbearance that will, in effect, waive the requirement for small, rural carriers to contribute to the Universal Service Fund on their broadband Internet access transmission service revenues.

The Federal Communications Commission today approved an item to reform Internet Protocol Captioned Telephone Service (IP CTS), a form of telecommunications relay service (TRS) that allows individuals with hearing loss to both read captions and use their residual hearing to understand a telephone conversation.

The item approved by the FCC:

• Takes steps and explores others to preserve the viability of IP CTS for people with hearing loss who need it,
• Set interim IP CTS provider compensation rates to bring those rates closer to actual average provider costs. (This move will save the TRS Fund nearly $400 million over the next two years.)
• Adopts rules to limit unnecessary IP CTS use and waste of the TRS Fund, including a general prohibition on providing IP CTS to ineligible users.
• Allows service providers to use fully-automated speech recognition (ASR) to produce captions.

The FCC is also seeking comment on measures to improve the compensation plan, funding, and structure of the IP CTS program and to curb provider practices that could be incenting use of IP CTS by people who may not need it. And to ensure service quality for users, the FCC is seeking comment on IP CTS performance goals and metrics.

The Federal Communications Commission approved new rules to help protect consumers from the illegal and harmful practices of slamming, which is the unauthorized change of a consumer’s preferred telephone company, and cramming, which is the placement of unauthorized charges on a consumer’s phone bill.  With the action, the Commission’s rules now include a clear ban on misrepresentations made during sales calls and provide that such material misrepresentations invalidate any authorization given by a consumer to switch telephone companies. The Commission’s rules also now include an explicit prohibition against placing unauthorized charges on consumers’ phone bills. Under the new slamming rules, phone companies that abuse the third-party verification process will be suspended from using that process for five years. The Commission also took action to improve the efficiency of the third-party verification process by eliminating the requirement that a phone company must obtain the authorization of a consumer for each service being sold—a time-consuming step that the Commission found can confuse consumers.

The Federal Communications Commission took steps to establish clear, strong, and consistent safeguards to prevent the fraudulent use of toll free numbers in text messaging. In a Declaratory Ruling and Notice of Proposed Rulemaking, the FCC:

• Clarified that a text messaging provider may not text-enable a toll free number without first obtaining authorization from the subscriber for that number
• Clarified that a messaging provider may not text-enable a toll free number that is not yet assigned to a subscriber
• Clarified that messaging providers must disable toll free texting upon request by the subscriber
• Seeks comment on a proposal to require a toll free subscriber to inform the company that manages the assignment and routing of the toll free number, known as a Responsible Organization or RespOrg, that the subscriber has authorized its toll free number for text messages
• Seeks comment on a proposal that the RespOrg must reflect the subscriber’s authorization to text-enable its toll free number in the toll free Service Management System (SMS) Database
• Seeks comment on a proposal requiring that a messaging provider obtain the subscriber’s authorization for text-enabling a number through the RespOrg
• Seeks comment on what other information, if any, needs to be captured and centrally managed to protect the integrity of the toll free numbering system. 

Using data from the 2016 American Community Survey (ACS), released in September 2017 by the US Census Bureau, the National Digital Inclusion Alliance ranked all 185 US cities with more than 50,000 households by the total percentage of each city’s households lacking fixed broadband internet subscriptions. Note that this data is not an indication of the availability of home broadband service, but rather of the extent to which households are actually connected to it. The term “Fixed broadband Internet” as used by the Census includes wireline broadband technologies (cable Internet, DSL, fiber to the premises) as well as satellite and “fixed wireless” technologies. It does not include 3G and 4G mobile service such as one purchases for a smartphone, or non-broadband connections like dial-up modems.  NDIA focused on fixed broadband subscriptions in this comparison of household connection rates, because the strict data caps common to mobile Internet services make mobile much less useful for general household Internet access. Topping the list of Worst Connected Cities: Brownsville (TX), Detroit (MI), and Hialeah (FL). 

Former Federal Communications Commission Chairman Tom Wheeler has challenged current Chairman Ajit Pai to push for a House vote on the Congressional Review Act (CRA) resolution to nullify Pai's Restoring Internet Freedom order rolling back network neutrality rules. Wheeler, who focused his regulatory attention on Internet service providers as the gatekeepers of the internet, also signaled that had been because of the FCC's limited authority, and that he felt it was time that the "peoples representative" had oversight and made the rules for the edge and access providers. His answer was essentially an endorsement of the kind of new scrutiny of the edge being advocated by ISPs, Chairman Pai and legislators from both parties. "I am a proponent of openness, nondiscrimination and privacy in all venues," Wheeler said. "It just happened that while I was at the FCC, we only had jurisdiction over networks. But there comes a time when we have to say, 'Wait a minute, what are the rules that are going to govern this new environment. And, most important, who's going to make those rules.?' Right now, whether you are a platform company, like Google of Facebook, or whether you are networks like AT&T and Comcast, you make the rules. There ought to be oversight by the people's representatives so that the people's representatives make the rules, not just those who benefit from what those rules might be."

Apparently, the US Department of Justice is examining how the proposed merger between T-Mobile and Sprint could affect prices for smaller wireless operators.  A T-Mobile and Sprint merger would eliminate competition between the two carriers that have been the dominant players in selling network access to wireless companies that often serve pre-paid or price-conscious consumers, and could lead to higher prices for those users. The Justice Department, which is evaluating T-Mobile’s $26 billion deal to buy Sprint, has been speaking with small wireless operators that buy access to the major wireless networks at wholesale rates, and is seeking their opinions about the merger. 

On October 19th of 2017, a just-barely bipartisan group of senators held a press conference to announce a new piece of legislation. The Honest Ads Act, as the bill is called, would require Facebook, Google, and other tech platforms to retain copies of the political ads they host and make them available for public inspection. Platforms would have to release information about who bought the ads, how much they cost, and to whom the ads were targeted. Anyone who spent more than $500 on political ads would be subject to public scrutiny. Revelations from Facebook, Google, and other social media platforms of Russia-linked groups sparked a flurry of activity in the capital last fall, prompting the tech companies to spend more on lobbyists and crisis public-relations firms than they ever had. But, the opposition to the Honest Ads Act has come not from tech companies, who have been increasingly supportive of the legislation, but instead from the Republican majority in Congress. The multiple new pieces of legislation aimed at regulating tech platforms, including a new consumer privacy protection act, have attracted few Republican cosponsors, and the bills have yet to receive a single hearing. And while the bills’ sponsors remain publicly supportive, it appears increasingly unlikely that Congress will take action on either bill before the midterms.

Even as the Commerce Department was confirming a deal to remove an export ban affecting ZTE, Congress was moving to prevent government money to be used to buy ZTE equipment. According to Sen Marco Rubio (R-FL), who proposed the restriction, the Senate Appropriations Committee has approved the FY19 Transportation, Housing and Urban Development (THUD) Appropriations bill, which includes his provision to prevent those government funds to be used to buy telecom equipment from ZTE and fellow Chinese telecom Huawei "other high risk information systems." Government intelligence officials are virtually unanimous in their view that both ZTE and Huawei tech poses a national security risk, a view shared by Sen Rubio. 

A decision by the three-judge panel of the US Court of Appeals for the Eleventh Circuit could make it harder for the Federal Trade Commission to enforce online data security, or that is certainly the conclusion of Sen Richard Blumenthal (D-CT). Though, it is narrowly tailored to apply to a specific FTC enforcement tool. The court ruled that the FTC could not issue a cease and desist order directing a medical lab to take a variety of actions to protect sensitive medical information online. It concluded that such orders must identify a specific harm the order is prohibiting, and the FTC failed to do so. "Rather, [the cease and desist order] commands LabMD to overhaul and replace its data-security program to meet an indeterminable standard of reasonableness," the court panel concluded. "This command is unenforceable." That is the case even if the lab's alleged negligence in "[failing] to implement and maintain a reasonable data-security program" does constitute an unfair or deceptive practice. While the decision was narrow, it troubled Sen Blumenthal, the author of the Data Breach Accountability and Enforcement Act, which would give the FTC new power to enforce data security. Sen Blumenthal suggested the decision should fire up Congress to pass his bill. "Until this damaging ruling, the FTC could at least set expectations and require data security programs to prevent future breaches after finding a failure to adequately protect consumers’ data,” he said. “In undermining the FTC’s ability to impose data security standards, the Court of Appeals has hamstrung our sole cop on the beat protecting consumer privacy." 

Legislation to rein in Facebook’s practices — and even stiff penalties from the Federal Trade Commission — are starting to look like a real possibility, even in a Congress typically slow to move on tech issues.  Lawmakers are pointing to two main vehicles emerging in Congress.  One is the Consent Act, a bill sponsored by Sen Ed Markey (D-MA) that would require Facebook and other tech companies such as Google to get explicit permission from users before doing anything with their personal information. It would also require those companies to notify users about all collection, use and sharing of their data. The second bill,  the Social Media Privacy and Consumer Rights Act, introduced by Sens Amy Klobuchar (D-MN) and John Neely Kennedy (R-LA), proposes similar rules allowing users to opt out of data collection. Additionally, it would allow users to prevent companies from tracking their data, require privacy policies to be written in "plain language" and guarantee users the ability to see what companies have already collected on them. The FTC — which is already investigating Facebook's data practices — also has options. Facebook is bound by a 2011 consent decree with the agency over a different privacy matter to be more transparent about the data it collects about its users. 

Chinese phone maker Huawei said it has never collected or stored Facebook user data, after the social media giant acknowledged it shared such data with Huawei and other manufacturers. Huawei, a company flagged by US intelligence officials as a national security threat, was the latest device maker at the center of a fresh wave of allegations over Facebook’s handling of private data. Chinese firms Huawei, Lenovo, Oppo and TCL were among numerous handset makers that were given access to Facebook data in a “controlled” way approved by Facebook, according to Facebook.

On May 14, Federal Communications Commission Chairman Ajit Pai responded to several Members of Congress over recent reforms of the FCC's broadcast ownership rules.  "I must respectfully decline your request not to implement any changes made to the media ownership rules in our 2017 Order on Reconsideration," he wrote. "The FCC has a statutory duty to ensure that our broadcast ownership rules keep up with changes in the media marketplace, and there is no reason to further delay the implementation of 2017 reforms that were themselves unreasonably delayed. Moreover, I would point out that the United States Court of Appeals for the Third Circuit was asked to stop the FCC from implementing these changes and earlier this year declined to do so." Chairman Pai also denied the request to stop working on the review of the national ownership cap, as well as the request that the FCC stop approving any broadcast mergers or acquisitions on a blanket basis. 

Former Federal Communications Commission Chairman Tom Wheeler says that there was no 2014 cyberattack meant to overwhelm the agency's comment system during the net neutrality debate, as claimed by a former agency IT official in emails recently published by Gizmodo. The Gizmodo story says that in 2017, after the agency claimed to have experienced a distributed denial-of-service (DDoS) taking down its comment system, agency IT chief David Bray told the media that there had been a similar attack in 2014 — and that Wheeler had decided to keep the matter quiet for fear of copycat attacks. On June 6, Wheeler said, "When I was in the greenroom waiting to come in here, I got an email from David Bray, who said 'I never said that you told us not to talk about this and to cover up,' which was the term that got used. Which of course is logical, because as the Gizmodo article that you referenced pointed out, A) FCC officials who were there at the time said it didn’t happen, [and] B) the independent IT contractors that were hired said it didn’t happen. So if it didn’t happen it’s hard to have a cover up for something that didn’t happen." Brays claim to Wheeler is contradicted by a 2017 email from Bray published by Gizmodo where he says that in 2014 “the Chairman did not want to say there was a DDoS attack out of concern of copycats.” Bray said June 6 that his reference “the Chairman” in the published email was actually shorthand for the agency’s media relations office. He also maintained in an earlier Medium post that there had been suspicious activity related to the comment system. "I go with the email that I literally just received from David Bray saying I didn’t say it," Wheeler said when pressed on the discrepancy. Asked why the FCC might have suggested in 2017 that there had been an attack three years prior, Wheeler replied: "I am the last person in the world to interpret the decision making of the Trump FCC.”