Federal Communications Commission

It’s time for our monthly review of insights and news related to the Telephone Consumer Protection Act (TCPA).   The October issue examines a ruling from the U.S. Court of Appeals for the Third Circuit, which held that plaintiffs can use affidavits to help meet the standard for TCPA class certification.  In addition, the review covers a U.S. Senate hearing on the Do Not Call Registry and Federal Communications Commission activity related to robocalls and aspects of the TCPA’s prior express consent requirements.

Click here to read on.

 

 

The latest edition of the Mintz TCPA Digest has been published and you can read it hot off the presses, here.

This month’s issue features updates on the latest regulatory activities and an article on a potential ruling that could have major implications for pending and future TCPA cases.

Mintz Levin’s TCPA and Consumer Calling Practice team should be on your speed dial.

 

Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were compromised by the time the hack was discovered several months later.  The hotel chain paid a penalty to the State of New York for its handling of that incident.  The hotel chain also experienced at least two additional breaches during this past year affecting various properties. From a business perspective, Mr. Trump certainly understands the high costs of cybersecurity in dollars and distraction. But from the Oval Office, it is far less clear what the Trump Administration might do to secure our country’s digital infrastructure and prosecute cybercriminals. Equally uncertain are Mr. Trump’s views on privacy rights and how his presidency might affect federal protections for personal information and cross-border transfers of data. We do not have a crystal ball, but offer some thoughts. Continue Reading The Cyber President? What To Expect From the Trump Administration On Cybersecurity And Privacy

 

 

As we previewed last week, the Federal Communications Commission (FCC) has adopted new privacy rules that govern Internet service providers’ (ISPs) handling of broadband customer information.  Though the Wireline Competition Bureau stated that it expects it will be at least several days before the final Order is released to the public, the FCC released a fact sheet describing the rules as adopted.

These rules are the culmination of a process that began in 2015 with the reclassification of Broadband Internet Access Service (BIAS) as a common carrier telecommunications service regulated under Title II of the Communications Act.  As a consequence of reclassification, the obligations established under the privacy framework adopted by the Federal Trade Commission (FTC) no longer applied to ISPs due to the common carrier exception in Section 5 of the FTC Act.  Accordingly, the FCC determined that the privacy protections governing telephone customer proprietary network information (CPNI) set forth in Section 222 of the Communications Act would now apply to ISPs’ provision of BIAS.

On April 1, 2016, the Commission released a Notice of Proposed Rulemaking setting forth proposed privacy and data security rules that would govern ISPs’ provision of BIAS.  The rules originally proposed by the FCC would have subjected ISPs to significantly greater constraints on their ability to use customer data for advertising, marketing, and offering customized services and features than the FTC’s privacy framework, which continues to apply to websites, apps, and all other entities in the Internet ecosystem other than ISPs.  For example, while the FTC framework applies differing choice mechanisms (i.e., opt-in, opt-out, or implied consent) depending on the sensitivity of the data being collected and the context of its use, the FCC initially proposed to apply a default opt-in regime to virtually all data – rejecting any distinctions based on data sensitivity.

In response to comments from the FTC and others in the proceeding, the final rules adopted by the FCC align more closely with the FTC framework, though some important differences remain.  Continue reading for key elements of the proposed rules. Continue Reading What You Need to Know about the New Broadband Privacy Regulations

BREAKING NEWS –

The FCC has voted 3-2 along party lines to require internet service providers (ISPs) to get a customer’s explicit consent before they can use or share what is termed “sensitive” personal information.  That definition raises some eyebrows: according to the FCC’s rules, “sensitive” information includes browsing history, mobile location data, TV viewing history, call and text message records, and information about what mobile apps subscribers use.

The regulation was billed by the FCC as based on transparency, consumer choice and data security.

We will have a full analysis of the new regulations tomorrow.

 

As we reported last month, the FCC was preparing a proposed rulemaking (NPRM) to establish privacy and data security requirements for broadband internet access service (BIAS) providers.  The FCC has now released that proposal with comments and reply comments due May 27th and June 27th respectively.

The brief background to this proposal is that in 2015, the FCC adopted net neutrality rules in Open Internet Order, which reclassified BIAS as a common carrier telecommunications service subject to regulation under Title II of the Communications Act.  The Commission determined that, as a consequence of reclassification, Section 222 of the Communications Act, which is part of Title II, would now apply to BIAS providers. Section 222 regulates a telecommunications carrier’s use and disclosure of Customer Proprietary Network Information (“CPNI”) – which includes information related to the quantity, location, and amount of use of a telecommunications service.  The FCC concluded in its Open Internet Order that the rules implementing Section 222 were telephone-centric and ill-suited to BIAS, and so chose to forbear from applying those rules to ISPs.  With this latest release, the FCC is proposing a new set of rules implementing Section 222 that would apply to BIAS providers. Continue Reading FCC Broadband Privacy and Security Proposed Rulemaking Underway

 

FCC Chairman Tom Wheeler has announced that a proposed rulemaking is being circulated among the Commissioners that would establish privacy and data security requirements applicable to providers of broadband Internet access service (BIAS).  The Notice of Proposed Rulemaking (NPRM) itself will not be released to the public until the end of March when it is scheduled for a vote, but Chairman Wheeler released a summary of his proposal on Thursday.

In adopting the Open Internet Order, which reclassified BIAS as a telecommunications service subject to Title II of the Communications Act, the FCC determined that the privacy provisions of Section 222 of the Communications Act that govern how call detail and call record information are used and protected by providers of telecommunications services also would apply to BIAS providers.  The Commission concluded, however, that its rules implementing the privacy provisions of that Title were ill-suited for broadband privacy, and opted to forbear from applying those rules to BIAS providers.  Instead, the Commission stated that it would establish a new privacy framework applicable to BIAS providers, and last week’s announcement represents the start of that process.  Print Continue Reading FCC Announces Broadband Privacy Proposal

cookiesVerizon Wireless has reached a settlement with the Federal Communications Commission over Verizon’s insertion of unique identifier headers (“UIDH”), also known as “supercookies,” to track customers’ mobile Internet traffic without their knowledge or consent.  Verizon inserted UIDH into customers’ web traffic and associated the UIDH with customer proprietary information to create profiles and deliver targeted ads.  In at least one instance, a Verizon advertising partner overrode customers’ privacy choices by using the UIDH to restore cookies deleted by the customer.  For over two years Verizon Wireless did not disclose its use of UIDH in its privacy policies or offer consumers the opportunity to opt-out of the insertion of UIDH into their Internet traffic.

Continue Reading Verizon Settles Supercookie Probe with FCC

We may only be three weeks into 2016, but the Telephone Consumer Protection Act (“TCPA”) has already received a considerable amount of attention this year.

Yesterday, the U.S. Supreme Court determined in Campbell-Ewald Co. v. Gomez, that a defendant could not cut off a TCPA class action lawsuit by making an offer of settlement to the lead plaintiff in an amount that would fully satisfy his claims.  Specifically, a defendant company that sent a single SMS text message to the lead class action plaintiff made an offer of judgment for $1503 (i.e., the statutory value of a single TCPA violation, trebled for willful misconduct).  The lead plaintiff rejected this offer. Continue Reading Ringing Off The Hook: TCPA Issues Still At Forefront As Calendar Turns To 2016