Connect with us

Privacy

Industry Leaders Urge Biden to Tread Lightly With Federal Privacy Legislation

While generally supportive of a federal privacy law, some experts warned it could harm competition.

Published

on

Screenshot of Jules Polonetsky, executive director of the Future of Privacy Forum

WASHINGTON, January 27, 2023 — While there is a need for federal privacy regulation, such legislation could harm innovation, research and competition if not carefully designed, according to leaders of top technology trade associations and think tanks.

“In my opinion, there’s a lot of overblown statements about how bad the problems are,” said Rob Atkinson, president of the Information Technology and Innovation Foundation. “And a lot of the regulatory solutions… would actually, in our view, do more harm than good.”

Speaking at a panel hosted by the ITIF on Wednesday, industry experts responded to President Joe Biden’s recent op-ed calling on Congress to unite against Big Tech companies in three areas of concern: privacy, content moderation and competition.

“It’s gotten to this amazing point where we have a lot of the world’s most dominant tech companies, and to see a headline about uniting against Big Tech by the President of the United States, it hurts me greatly,” said Gary Shapiro, president and CEO of the Consumer Technology Association.

One of Biden’s policy recommendations was to place limitations on targeted advertising and ban the practice altogether for children. But Atkinson disagreed with the implication that targeted advertising is an inherent violation of privacy.

“Targeted advertising is almost always done in an anonymous way where the advertiser doesn’t know my name — they just know that I like to ride my bicycle to work, and so they send me a bicycle ad,” he said.

Despite concerns about the extent of certain proposals, the tech leaders were generally supportive of federal privacy legislation. “It’s incredible that the U.S. is one of the very few democracies in the entire world that does not have a comprehensive privacy law,” said Jules Polonetsky, executive director of the Future of Privacy Forum.

A proposed federal privacy law gained strong bipartisan support toward the end of 2022, but disagreements over two key issues have threatened its progress, explained TechNet CEO Linda Moore.

The first is private right of action, which Moore said was important to “make sure we protect those small and medium-sized companies from frivolous lawsuits that will drive them out of business.”

The second disagreement is over whether the federal law should preempt state privacy laws.

Steve DelBianco, executive director of NetChoice, emphasized the need for a “national standard to replace an impossible patchwork of state laws.”

“If the President is serious about data privacy, he should support the preemption of state laws and the presumption of private right of action,” DelBianco said.

Strict European privacy regulation can provide both guidance and caution

Polonetsky pointed to the European Union’s General Data Protection Regulation, often considered to be the world’s strongest privacy law, as a potential guide for U.S. legislation.

“For years, I would have said no — let’s show the American way to do it,” he said. “But now that we’ve tried to do the American way and made a bit of a jumble in many of our proposals, I have new appreciation for the thought that went into GDPR.”

But in addition to appreciating what the GDPR got right, policymakers should also look carefully at the ways in which it may have overly restricted research, Polonetsky added.

Atkinson emphasized that caution, saying that the GDPR’s “important and useful components” did not outweigh the negative impacts of its research limitations.

The implementation of GDPR also had negative implications for competition, Moore said. “The largest companies gained market share, because the smaller and medium sized companies just couldn’t adapt to the new privacy regime and all the hurdles that are put in place.”

Pursuing the strictest possible privacy standard could result in barring all data sharing and interoperability — things that are “necessary for competition,” Polonetsky claimed. “We need an understanding of the balance and the conflicts which do exist between competition and privacy.”

Privacy law is also closely intertwined with Section 230, Polonetsky said. “It’s clear that any significant change to 230 means companies doing an awful lot of surveillance to track things that are said and posted and done.”

Broadband Breakfast’s Big Tech & Speech Summit will feature panels on each of the issues identified in Biden’s op-ed. Learn more and register here.

Reporter Em McPhie studied communication design and writing at Washington University in St. Louis, where she was a managing editor for the student newspaper. In addition to agency and freelance marketing experience, she has reported extensively on Section 230, big tech, and rural broadband access. She is a founding board member of Code Open Sesame, an organization that teaches computer programming skills to underprivileged children.

Robocall

Experts Debate Whether Originating or Terminating Providers Hold Robocall Responsibility

Despite the FCC’s recent expansion of STIR/SHAKEN, some panelists called the framework ineffective.

Published

on

WASHINGTON, March 22, 2023 — The current industry and regulatory fight against illegal robocall traffic is failing to make a meaningful dent in the problem, but there is not yet consensus about a better approach, according to experts at a Broadband Breakfast Live Online event on Wednesday.

“Robocalls have completely undermined the value of the U.S. telephone system,” said Margot Saunders, senior attorney at the National Consumer Law Center. “The system is losing value and that’s hurting all of us — especially businesses and health professionals who are trying to reach people in health emergencies.”

In addition to being an annoyance, fraudulent robocalls are expected to cost mobile subscribers more than $58 billion in 2023 alone, Saunders added.

The Federal Communications Commission voted Thursday to expand the STIR/SHAKEN robocall regime to include providers that receive and deliver phone traffic. Previously, the rules only applied to voice service providers that originate and terminate calls.

“This was a gap in our rules, a way to let junk calls sneak into our networks and reach unassuming consumers,” FCC Chairwoman Jessica Rosenworcel said in a statement. “No more. Today we close this loophole and require intermediate providers… to use STIR/SHAKEN. We also insist that they, along with all other providers, register in our Robocall Mitigation Database.”

Downstream carriers will be prohibited from accepting calls from intermediate providers not listed in the database, Rosenworcel added.

“In my almost 38 years of practice, I have never seen the FCC actually produce more rules and regulations around a single issue in a shorter time as they have with robocalling,” said Glenn Richards, partner at Pillsbury Winthrop Shaw Pittman LLP, at the Broadband Breakfast event.

Panelists disagree about efficacy of STIR/SHAKEN

Despite the FCC’s efforts, some of the initiatives intended to combat robocalling have resulted in more harm than good, claimed Jonathan Marashlian, managing partner at The CommLaw Group.

“STIR/SHAKEN is not the answer,” Marashlian said. “Maybe it was a very small incremental step in a positive direction, but there are so many holes in the framework from just a sheer technological standpoint.”

Vonage Founder Jeff Pulver agreed that STIR/SHAKEN has proven ineffective. “We’re living in an era where we should be able to communicate more, not less,” he said. “Yet the shenanigans that have been going on have actually dramatically reduced call completion rates.”

But other panelists were more optimistic. Richards argued that it was too early to deem STIR/SHAKEN a failure, noting that some problems — such as traffic originating from overseas call centers — are not entirely within the FCC’s control.

“STIR/SHAKEN is by no means a failure — it is an essential element of the full response needed… but it is only one,” Saunders said. “If you have a panoply of problems and you close the door against one of them and leave the other door open, you haven’t solved the problem because all the bad players will simply come in through the other door.”

The fact that VoIP providers are allowed to rent phone numbers to telemarketers and scammers “completely undermines the whole purpose of STIR/SHAKEN,” Saunders added.

Which party is responsible for blocking robocall traffic?

In determining responsibility for bad traffic, Saunders drew an analogy to a grocery story that repeatedly sold spoiled milk from a variety of different brands. “The authorities would go down and say, ‘Grocery store, if you can’t stop selling bad milk because you can’t control your suppliers, we’re going to shut you down,’” she said. “In the end, it’s the terminating providers’ job, we think, to police the providers from whom they accept calls.”

Richards took a different approach. “I think the obligation really belongs to the originating service provider to taste the milk before they send the call,” he said. “There’s probably a relatively small number of originating service providers that are responsible for a large number of the illegal fraudulent traffic that is getting into the United States… and frankly, I think it’s important that those parties probably are the ones that are subject to enforcement.”

While Saunders agreed that the originating providers would ideally be held liable, she noted that “this problem has been going on for years and we’ve not been able to catch them.” Holding the terminating partners accountable, she said, would provide a more effective and pragmatic solution.

Pulver proposed a system where the caller party would pay and the destination party would set the price for call completion. In addition, he said, consumers should be empowered with tools such as “personal communication firewalls” that would allow individuals to block all unrecognized traffic.

Richards also promoted consumer choice, but noted that “not all consumers have that same technical capability — and particularly older consumers, who are the targets of a lot of these nefarious practices — so having the carriers intervene make some sense.”

Our Broadband Breakfast Live Online events take place on Wednesday at 12 Noon ET. Watch the event on Broadband Breakfast, or REGISTER HERE to join the conversation.

Wednesday, March 22, 2023, 12 Noon ET – Robocalls, STIR/SHAKEN and the Future of Voice Telephony

The Federal Communications Commission calls the fight against illegal robocall traffic its “top consumer protection priority.” The agency’s March 16 meeting heard discussion of several proposed rules to strengthen STIR/SHAKEN, from requiring intermediate providers to authenticate certain calls to adopting more robust enforcement tools. Required by the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act of 2019, has the FCC succeeded in making the STIR/SHAKEN framework work? Or is voice telephony still at the mercy of robocallers?

  • Margot Saunders, Senior Attorney, National Consumer Law Center
  • Jeff Pulver, Founder, Vonage
  • Glenn Richards, Partner, Pillsbury Winthrop Shaw Pittman LLP
  • Jonathan Marashlian, Managing Partner, The CommLaw Group
  • Drew Clark (moderator), Editor and Publisher, Broadband Breakfast

Panelist resources

Margot Saunders is currently a senior staff attorney with the National Consumer Law Center (NCLC) after serving as managing attorney of NCLC’s Washington, D.C. office from 1991 to 2005. Margot has testified before Congress more than two dozen times regarding a wide range of consumer law issues, including predatory mortgage lending, high cost small loans, payments law, electronic commerce, protecting benefits in bank accounts, privacy issues, and robocalls. She was the lead advocate on the passage of the Home Ownership and Equity Protection Act, the development of the Treasury Rule protecting exempt benefits, and many other initiatives.

Jeff Pulver is a tech industry icon, a pioneer in the field of Voice over Internet Protocol (VoIP), and a leading advocate for internet freedom. In the late 1990s, Pulver saw the potential for VoIP to revolutionize the way we communicate and founded the company Vonage, one of the first VoIP service providers. As VoIP began to gain traction, Pulver faced resistance from traditional telephone companies and regulators. In 2003, he took on the establishment and petitioned the Federal Communications Commission (FCC). In 2004 the FCC issued the “Pulver Order”  which ensured that VoIP services would not be subject to traditional telephone regulation. This decision paved the way for the widespread adoption of VoIP and transformed the way we communicate.

Glenn Richards is Pillsbury’s Communications Practice Group Leader. Based in Washington, DC, he is a recognized authority on IP communications regulations and telecommunications policies and issues. Glenn represents VoIP and cloud communications service providers; satellite, wireless, long-distance and competitive local exchange carriers; broadcasters; equipment manufacturers; trade associations and others in transactional matters and before the FCC and state public utilities commissions. A partner in the firm’s Global Sourcing practice, Glenn also negotiates global telecommunications service contracts for large corporations.

Jonathan Marashlian is experienced in nearly all aspects of federal and state communications law and regulation. He has represented clients of all shapes and sizes and from all corners of the Communications/VoIP, Broadband, IoT and Information Technology industries for over 25 years. As Managing Partner of The CommLaw Group, Mr. Marashlian is responsible for coordinating and managing attorneys and professional staff and guiding the firm’s clients through the maze of federal, state and international regulatory, communications tax, and other compliance requirements.

Drew Clark (moderator) is CEO of Breakfast Media LLC. He has led the Broadband Breakfast community since 2008. An early proponent of better broadband, better lives, he initially founded the Broadband Census crowdsourcing campaign for broadband data. As Editor and Publisher, Clark presides over the leading media company advocating for higher-capacity internet everywhere through topical, timely and intelligent coverage. Clark also served as head of the Partnership for a Connected Illinois, a state broadband initiative.

Graphic from Adobe Stock used with permission

WATCH HERE, or on YouTubeTwitter and Facebook.

As with all Broadband Breakfast Live Online events, the FREE webcasts will take place at 12 Noon ET on Wednesday.

SUBSCRIBE to the Broadband Breakfast YouTube channel. That way, you will be notified when events go live. Watch on YouTubeTwitter and Facebook.

See a complete list of upcoming and past Broadband Breakfast Live Online events.

Continue Reading

Privacy

Children’s Online Safety Bills Criticized for Compliance Burden, Plus Speech and Privacy Risks

States are considering measures ranging from age verification to a “duty of care.”

Published

on

Screenshot of Matthew Feeney, head of technology and innovation at the Centre for Policy Studies, at the Cato Institute event

WASHINGTON, March 17, 2023 — As an increasing number of states start to consider and implement their own laws aimed at protecting children’s online safety, some experts are highlighting concerns about the practical implications of the resulting legislative “patchwork” — as well as concerns that some proposals might actually harm consumers’ digital privacy.

“States have realized that the federal government is going to be very slow in acting in this area,” said James Czerniawski, senior policy analyst at Americans for Prosperity. “So they’re going to try to take the lead here.”

Speaking at a Cato Institute forum on Wednesday, Czerniawski described the two competing approaches that have emerged among the various state laws and proposals.

The first is typified by California’s Age Appropriate Design Code Act, passed in August 2022, which requires that online platforms proactively prioritize the privacy of underage users by default and by design. Many aspects of the law are modeled after the United Kingdom’s Online Safety Bill, a controversial proposal that would establish some of the world’s most stringent internet regulations.

The second approach focuses on age verification, such as Utah legislation that will require social media companies to verify the age of Utah residents before allowing them to create or keep accounts.

In addition to those two core directions, many of the state proposals have their own unique twists, Czerniawski said. For example, the Utah legislation prohibits any design choice that “causes a minor to have an addiction to the company’s social media platform.” While the bill has not yet been signed, Gov. Spencer Cox has previously indicated his intent to do so.

For online platforms that operate nationally or internationally, complying with a growing range of disparate state privacy laws will only become more complicated, Czerniawski said. “This patchwork doesn’t work.”

Potential unintended consequences for free speech, competition and privacy

Some experts have raised concerns that legislation intended to protect children online could have unintended consequences for the privacy and speech rights of adult users.

Matthew Feeney, head of technology and innovation at the Centre for Policy Studies, argued that a heavy compliance burden could incentivize online platforms to over-moderate content. “Given the punitive fines attached to the Online Safety Bill, I think they will engage in an abundance of caution and remove a lot of legal and valuable speech.”

The task of determining which users are underage and then figuring out how to prevent them from seeing any harmful content presents a significant challenge for platforms that host a massive amount of user-generated content, Feeney said.

“Something that’s very crucial to understand is that if you require firms to treat children differently, then you’re asking them to find out which of their users are children — and that is not free; that is a cost,” he added. “And for many firms, I think it will just be cheaper to err on the side of caution and assume all users are children.”

In addition to the implications for online speech, Feeney expressed concern that the regulatory burden adds a “very worrying anti-competitive element” to the legislation. “Most of the companies that will be in scope do not have the army of lawyers and engineers that Meta and Google have,” he said.

While the age verification measures might be easier in terms of compliance, Feeney said, they might ironically create their own risk to children’s online privacy by mandating the collection of highly identifying data.

Czerniawski agreed, specifically pointing to TikTok. “From a privacy standpoint, it seems a little odd that we want to have a company that currently has some security concerns collecting more information on kids in order to continue operating in the country,” he said.

Despite agreeing that there may be legitimate concerns about TikTok’s privacy practices, Czerniawski again argued that many of the proposed solutions — such as a complete national ban — fail to address the actual problem.

“If you’re truly concerned about the privacy issues that TikTok has raised, that’s why… we need a federal data privacy law passed, right? I think that that can go a long way towards solving a lot of those issues,” he said.

In terms of child-specific legislation, Czerniawski called for a more narrowly targeted approach to address problems such as the proliferation of online child sexual abuse material without risking the privacy and free speech rights of all other internet users. “We have to be very serious when we’re looking at trade-offs that are involved here,” he said.

Continue Reading

Robocall

FCC Expands Robocall Regime to Intermediaries, Establishes Robotext Protections

FCC approved first rules on robotexts, more on robocalls, and opened comments on dead zone satellite coverage and prison call rates.

Published

on

Screenshot of FCC

WASHINGTON, March 16, 2023 – The Federal Communications Commission voted in its meeting Thursday to require providers that receive and deliver phone traffic to implement call authentication standards mandated under its STIR/SHAKEN robocall regime and to implement basic protections from problematic robotexts.

Under the previous rules, only voice service providers that originate and terminate calls were required to implement analytical tools that are intended to ensure, among other things, that the phone numbers appearing on caller I.D. are actually from the holder of the number to stop scam calls. But the STIR/SHAKEN robocall regime, which the commission began to enforce in June 2021, did not extend to the middlemen, or intermediary, providers.

That changed Thursday when the commission voted unanimously to broaden the regime to first intermediaries. The commission said that there are still some initiating call providers who are not capable of using the STIR/SHAKEN framework and still others who deliberately fail to authenticate the calls, hence why authentication should be implemented along the call traffic route, the commission said.

“By requiring the next provider in the call path to authenticate those calls, the FCC closes a gap in the caller ID authentication regime and facilitates government and industry efforts to identify and block illegal robocalls,” the commission said in a news release.

As such, intermediary service providers that fail to comply with the new rules will now also be subject to removal from the Robocall Mitigation Database, which would mean other providers would not be able to receive their call traffic.

The FCC noted that the new rules, which require the intermediaries to comply with by December 31, would “maximize” the number of authenticated calls.

In addition, the new FCC rules require all voice service providers to take “reasonable steps” to mitigate illegal robocall traffic and submit to the commission a certification and mitigation plan that would also include details about the provider’s role in the call chain, STIR/SHAKEN implementation obligations, and any law enforcement, regulatory or investigation into such illegal calls.

The commission has taken aggressive action in recent months against providers who have allegedly been non-complaint with the regime, including proposing record fines and forcing other providers to halt driving to and receiving traffic from offenders.

The rules impose fines on a per call basis and establish enforcement consequences for repeat offenders.

Illegal robocalls are number one complaint the FCC hears about from consumers, according to the commission.

FCC adopts first rules on robotexts and asks about further regulatory measures

The commission also unanimously adopted rules against scam text messages sent to consumers and is asking the public about further regulator actions it should take to protect against the texts.

The order adopted Thursday would require mobile service providers to block text messages that are “highly likely to be illegal,” including from phone numbers that are “invalid, unallocated, or unused.” The rules will also apply to numbers whom the subscriber said it never used to send text messages and to those of government agencies that identify the numbers as not being used for texting. It also requires the providers establish a point of contact for text senders, which senders “can use to inquire about blocked texts.”

The commission is also seeking comment on a proposal to clarify that Do-Not-Call Registry protections, which blocks marketing messages to the registered numbers in the database, apply to text messages. The commission said this would close the “lead generator loophole,” in which companies can use a texted point of consent to “deliver robocalls and text messages from multiple – perhaps thousands – of marketers on subjects that may not be what the consumer had in mind.”

Comments are due 30 days after the proposal’s publication in the federal register.

Text message scams have increased 500 percent in recent years, according to the commission, with complaints rising from roughly 3,300 to 18,900 per year from 2015 to 2022. The commission noted that unlike robocalls, text messages are “hard to ignore or hang-up on and are nearly always read by the recipient.” They can also include links that leads to websites that can install malicious software on the consumer’s phone, the agency said.

Agency chairwoman Jessica Rosenworcel proposed the rules last month.

“Robocalls and robotexts are a huge annoyance for everyone,” said a statement from Nick Garcia, policy counsel to advocacy group Public Knowledge. “We’re frequently bombarded with illegal scams and shady spammers – and many consumers don’t know how to protect themselves or where to turn for help. It’s clear that we need strong rules to cut down on this growing problem.

“The FCC has made great strides in combating robocalls, and it is encouraging to see that work continue while the FCC now takes steps to ensure consumers are protected from illegal and unwanted text messages,” Garcia added. “Today’s rules are a win for consumers, providing a common-sense baseline of protection from the kinds of illegal robotexts that are most obvious to identify—those that spoof invalid, unallocated, unused, or inbound-only numbers.”

Satellite to ground mobile coverage and prison call rates proposals 

The commission also unanimously voted in favor of initiating a proceeding on a proposal from the chairwoman last month to allow for satellite broadband providers to get authorization to use the flexible spectrum already licensed to agreeing ground-based mobile wireless providers to fill in dead zones not covered by the latter.

The supplemental coverage proposal, part of the commission’s “single network future” vision, is for non-geostationary orbit satellite operators, such as low-earth orbit satellite providers like SpaceX’s Starlink, focused on portions spectrum in the 600 MHz, 700 MHz, 800 MHz Cellular Radiotelephone Service, and the Wireless Communications Service (2305 to 2360 MHz) bands.

“Connecting consumers to essential wireless services where no terrestrial mobile service is available can be life-saving in remote locations and can open up innovative opportunities for consumers and businesses,” the FCC said.

The commission is also asking how this framework could support access to emergency services like 9-1-1 and wireless emergency alerts.

There have been a number of partnerships between satellite broadband providers and mobile wireless providers for this purpose. In August, SpaceX announced its Starlink satellites will be able to connect T-Mobile’s customers in rural areas to fill gaps in the ground network by having the space company use a portion of T-Mobile’s Personal Communications Services spectrum. The service is anticipated for later this year.

The commission also unanimously voted to initiate a proceeding into implementing a new law requiring the agency to look into the prices charged to incarcerated people to call loved ones.

Passed late last year and enacted in January, the Martha Wright-Reed Just and Reasonable Communications Act requires the FCC to review those rates by expanding its authority over those communications services. Previously, the commission only had authority between states and foreign locations; now, it’s being handed authority to tackle rates and charges for voice and video calls within states. The law requires the regulator to adopt “just and reasonable rates” no earlier than 18 months and no later than 24 months since enactment.

As such, the commission is asking commenters about the expansion of the regulator’s authority to deal with interstate calls, what “just and reasonable” means in the context of the law, how to approach setting rates, and the commission’s ability to ensure communication service for people with disabilities.

The FCC cited studies that it said show incarcerated people “who have regular contact with family members are more likely to succeed after release and have lower recidivism rates.”

Public Knowledge, in a separate statement, also applauded the proposed rulemaking to address “unconscionable phone rates” that “impose undue hardship on families.”

Comments on both matters are due 30 days after their publication in the federal register.

Continue Reading

Signup for Broadband Breakfast News



Broadband Breakfast Research Partner

Trending