In his keynote address at last week’s Free State Foundation event, “Implementing Real Regulatory Reform at the FCC,” FCC Commissioner Michael O’Rielly once again made an important contribution to the ongoing discussion regarding FCC process reform – which, in material respects, is central to adherence to rule of law norms.
Here I want to address briefly the problematic way in which the FCC is approaching “enforcement actions” that impose sanctions, one of the areas of activity Commissioner O’Rielly identifies as in need of reform. The FCC appears to be abusing its enforcement authority by sanctioning those it regulates for alleged violations of rules that the regulated entities could not reasonably have known constituted violations prior to the assessment of a penalty.
What the Commission is now doing runs against accepted rule of law requirements, which include due process, because the agency is asserting authority to punish those it regulates without first establishing “knowable, predictable” rules. As Commissioner Ajit Pai put it in dissenting from the proposed fine in the TerraCom/YourTel America case: “A core principle of the American legal system is due process. The government cannot sanction you for violating the law unless it has told you what the law is.”
In the TerraCom/YourTel America case, the FCC’s Enforcement Bureau proposed a $10 million fine claiming that the companies had failed adequately to secure customers’ sensitive personal identifiable information (PII). Of course, any data breach is no cause for celebration. But the alleged “violation” in this instance was not clearly proscribed by any law or regulation. The Commission relied on Section 222 of the Communications Act and its rules issued thereunder, but these provisions deal with CPNI (“customer proprietary network information”), not PII, which is a broader category of information not covered by the statute or the agency’s rules.
And the agency also relied on Section 201(b)’s requirement that a carrier’s practices be “just and reasonable,” a standard too vague to put a regulated party on fair notice that an unintentional data breach could be sanctioned. As Commissioner Pai concluded: “[T]he Commission asserts that these companies violated novel legal interpretations and never-adopted rules.”
And the $100 million fine that the FCC proposed in June to be assessed against AT&T for allegedly violating the 2010 Net Neutrality Order transparency regulation is a further indication the agency doesn’t take seriously, or doesn’t understand, its rule of law obligations. The AT&T case looks to be another instance of the Commission seeking to sanction conduct – and impose an enormous fine – based on “novel legal interpretations and never adopted rules.”
According to the Commission, AT&T violated the transparency rule by, at times of network congestion, reducing the speeds of customers subscribed to “unlimited” data plans. AT&T’s response appears to have considerable merit. The Commission previously had not given any indication that throttling speeds for purposes of network management during congestion periods is inconsistent with an “unlimited” data plan description. Indeed, to the contrary, for many years prior to the proposed fine, the Commission had been aware of AT&T’s targeted speed-reducing practices and of AT&T’s various disclosures making “unlimited” plan customers aware of such practices.
It may be that the Commission could adopt a rule or announce a policy that would indicate clearly – in other words, that would provide fair notice – that throttling speeds in the way AT&T is alleged to have done is prohibited conduct. Indeed, perhaps AT&T’s conduct might – or might not – violate the 2015 version of the agency’s net neutrality rules. But that’s much different than proposing to sanction AT&T under the 2010 transparency rule.
The Commission, if it wishes to conform to rule of law norms, can’t expect parties subject to its jurisdiction to be “mind readers.”
But, unfortunately, mind reading may be just what is expected by Internet providers – or at least what will be required –if they are not to run afoul of the agency under the 2015 version of the Commission’s net neutrality regulations. The FCC’s self-described “catch-all” general conduct standard makes it unlawful for an ISP to “unreasonably interfere with or unreasonably disadvantage” end users or edge providers. [See paragraph 21 of the order.] Obviously, this “catch all” provision leaves the Commission with virtually unbridled discretion to sanction conduct that regulated parties have no way of knowing, in advance, is prohibited.
In other words, to go back to first principles, the Commission, regrettably, has gone out of its way to avoid “knowable, predictable, rule-based decision-making.”
And, to make matters worse, the Commission has delegated broad authority to its Enforcement Bureau staff to administer, interpret, and enforce the standardless “catch-all” rule. Given recent history, turning the Enforcement Bureau loose in this way does not augur well. In his keynote address, Commission O’Rielly identified “delegation of matters to staff” as an area ripe for reformist changes. I suspect that, over time, the authority delegated to the staff to enforce the net neutrality rules, especially the “catch-all” provision, will only heighten concerns about the use of “delegated authority.”
Perhaps the effort to engage in meaningful process reform will take hold at the Commission. Those the agency regulates – and the broader American public – deserve no less. In any event, whether or not you agree with all of his proposals, Commissioner O’Reilly deserves credit for the serious manner in which he is approaching the subject.
If you missed FSF’s event, here is the video with Commissioner O’Rielly’s keynote, along with the panel discussion that followed with Richard Wiley, former Chairman, Commissioner, and General Counsel of the FCC, and Gus Hurwitz and Daniel Lyons, both telecom and administrative law scholars and members of FSF’s Board of Academic Advisors.