In his keynote
address at last week’s Free State Foundation event, “Implementing Real Regulatory Reform at the FCC,” FCC Commissioner
Michael O’Rielly once again made an important contribution to the ongoing
discussion regarding FCC process reform – which, in material respects, is
central to adherence to rule of law norms.
Here I want to address briefly the problematic way in which the
FCC is approaching “enforcement actions” that impose sanctions, one of the areas
of activity Commissioner O’Rielly identifies as in need of reform. The FCC
appears to be abusing its enforcement authority by sanctioning those it
regulates for alleged violations of rules that the regulated entities could not
reasonably have known constituted violations prior to the assessment of a penalty.
What the Commission is now doing runs against accepted rule
of law requirements, which include due process, because the agency is asserting
authority to punish those it regulates without first establishing “knowable,
predictable” rules. As Commissioner Ajit Pai put it in dissenting from the
proposed fine in the TerraCom/YourTel America case: “A
core principle of the American legal system is due process. The government
cannot sanction you for violating the law unless it has told you what the law
is.”
In the TerraCom/YourTel
America case, the FCC’s Enforcement Bureau proposed a $10 million fine claiming
that the companies had failed adequately to secure customers’ sensitive
personal identifiable information (PII). Of course, any data breach is no cause
for celebration. But the alleged “violation” in this instance was not clearly
proscribed by any law or regulation. The Commission relied on Section 222 of
the Communications Act and its rules issued thereunder, but these provisions deal
with CPNI (“customer proprietary network information”), not PII, which is a broader
category of information not covered by the statute or the agency’s rules.
And the agency also relied on Section 201(b)’s requirement
that a carrier’s practices be “just and reasonable,” a standard too vague to
put a regulated party on fair notice that an unintentional data breach could be
sanctioned. As Commissioner Pai concluded: “[T]he Commission asserts that these
companies violated novel legal interpretations and never-adopted rules.”
And the $100
million fine that the FCC proposed in June to be assessed against AT&T
for allegedly violating the 2010 Net
Neutrality Order transparency regulation is a further indication the agency
doesn’t take seriously, or doesn’t understand, its rule of law obligations. The
AT&T case looks to be another instance of the Commission seeking to
sanction conduct – and impose an enormous fine – based on “novel legal
interpretations and never adopted rules.”
According to the Commission, AT&T violated the
transparency rule by, at times of network congestion, reducing the speeds of
customers subscribed to “unlimited” data plans. AT&T’s response appears to
have considerable merit. The Commission previously had not given any indication
that throttling speeds for purposes of network management during congestion periods
is inconsistent with an “unlimited” data plan description. Indeed, to the
contrary, for many years prior to the proposed fine, the Commission had been
aware of AT&T’s targeted speed-reducing practices and of AT&T’s various
disclosures making “unlimited” plan customers aware of such practices.
It may be that the Commission could adopt a rule or announce
a policy that would indicate clearly – in other words, that would provide fair
notice – that throttling speeds in the way AT&T is alleged to have done is
prohibited conduct. Indeed, perhaps AT&T’s conduct might – or might not –
violate the 2015 version of the agency’s net neutrality rules. But that’s much
different than proposing to sanction AT&T under the 2010 transparency rule.
The Commission, if it wishes to conform to rule of law
norms, can’t expect parties subject to its jurisdiction to be “mind readers.”
But, unfortunately, mind reading may be just what is
expected by Internet providers – or at least what will be required –if they are
not to run afoul of the agency under the 2015
version of the Commission’s net neutrality regulations. The FCC’s
self-described “catch-all” general conduct standard makes it unlawful for an
ISP to “unreasonably interfere with or unreasonably disadvantage” end users or
edge providers. [See paragraph 21 of the order.] Obviously, this “catch all”
provision leaves the Commission with virtually unbridled discretion to sanction
conduct that regulated parties have no way of knowing, in advance, is prohibited.
In other words, to go back to first principles, the
Commission, regrettably, has gone out of its way to avoid “knowable,
predictable, rule-based decision-making.”
And, to make matters worse, the Commission has delegated
broad authority to its Enforcement Bureau staff to administer, interpret, and
enforce the standardless “catch-all” rule. Given recent history, turning the
Enforcement Bureau loose in this way does not augur well. In his keynote
address, Commission O’Rielly identified “delegation of matters to staff” as
an area ripe for reformist changes. I suspect that, over time, the authority
delegated to the staff to enforce the net neutrality rules, especially the “catch-all”
provision, will only heighten concerns about the use of “delegated authority.”
Perhaps the effort to engage in meaningful process reform
will take hold at the Commission. Those the agency regulates – and the broader American
public – deserve no less. In any event, whether or not you agree with all of
his proposals, Commissioner O’Reilly deserves credit for the serious manner in
which he is approaching the subject.
If you missed FSF’s event, here is the video with Commissioner O’Rielly’s keynote, along
with the panel discussion that followed with Richard Wiley, former Chairman, Commissioner, and General Counsel
of the FCC, and Gus Hurwitz and Daniel Lyons, both telecom and
administrative law scholars and members of FSF’s Board of Academic Advisors.
Posts
