On March 1, 2017, the Federal Communications Commission (“FCC”), under the new leadership of Chairman Ajit Pai, voted 2-1 to issue a temporary stay of the data security obligations of the FCC’s Broadband Consumer Privacy Rules (the “Rules”), which were to go into effect March 2, 2017. The temporary stay will remain in place until the FCC is able to act on pending petitions for reconsideration.
A joint press release by FCC Chairman Pai and Acting FTC Chairwoman Maureen K. Ohlhausen describes the stayed provisions as not consistent with the FTC’s privacy framework. The press release expresses the agency heads’ disagreement with the “FCC’s unilateral decision in 2015 to strip the FTC of its authority over broadband providers’ privacy and data security practices” and their belief that “jurisdiction over broadband providers’ privacy and data security practices should be returned to the FTC.” The temporary stay is described as “a step forward” in filling a consumer protection gap that was created by the FCC in 2015. The press release also announces the agencies’ plan to create a “technology-neutral privacy framework for the online world” that would do away with two distinct frameworks—one for Internet service providers and one for all other online companies.
Other elements of the Rules are still scheduled to go into effect later this year and are unaffected by the temporary stay.