HB Ad Slot
HB Mobile Ad Slot
Carriers Agree to $3.5 Million FCC Fine For Alleged Privacy Violations
Saturday, July 11, 2015

In a consent decree adopted yesterday by the Federal Communications Commission, two telecommunications carriers — TerraCom, Inc., and YourTel America, Inc. — agreed to pay a $3.5 million civil penalty and adhere to a three-year compliance program to settle allegations that the carriers violated the federal Communications Act by failing to adequately protect “proprietary information” the carriers collected from consumers applying for federally subsidized phone service under the Lifeline program.  The consent decree reiterates the FCC’s interpretation of Sections 201 and 222 of the federal Communications Act — first articulated in a October 2014 decision proposing to fine TerraCom and YourTel $10 million — broadening telecommunications carriers’ privacy and data security obligations.  The consent decree also settles allegations that YourTel failed to de-enroll certain subscribers after being instructed to do so by the Universal Service Administrative Company, which administers Lifeline.

In its earlier Notice of Apparent Liability (NAL) (the October 2014 decision), the FCC found that information collected by TerraCom and YourTel from about 305,000 customers was stored on publicly accessible Internet servers between September 2012 and April 2013.  The information, which was used to verify whether the customers were eligible for subsidies under the Lifeline program, included Social Security numbers, names, addresses, and driver’s license numbers.  In that NAL, the FCC held for the first time that Section 222 of the Communications Act — which previously was understood to protect only “Customer Proprietary Network Information” — also protects a broader range of data (what the FCC referred to as mere “proprietary” information).  In addition, the FCC alleged that TerraCom and YourTel had violated Section 201(b) of the Communications Act, which prohibits telecommunications carriers from engaging in “unjust and unreasonable” practices, by failing to adequately protect customer data.

Those interpretations, which were subject to considerable criticism by industry, have implications not only for traditional telecommunications carriers but also now for broadband Internet service providers, who became subject to Sections 201 and 222 when the FCC’s Open Internet Order — and its reclassification of those providers as “telecommunications carriers” — went into effect on June 12, 2015.

The FCC reiterated its interpretation of Sections 201(b) and 222 in yesterday’s consent decree, and solely for purposes of the settlement TerraCom and YourTel admitted that their actions had violated those provisions.  The consent decree also is notable because it is unusual for the FCC to reach a settlement with an alleged violator after the agency has already released an NAL.  Such settlements more typically are reached before an NAL is issued.

In a separately released statement, Commissioner Michael O’Rielly said the consent decree “highlights the problem of making policy through enforcement actions.”

“I am certain that attempts will be made to cite the Consent Decree as precedent for an entire industry,” O’Rielly wrote, “even though it was the product of company-specific negotiations” and “[o]ther interested parties had no opportunity to comment at any point in time on the substance of the Commission’s claims or legal theories.”

HTML Embed Code
HB Ad Slot
HB Ad Slot
HB Mobile Ad Slot
HB Ad Slot
HB Mobile Ad Slot
 
NLR Logo
We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins