The overwhelming majority of Americans use the internet. They communicate with their friends, family and pets over the internet. The internet helps Americans find jobs and then do their work. It connects patients to doctors and finds medical information and resources. It can locate any destination a consumer wants and locate that consumer at any destination. Over the internet, consumers can even check whether their home is locked securely and its refrigerator fully stocked. Because it has become so vital and pervasive a part of Americans’ lives, communications must flow over the internet smoothly and securely.
The regulatory regime in the U.S. today is sorely inadequate to the task, because it resides in various agencies who have applied very different rules to the different parts that constitute the internet. The FCC has jurisdiction over common carriers.
The Federal Trade Commission (FTC) has jurisdiction over all other internet networks and platforms, including some of the largest providers on the internet. The extent of the FCC’s and FTC’s authority and their methods of regulation vary significantly, with the FCC focused on general rulemaking and the FTC on examining specific cases.
To further complicate matters, the FCC itself applied very different rules to the portions of the internet that do fall under its purview. In its 2015 Open Internet Order, the FCC applied its “bright-line” no blocking, no throttling, no paid-prioritization rules, general-conduct standard, and transparency rules only to the providers of last-mile broadband internet access (ISPs). All other providers along the thousands of miles and multiple servers over which a communication passes can block that communication, throttle its speed, prioritize it for pay and discriminate, as long as they don’t deceive consumers or otherwise run afoul of the FTC.
In a recent order, the FCC also applied a complex privacy regime to ISPs. The myriad other providers who may touch that same communication live by the FTC’s much simpler and more flexible privacy framework.
In other words, a single communication by a consumer travels not only over a series of networks and platforms, but over a series of very different regulatory requirements. A message for which the consumer may have chosen a high level of privacy at its starting point is no longer required to carry that level of privacy once it passes from the ISP to the next link in the chain or the one after that. ISPs are not allowed to throttle a video that a consumer wants to stream smoothly, but other providers along the path may do so. For example, as Netflix admitted in 2016, it has throttled videos on two wireless ISPs without the permission or knowledge of either the consumers of those videos or the ISPs, and did so for five years—without penalty.
Is a consumer less harmed if her privacy is violated by a content-delivery-network than if it is violated by an ISP? Is a consumer less harmed if his identity has been stolen thanks to the failed security of a content platform rather than an ISP? Is a consumer less annoyed if a video is throttled at Netflix’s server rather than in the last mile of transmission? These regulatory distinctions favor some providers but provide no comfort at all to consumers who are harmed.
There can be a valid debate about the appropriate level of privacy for internet communications, or about the tradeoff between cybersecurity and free speech, or about the rights of commercial enterprises to manage and charge for their capacity, as well as about many other issues that affect the flow of traffic on the internet. But once a decision has been reached, it should apply across the entire internet.
Consumers suffer when a single communication is subjected to a dizzying array of contradictory regulatory regimes along its path from originator to recipient. If consumers are to entrust their health, their finances, and their most intimate relationships to the internet, our regulatory system must be coherent. It must ensure that consumers’ expectations will be met throughout the internet, not just in the first mile.
As the new administration and Congress rethink the laws and regulatory structures that govern the internet and its broadband ecosystem in the U.S., they must aim for consistency. It is time to put consumers first.
Anna-Maria Kovacs, Ph.D., CFA, is a Visiting Senior Policy Scholar at the Georgetown Center for Business and Public Policy. She has covered the communications industry for more than three decades as a financial analyst and consultant.