On February 26, the Federal Communications Commission (“FCC”) voted to adopt FCC Chairman Tom Wheeler’s proposal to reclassify broadband internet service providers (“ISPs”) as a public utility.  The move, part of the longstanding push often referred to as “net neutrality,” shifts the FCC’s basis for future regulations to Title II of the Communications Act and could permit the FCC to introduce new and more stringent privacy protections.

From 2002 until Thursday’s vote, the FCC had regulated cable broadband providers as “information services” subject to Title I of the Communications Act.  During this time, the commercial Internet flourished, and mobile broadband became widely available in the United States.  However, critics argued that, in a commercial landscape of increasing demand and partnerships between content and distribution interests, ISPs were incentivized to throttle users’ access to competitors’ data.  In 2010, the FCCpromulgated rules that would have prohibited fixed-location broadband ISPs from blocking legal content or unreasonably discriminating among lawful traffic.  ISPs challenged these rules, however, and in 2014, the United States Court of Appeals for the District of Columbia Circuit vacated these rules.

Net neutrality supporters, including major web companies and civil rights groups, widely cheered last week’s action by the FCC as a way to reissue the 2010 rules, this time for mobile as well as fixed broadband.  Critics (including dissenting Commissioner Ajit Pai), in turn, have argued that reclassification paves the way for future regulations that go far beyond net neutrality, such as rate regulation and so-called “last-mile unbundling,” which has since 1996 allowed competitive telephone carriers to access incumbents’ local equipment at regulated prices.  While Title II does support the application of these and numerous other provisions, the FCC’s action last week explicitly forbore from applying the majority of its statutory authority to broadband ISPs.  Of the “additional” provisions that do apply, the FCC’s supporters and critics alike have not yet widely focused on its invocation of Section 222 of the Communications Act (47 U.S.C. § 222).  This provision was enacted in 1996 to protect telecommunications subscribers’ privacy by requiring common carriers to preserve the confidentiality of information concerning subscribers’ “quantity, technical configuration, type, destination, location, and amount of [service] use.”

While Section 222’s application to telephone carriers is well-understood, it could have a considerably broader impact on broadband ISPs.  For example, by restricting the sale of information describing the destination of a subscriber’s packet requests, Section 222 could restrict the rise of ISP-initiated “supercookies” and similar technologies for which ISPs have not received customers’ prior consent.  The reclassification also divides regulatory authority for online privacy between the FCC, for ISPs, and the Federal Trade Commission (“FTC”), which will retain authority for other online services.

ISPs are widely expected to challenge the FCC’s action in the coming weeks, and a successful attack on the Title II reclassification itself would invalidate both last week’s net neutrality rules and the extension of Section 222.  If broadband ISPs remain subject to Title II and the FCC’s privacy regulatory authority, however, privacy advocates and Internet companies alike should pay close attention to the developing interplay between the FCC’s rulemaking authority as to the Internet’s carriers and the FTC’s enforcement power as to its applications.