On November 16, 2015, the Federal Communications Commission (FCC) and Federal Trade Commission (FTC) signed a Memorandum of Understanding (MOU) formalizing the existing cooperation between the agencies and outlining how the FCC and FTC will coordinate consumer protection efforts.1 The MOU expresses the agencies' joint belief that enforcement actions undertaken by either agency within the scope of its jurisdiction will not preclude or limit the other agency's authority.2 The existence of the MOU signals that both agencies currently intend to remain active in the consumer protection arena and underscores the importance of monitoring and reviewing compliance with both agencies' consumer protection standards, policies, and enforcement priorities.
The Current Regulatory Context
The MOU comes at a time when both the FCC and FTC have been particularly active in consumer protection, through both rulemaking and enforcement actions. For example, in recent months, the FCC has taken steps to implement the Telephone Consumer Protection Act (TCPA),3 and brought the first-ever privacy and data security enforcement action against a cable operator.4 The FCC also recently imposed fines on hotels and other entities for allegedly blocking consumer use of personal Wi-Fi hotspots.5 Similarly, the FTC has engaged in a variety of significant consumer protection actions, including "the first coordinated federal-state enforcement initiative targeting deceptive and abusive debt collection practices" encompassing 30 new law enforcement actions at the federal, state, and local level.6 The FTC also recently won a significant victory when the Third Circuit affirmed the FTC's authority to regulate the cybersecurity controls of consumer facing companies,7 a subject area that is at the forefront of the agency's regulatory agenda.8 And the FTC has signaled a focus on the use of consumer data, particularly with respect to online advertising, cross device tracking, and data brokering.9 The agency has also increased its enforcement and regulatory focus on privacy, data security, and advertising practices for mobile applications and software.10 At the same time, several privacy and data security bills are making their way through Congress, including a bill that would limit the FCC's ability to enforce data breach standards, including for common carriers,11 and give the FTC exclusive authority to regulate in that area.
First, the MOU states the FTC and FCC will continue to "work together to protect consumers from acts and practices that are deceptive, unfair, unjust and/or unreasonable," including through:
- coordination on agency initiatives where one agency's action will have a significant effect on the other agency's authority or programs;
- consultation on investigations or actions that implicate the jurisdiction of the other agency;
- regular coordination meetings to review current marketplace practices and each agency's work on matters of common interest that impact consumers;
- regular meetings at which the agencies will exchange their respective learning about the evolution of communications markets;
- sharing of relevant investigative techniques and tools, intelligence, technical and legal expertise, and best practices in response to reasonable requests for such assistance; and
- collaboration on consumer and industry outreach and education efforts, as appropriate.
Second, the MOU states that the agencies believe the common carrier exemption in the FTC Act[[N:See 15 USC § 45(a)(2) ("The [FTC] is hereby empowered and directed to prevent persons, partnerships, or corporations, except. . . common carriers . . . from using unfair methods of competition in or affecting commerce and unfair or deceptive acts or practices in or affecting commerce.").]] does not preclude the FTC from addressing non-common carrier activities engaged in by common carriers. This comports with the position historically taken by the FTC. Further, the MOU states that any enforcement action taken by the FTC should not be perceived as a limitation on authority otherwise available to the FCC, and vice versa. To the extent that the FCC and FTC have authority to address the same conduct, the agencies will follow the processes described in the MOU in order to "ensure their activities efficiently protect consumers and serve the public interest."
Third,the MOU provides that the agencies will share data regarding consumer complaints to the extent feasible, including through the FCC's access to the FTC's secure online database of millions of consumer complaints submitted directly to the FTC, as well as to other contributors (Consumer Sentinel Network).12
The MOU contemplates that representatives from the FTC Bureau of Consumer Protection, the FCC Enforcement Bureau, and the FCC Consumer and Governmental Affairs Bureau will hold meetings to exchange views on matters of common interest and responsibility.
While the FCC and FTC MOU does not alter or enhance either agency's legal authority, the MOU underscores the agencies' determination and public commitment to engage in coordination, consultation, and information exchange in pursuit of their respective statutory mandates. Consumer facing companies should pay careful attention to the agencies' coordinated efforts over the coming months, while also recognizing that many other regulators at the federal and state level (including several state Attorneys General) have also increased enforcement activity in this area.