In May, we posted a blog on litigation filed by telecom providers and trade associations to prevent the California Public Utilities Commission (CPUC) from requiring Plaintiffs to turn over competitively sensitive data to a third party. Plaintiffs allege that disclosure of that data would violate regulations issued by the Federal Communications Commission (FCC) regarding the confidential status of that information. There is now a new party at the table. The National Association of Regulatory Utility Commissioners (NARUC) filed an amicus brief asking the Court to side with the CPUC, and permit disclosure of the data.

For background, after the complaint was filed, the Northern District of California granted Plaintiffs’ motion for a preliminary injunction, blocking the CPUC from sharing the companies’ ostensibly sensitive data with the third party. That order was based on the Court’s finding that the telecom Plaintiffs were likely to prevail on their argument that the CPUC order is preempted by FCC regulations, and because the telecom Plaintiffs “overwhelmingly” demonstrated that they would face irreparable harm if disclosure occurs.

NARUC then filed its amicus brief requesting that the Court deny Plaintiffs’ claims and permit the CPUC order to stand. NARUC framed the question before the Court as follows:

[D]o States have the ability to obtain and to use under state law broadband data, including granular, disaggregated, carrier-specific subscription data, which telecommunications carriers may (or may not) also submit to the FCC on the FCC’s Form 477?

NARUC argues in the affirmative. In particular, NARUC cites a 2010 opinion and order from the FCC that concluded the collection and use of broadband data by states was not preempted by federal law. NARUC also points to the great need for disclosure of data by regulated entities to state regulators, suggesting that it would be poor policy to prevent public utility regulators from accessing the data at issue in this litigation.

Interestingly, NARUC’s amicus brief focuses on the preemption argument and does not attempt to address or reconcile the impetus for the litigation—privacy concerns.

This litigation highlights two areas of tension in the privacy sphere. The first is the tension between ensuring privacy and data security and conducting regulatory activities, whether for the promotion of health, safety, or environmental wellbeing. The second tension is whether privacy protections should stem from the federal government, the states, or the industry itself. Without clear guidelines governing how to balance these competing policies, courts are often asked to decide significant privacy questions through legal doctrine and not the substance of the implicated rights. That is the case here, where the Court is left to grapple with a traditional legal question—whether the FCC’s regulations preempt state regulatory actions—rather than the propriety of requiring disclosure of sensitive information in the context of a public utility regulatory proceeding.