1Remarks of FCC Chairman Tom Wheeler As Prepared for Delivery GnoviCon 2016 Georgetown University Washington, D.C. March 21, 2016 Good afternoon. I hope your NCAA brackets are in better shape than mine. It’s great to be at Georgetown – and I’m not just saying that because I live a few blocks from here making today my easiest commute ever. Thank you for inviting me to be a part of gnovis’s annual spring conference. I’m honored to be a part of today’s discussion about the future of the Internet, and government’s role in maximizing the benefits of ubiquitous, high-speed connectivity. I saw that your invitation for this conference used the anniversary of the FCC’s net neutrality rules as the frame for teeing up today’s conversation, so I’ll start my remarks there. But I want to spend the bulk of my time talking about a related initiative: my new proposal to enhance the privacy of broadband users. To start off, it’s important to lay out a few baseline facts that inform our regulatory approach at the FCC. First, in the United States we rely almost exclusively on private industry to build out and constantly upgrade our wired and wireless broadband infrastructure. Yes, the federal government subsidizes broadband investment in remote rural areas, and some community leaders that believe the broadband competition is lacking have launched their own municipal broadband projects. But, for the most part, if we want world-class broadband networks in America – and we most definitely do – we will need billions in private network investment year after year. Second, we believe competition is the most effective tool for driving investment and innovation, while protecting consumer interests. Competitive markets produce better outcomes than highly regulated markets. That’s why we must protect competition where it exists, and promote competition where it may not be fulsome. Third, the open Internet drives the American economy and serves, every day, as a critical tool for citizens to conduct commerce, communicate, educate, entertain, and engage in the world around them. The benefits of the open Internet are undisputed, and it must remain open. 2Starting from that baseline, we felt it was critical that the Commission adopt enforceable net neutrality rules a year ago. The Internet’s open design is what enables innovation from anyone, anywhere without anyone else’s permission. It has allowed inventors in dorm rooms and garages to launch start-ups that became world-leading companies. The challenge becomes how do you protect that openness when, as the D.C. Circuit Court has observed, broadband providers have the ability and the incentives to degrade or favor some content over others. After a year-long process that generated more than 4 million public comments, the Commission adopted bright line Open Internet protections that ban blocking, throttling, and paid prioritization. Because technology and innovation are constantly evolving, we also established a general conduct rule that can be used to stop new and novel threats to the Internet. At the same time, we used a light-touch regulatory approach to make sure ISPs continue to have the economic incentives to build fast and competitive broadband networks. That means no rate regulation and no forced unbundling of networks. They are rules patterned after the wireless rules that have seen hundreds of billions of dollars of investment since they were adopted in 1994. As many of you recall, when the Commission adopted these rules, critics howled that the rules would be devastating for network investment – that broadband deployment would screech to a halt. So how are those predictions working out? Well, as the virtuous circle predicts, investment continues pouring into startups whose ability to reach users requires unfettered Internet access. In 2015, venture investment in Internet-specific businesses was up 35 percent over the previous year. Score one for innovation investment! But what about network investment? In their latest earnings calls, the nation’s largest providers are all telling Wall Street that they plan sustained and significant capital expenditures in 2016 and beyond. AT&T projects $22 billion in capital expenditures this year, a $2 billion increase. Comcast says it plans “increased investment in network infrastructure” in 2016, and, just last week, Comcast began rolling out gigabit service in Atlanta, with plans to expand to additional markets later this year. Verizon says it, “remain[s] committed to consistently investing in our networks for the future.” Understand the economics driving that investment. Each of these companies saw gains in revenue per broadband subscriber in 2015. Let’s stop and consider that often overlooked statistic. An open Internet is driving more network usage and – surprise! – that increased usage is driving more revenue per user. More openness, more demand, more broadband. It’s just that simple. Looking beyond the largest traditional network operators, Google Fiber announced plans to expand to 19 new cities only a few weeks after the Open Internet rules are adopted. Let’s consider that development in a slightly different context. Google – whose functions like search 3and email lie beyond the scope of the Open Internet rules – is investing billions of dollars in a network it knows is subject to the new FCC Open Internet rules. And any suggestion that network investment by others is poised to contract completely falls apart when you consider how mobile ISPs are scrambling to ramp up 5G wireless networks and the massive infrastructure investments that will require. Now, imagine the kind of increased connectivity that will be consumed by the Internet of Things, which will link a projected 200 billion smart devices by 2020 – that’s 26 smart objects for every person on earth. The whole argument that we could have either Open Internet protections or robust network investment was – and remains -- a false choice. We can, and do, have both an Open Internet and continued investment in bigger and better broadband. We can have an Open Internet and light- touch regulation that encourages innovation and consumer choice. The real choice at the heart of the net neutrality debate is whether those who build the networks should make the rules by themselves or whether there should be a basic set of rules and a referee on the field to throw the flag if they are violated. To me, the choice remains clear. Obviously, preserving Internet openness was the central focus of our Open Internet decision, but it also contemplated another key area of broadband policy: privacy. Justice Louis Brandeis once described the right to privacy as “the right to be left alone.” Many of you are digital natives. You’ve grown up in a world where we’re all connected, all the time. You understand that when we are all walking around with a device in our pocket linking us to people and businesses around the globe, it’s time to think anew about how best to preserve the right to privacy. At the FCC, we believe you can have your broadband, and you can have your privacy. And earlier this month, I shared a proposal with my colleagues that would ensure that people have the tools they need to make informed choices about how and whether their data is used and shared by their residential fixed and mobile broadband providers. Let me explain why. Everyone in this room probably knows that the social media we join and the websites we visit collect our personal information, and use it for advertising purposes. Seldom, however, do we stop to realize that our Internet Service Provider – or ISP – is also collecting information about us. What’s more, we can choose not to visit a website or not to sign up for a social network, or we can choose to drop one and switch to another in milliseconds. But broadband service is different. Once you subscribe to an Internet Service Provider—for your home or for your smartphone—you have little flexibility to change your mind or avoid that network rapidly. Think about it. Your ISP handles all of your network traffic. That means it has a broad view of all of your unencrypted online activity – when you are online, the websites you visit, and the apps you use. If you have a mobile device, your provider can track your physical location throughout the day in real time. Even when data is encrypted, your broadband provider can piece together significant amounts of information about you – including private information such as a chronic medical condition or financial problems – based on your online activity. 4The information collected by the phone company about your telephone usage has long been protected information. FCC regulations currently limit your phone company’s ability to repurpose and resell what it learns about your phone activity without your consent. The same should be true for information collected by your ISP. That’s the practical reason why we felt compelled to act. There’s also a legal reason to act now. As part of our Open Internet Order, we reclassified Broadband Internet Access Service as a “Telecommunications Service” under Title II of the Communications Act. Among other things, that decision put our Open Internet rules on firm legal ground. That decision also has meaningful implications for privacy. Part of Title II of the Communications Act – known as Section 222 -- grants the Commission the authority it has used to protect the privacy of data that phone companies collect. While the Commission refrained from applying many of the Title II requirements to broadband services, we found that applying Section 222 to broadband services is necessary to protect consumer privacy and to provide specific guidance to both consumers and companies. That decision was particularly important to avoid leaving a gap in oversight of the privacy practices of ISPs, given that Congress has not authorized the Federal Trade Commission to regulate common carriers. So what exactly are we proposing? My proposal is built on three core principles – choice, transparency and security. It identifies three categories of customer information and crafts clear expectations for both ISPs and customers. Information necessary to deliver broadband services could still be used by ISPs without additional consumer consent, so treatment of that data is largely unchanged. Of course, the ISP has the right to use your name, address, IP address, and other information necessary to establish a business relationship with you and provide the broadband service you have contracted for. ISPs and their affiliates would be able to use certain information to market other communications-related services unless the consumer affirmatively opts out. I don’t know about you, but I’d like my ISP to inform me about triple play packages it offers that may work well for me. But, if you don’t feel the same way, all you have to do is tell them and opt out. All other uses and sharing of consumer data would require affirmative “opt-in” consent from customers. So, let’s be specific. Information that is necessary to run the network can be used without the consumer’s additional permission. However, the fact that a consumer visits a cancer website or a shoe website is the consumer’s information, and it should not be repurposed or sold without the consumer’s permission. If this plan is adopted, you will have the right to exercise control over what personal data your broadband provider uses and under what circumstances it shares your personal information with 5third parties or affiliated companies. You will know what information is being collected about you and how it’s being used. That information must be provided by your broadband service provider in an easily understandable and accessible manner. And if your broadband provider is collecting and storing information about you, it has a responsibility to make sure that information is secure. Let me be explicit about what this proposal will NOT do. It is not regulating what we often refer to as the edge – meaning the online applications and services that you access over the Internet, like Twitter and Uber. It is narrowly focused on the personal information collected by broadband providers as a function of providing you with broadband connectivity, not the privacy practices of the websites and other online services that you choose to visit. Indeed, there are other federal and state agencies – namely, the Federal Trade Commission—that do a great job dealing with such companies and their privacy practices. The FCC’s expertise and statutory authority is with respect to the networks that get you onto the Internet. Nor does this proposal wade into government surveillance, encryption or other law enforcement issues. Again, this is about ISPs and only ISPs. And this proposal does not prohibit ISPs from using and sharing customer data — it simply proposes that the ISP first obtain customers’ express permission before doing so. So what are the next steps? On March 31, my fellow Commissioners will vote on whether to move forward in seeking comment on this proposal. If approved, all Americans will have the opportunity to weigh in and have their voices heard. This, of course, includes the ISPs and any ideas they have to make the rules better. We especially want to listen and learn from the public before we adopt final, enforceable, rules of the road. Of course, we know there will be opposition. We’ve already heard the naysayers argue that FCC privacy rules would stifle business models that support faster, better broadband networks. We’ve seen that movie before. We know to be wary of false choices. We can protect consumer privacy, while preserving innovation and investment in our broadband infrastructure. And we will. The bottom line is that it’s your data; it should be your choice about how that data is shared and used. Thank you, and enjoy the conference.