TESTIMONY OF FCC COMMISSIONER AJIT PAI
BEFORE THE SUBCOMMITTEE ON PRIVACY, TECHNOLOGY AND THE LAW
OF THE UNITED STATES SENATE COMMITTEE ON THE JUDICIARY
“EXAMINING THE PROPOSED FCC PRIVACY RULES”
MAY 11, 2016
Chairman Flake, Ranking Member Franken, and Members of the Subcommittee, it is a privilege 
to appear before you today.  Thank you for giving me the opportunity to testify on the FCC’s proposal to 
regulate privacy on the Internet.
Every day, millions of Americans enjoy the freedom that the Internet provides.  We carry our 
smartphones with us wherever we go.  We download apps and surf the web.  And we check our email, the 
weather, our calendars, and our social networks whenever we want.  What’s most amazing is most online 
services are free—any consumer with Internet access can watch videos on Crackle, send emails through 
Yahoo!, or browse the millions of blogs out there without paying a dime.
One of the things that’s enabled this online innovation has been the United States’ historic 
commitment to light-touch, technology-neutral regulation when it comes to Internet privacy.  Startups 
haven’t had to hire an attorney to navigate complex federal rules.  And entrepreneurs have been free to 
invent and discover new ways to monetize their services without fear of government standing in the way 
of profitability.
As the nation’s preeminent federal agency on privacy issues, the Federal Trade Commission 
deserves significant credit.  For the past two decades, the FTC has applied a unified approach to all online 
actors.  It’s shied away from highly prescriptive, industry-wide mandates in favor of a case-specific 
approach focused on harms to consumers.  The FTC’s been quite active, carrying out “more than 150 
privacy and data security enforcement actions, including actions against ISPs and against some of the 
biggest companies in the Internet ecosystem.”
1
  And it’s been so successful that the United States 
government has touted the FTC’s work to the European Union as sufficiently robust to protect online 
consumers against predatory privacy practices.
2
But the country now faces a new challenge.  The FCC tore apart the FTC’s unified framework 
apart 13 months ago when it reclassified broadband as a public utility.
3
  That decision stripped the FTC of 
its authority over broadband providers, since it cannot regulate common carriers.
4
  So there is now a 
gaping hole in our privacy protections that needs to be refilled.
What’s the best way to refill it?  I can’t put it any better than Chairman Wheeler did, testifying 
before the House Energy and Commerce Committee’s Subcommittee on Communications and 
                                                     
1
Remarks of Maureen K. Ohlhausen, Commissioner, U.S. Federal Trade Commission, at the Free State Foundation 
Eighth Annual Telecom Policy Conference, “Privacy Regulation in the Internet Ecosystem,” at 3 (Mar. 23, 2016), 
available at http://go.usa.gov/csDS4.
2
See Letter from Penny Pritzker, U.S. Secretary of Commerce, to Vera Jourova, Commissioner for Justice, 
Consumers and Gender Equality, European Commission (Feb. 23, 2016), available at http://go.usa.gov/csWxP.
3
Protecting and Promoting the Open Internet, GN Docket No. 14-28, Report and Order on Remand, Declaratory 
Ruling, and Order, 30 FCC Rcd 5601 (2015) (Title II Order).
4
Federal Trade Commission Act § 5(a)(2).
2Technology in November 2015:  Because consumers deserve “a uniform expectation of privacy,” the 
FCC “will not be regulating the edge providers differently” from ISPs.
5
But instead of following through on that commitment to Congress, the FCC in March 2016 
decided to target ISPs, and only ISPs, for stringent regulation—regulation far more invasive and 
prescriptive than the case-specific approach of the FTC.  For several reasons, this approach makes little, if 
any, sense.
First, it makes little sense to give some companies greater leeway under the law than others when 
all may have access to the very same personal data.  This disparate approach does not benefit consumers 
or the public interest.  It simply favors one set of corporate interests over another.
Start with this simple fact:  All online operators “have the commercial motivation to use and 
share extensive and personal information about their customers.”
6
  Search engines log every query you 
enter.  Social networks track every person you’ve met.  Online video distributors know every show 
you’ve ever streamed.  Online shopping sites record every book, every piece of furniture, and every 
medical device you browse, let alone purchase.  (Just this morning, when I got into my car and started it, 
the maps application on my smartphone informed me, unsolicited, how long it would take to get to work.)  
To quote the Chairman’s press release, “[e]very day, consumers hand over very personal information 
simply by using the . . . broadband services they’ve paid for.”
7
  And yet the FCC only targets one corner 
of the marketplace.
Second, the FCC’s approach strangely singles out new upstarts in the concentrated market for 
online advertising.  There is no good reason to single out ISPs for disparate treatment, considering that 
they lack market power as nascent competitors.  As one recent study by President Clinton’s chief counsel 
for privacy and President Obama’s special assistant for economic policy explained, “The 10 leading ad-
selling companies earn over 70 percent of online advertising dollars, and none of them has gained this 
position based on its role as an ISP.”
8
  That’s because “ISPs have neither comprehensive nor unique 
access to information about users’ online activity.  Rather, the most commercially valuable information 
about online users . . . is coming from other contexts.”
9
  Or as former Democratic Representative Rick 
Boucher wrote recently, “by the end of this year, 70 percent of Internet traffic will be encrypted and 
beyond the surveillance of ISPs.”
10
  Selectively burdening ISPs confers a windfall to those who are 
already winning big in the world of online advertising.
Third, the FCC’s proposal may actively confuse consumers.  After all, consumers don’t 
necessarily know which particular online entities can access their personal information, let alone the 
regulatory classification of those entities.  But they do care that their personal information is protected by 
anyone and everyone who has access to it.  And a one-sided regulatory push is likely to mislead 
consumers into thinking that federal privacy rules protect them more comprehensively than they actually 
do.
                                                     
5
Hearing before the U.S. House of Representatives Subcommittee on Communications and Technology, “Oversight 
of the Federal Communications Commission,” Preliminary Transcript at 141 (Nov. 17, 2015).
6
Protecting the Privacy of Customers of Broadband and Other Telecommunications Services, WC Docket No. 16-
106, Notice of Proposed Rulemaking, FCC 16-39 at para. 3 (Apr. 1, 2016) (Notice).
7
Chairman Wheeler’s Proposal to Give Broadband Consumers Increased Choice, Transparency & Security With 
Respect to Their Data at 1 (Mar. 10, 2016), available at http://go.usa.gov/csYN5.
8
Peter Swire, Online Privacy and ISPs: ISP Access to Consumer Data is Limited and Often Less than Access by 
Others at 8 (Feb. 29, 2016), available at http://b.gatech.edu/1RIWXUa.
9
Id. at 7.
10
Rick Boucher, Level the Privacy Playing Field to Protect Consumers, The Bureau of National Affairs, Inc. (Mar. 
28, 2016), available at http://www.bna.com/level-privacy-playing-n57982069099/.
3Just consider Chairman Wheeler’s announcement of the push on The Huffington Post.  He titled 
the article “It’s Your Data: Empowering Consumers to Protect Online Privacy.”  But the FCC’s actual 
proposal won’t give consumers any more control of their online privacy with respect to smartphone 
manufacturers or operating system designers or search engines or app developers or website owners or 
content providers.  But a more straightforward account of the proposal is hardly a compelling headline.
Fourth, the FCC’s proposal may signal the end for ad-based discounts on online services.  The 
agency put in its crosshairs “‘free’ services in exchange for information” as well as AT&T’s Internet 
Preferences program, which offers consumers a $30 discount on their broadband service in exchange for 
consent to use web browsing data to tailor a customer’s ads.
11
  Specifically, the FCC sought comment on 
subjecting these practices to heightened notice and choice requirements and even prohibiting them across 
the board.  That doesn’t bode well.
Finally, everyone in the online ecosystem—not just ISPs—should recognize that the FCC’s 
decision to target ISPs is a calculated political choice.  In crafting its online privacy regulations, the 
agency relied on section 706 of the Telecommunications Act, among other statutory provisions.  Under 
the majority’s reading of that section, the FCC believes it has the authority to take practically any action it 
finds necessary to break down barriers to broadband deployment and adoption.
12
Given this highly elastic approach, the FCC could easily regulate the privacy practices of edge 
providers without a vote of Congress.  Recall that concern about online privacy was an important barrier 
to deployment and adoption identified in The National Broadband Plan of 2010, as well as subsequent 
broadband deployment reports.
13
  To be clear, I don’t support the majority’s reading of section 706 (and 
other provisions).  But regulating the privacy practices of ISPs and only ISPs is like eating half a meal—
at some point, the FCC will want to return to the table.
* * *
Chairman Flake, Ranking Member Franken and Members of the Subcommittee, thank you again 
for holding this hearing and inviting me to testify.  I look forward to answering your questions, listening 
to your views, and continuing to work with you and your staff in the days ahead.
                                                     
11
Notice at paras. 259–63.
12
A majority of Commissioners in the Title II Order embraced the theory of the so-called “‘virtuous cycle[,]’ in 
which innovations at the edges of the network enhance consumer demand, leading to expanded investments in 
broadband infrastructure that, in turn, spark new innovations at the edge.”  See Title II Order, 30 FCC Rcd at 5605, 
para. 7.  See also id. at paras. 2, 20, 21, 55, 75, 77, 82, 83, 91, 94, 102, 110, 127, 128, 129, 136, 137, 140, 142, 143, 
151, 162, 205, 273, 286, 288, 289, 294, 295, 297, 329, 512, 544, 554, 559, 564, 574, 575 (invoking the “virtuous 
cycle” theory to justify a plethora of regulatory impositions).
13
See, e.g., Omnibus Broadband Initiative, FCC, Connecting America: The National Broadband Plan at 53 (2010); 
Inquiry Concerning the Deployment of Advanced Telecommunications Capability to All Americans in a Reasonable 
and Timely Fashion, and Possible Steps to Accelerate Such Deployment Pursuant to Section 706 of the 
Telecommunications Act of 1996, as Amended by the Broadband Data Improvement Act, GN Docket No. 15-191, 
2016 Broadband Progress Report, 31 FCC Rcd 699, 751–52, para. 126 (2016); Inquiry Concerning the Deployment 
of Advanced Telecommunications Capability to All Americans in a Reasonable and Timely Fashion, and Possible 
Steps to Accelerate Such Deployment Pursuant to Section 706 of the Telecommunications Act of 1996, as Amended 
by the Broadband Data Improvement Act, GN Docket No. 14-126, Tenth Broadband Progress Notice of Inquiry, 29 
FCC Rcd 9747, 9770, para. 50 (2014).