Two days ago a federal appeals court upheld an earlier F.C.C. decision to label broadband technology a utility, maintaining net neutrality. Regulating Code authors Ian Brown and Christopher T. Marsden offer their take on the decision.
On June 14, the District of Columbia Court of Appeals upheld the Federal Communications Commission (FCC) right to regulate Internet Access Providers (IAPs) as common carriers. This confirms the US agency’s power to regulate IAPs to ensure users can access the content, applications, and services they wish without interference from their access provider: what is known as net neutrality. It is part of a wider international regulatory trend to support user rights and prevent interference with Internet traffic. However, as we showed in Regulating Code (2013), this regulatory trend is counteracted by the controlling tendency of the technologies deployed by the national security state and private surveillance partners. Our book was published only months prior to Edward Snowden’s revelations about cooperation between Five Eyes nations (including the USA, Canada and UK) and their corporate partners to conduct mass surveillance, and our warnings that net neutrality cannot be disentangled from privacy, surveillance, copyright enforcement, state censorship, and the role of social media, have come home to roost.
Net neutrality is the private censorship of our communications by our IAPs—for instance Verizon or AT&T, Comcast or T-Mobile. It is regulated by the FCC through merger conditions placed on those giant companies since 2005, and to a far lesser extent by Open Internet Orders which are continually appealed through the federal courts. In Europe, similar rules have been put in place by some countries (Netherlands, Slovenia, Finland, Norway) though not for mergers, but it took until October 2015 for the European Union to pass a Regulation enforcing common rules in the 30 European Economic Area nations—partly because big nations such as Germany and the United Kingdom refused to enforce weaker 2009 rules. These nations are home to Vodafone (part-owner of Verizon Wireless until 2014) and Deutsche Telekom, owner of T-Mobile. US regulation is intimately tied into that in Europe through such corporate cross-holdings.
Net neutrality also involves privacy intrusion—an IAP can only block your access to for instance Instant Messaging services Skype or WhatsApp if it examines your Internet traffic. Such pervasive ‘traffic management’ is highly controversial both because the IAP is trying to block your choice of rival cheaper services, and because it means the IAP is viewing your traffic, looking over your shoulder as you browse, even if you are a journalist or lawyer or elected politican. Though IAPs claim that such traffic monitoring is automatic and does not amount to direct censorship, the increased intelligence of such monitoring led us to title the net neutrality chapter ‘Smart Pipes’—whereas the Internet was once seen to be a ‘dumb pipe.’
That smart capacity has meant IAPs can deliver detailed intelligence reports to national security agencies, though it emerged the agencies also directly tap into trans-oceanic fibre optic cables which carry much of the global Internet traffic. Much of this was known or strongly suspected when we wrote Regulating Code, notably due to the work of pioneering investigators such as Caspar Bowden. When we connected the intelligence requirements of the technologies used to intrude into net neutrality to those of privacy invasion by governments, and other corporate actors such as copyright holders, social networks and search engines, we did so in the knowledge that these dual-purpose technologies serve commercial purposes to monitor behaviour for advertisers and copyright enforcement, and control purposes that are of use to law enforcement and surveillance agencies. The ‘code’ that is regulated is the technologies of the Internet (in the shorthand we used in the book), and it is regulated far more by governments and private actors than it is by traditional regulatory agencies such as the FCC.
So what happens next? Whether the US Supreme Court upholds FCC authority in the appeal by IAPs against the DC Circuit remains to be seen. Both major party presumptive Presidential nominees have expressed their partisan views, but this case may rumble on until their Supreme Court nominee is confirmed by the Senate in 2017. Net neutrality is slowly being enforced worldwide, notably in India and Brazil as well as the US and (eventually) Europe. But the privacy invasive aspects of net neutrality, and the associated links between IAPs and security agencies will remain highly controversial.
The ‘cloud’ companies to which we willingly divulge so much of our personal data may not be implicated in net neutrality directly (which only applies to access providers as common carriers), but they are becoming increasingly entangled in these debates. Whether it is Apple’s maintaining security in encrypted iPhones despite the FBI’s legal challenges, or Google’s participation in the ‘self-regulatory’ EU Internet Forum to appease European lawmakers, large Internet companies are walking a tightrope between government requirements to contribute to law enforcement, and potential competition investigations into their business practices in maintaining that dominance.
Public authorities around the world have used a range of mechanisms to regulate the behaviour of companies and individuals online. The optimal mix of such strategies to promote innovation, competition, and human rights is the subject of research for our next project, Regulating Platforms, but it is clear that the research agenda set out in Regulating Code has been a robust exploration of the issues that has stood the test of time.