CFA and other organizations committed to consumer privacy have submitted a rebuttal to arguments that the Federal Communications Commission (FCC) should defer to the National Telecommunications and Information Administration (NTIA) within the Department of Commerce to develop self-regulatory codes of conduct through a multistakeholder process to protect the privacy of broadband customers. We know firsthand the fallacy of these arguments because we have directly participated in some of the NTIA multistakeholder proceedings.

We believe that the FCC has the authority and the obligation to promulgate these rules, but setting that issue aside, it is clear to us that it would be impossible to reach consensus on protecting broadband customers’ privacy through the NTIA multistakeholder process or any similar forum. There is no incentive for the relevant commercial interests to change their current business practices or align future practices to provide effective transparency, control, and security to broadband users absent a law or rules requiring them to do so. While best practices, voluntary codes of conduct, and recommendations made by government agencies and others can sometimes be helpful in encouraging good business practices, they are no substitute for enforceable rights.