At some point in the not-too-distant future, a “crossover” will occur with respect to how the public gains access to the Internet: More people will reach the Net through wireless devices than through wired means. Net prognosticators may disagree on exactly when that will occur, but few doubt that it will.
This crossover will represent a major milepost in the development of the wireless industry, and an increasingly wireless Net will present significant new opportunities for the industry. The public, too, will surely benefit from a host of new wireless products and services, many of which are yet to be invented.
But a wireless Net also will present the industry with new and difficult regulatory challenges. Those who still believe that “the Net is unregulated” may be in for a rude surprise. And many also will be dismayed to learn that the wireless industry’s traditional weapons against unwanted regulations will not work in this new Net environment.
The Net already has generated a legion of difficult and fast-moving policy issues. Thorny questions of jurisdiction, taxation, encryption, protection of intellectual property rights, recognition of digital signatures, the “digital divide,” and many others are bedeviling our courts, legislatures and regulatory agencies.
Privacy rights
But no Net policy issue has been as prominent or as difficult as protection of consumers’ privacy rights. Numerous surveys (as well as the Federal Trade Commission) have identified privacy as the No. 1 consumer concern about the Net. Consumers rightly want to know what information about them is being collected, by whom, to whom it is being distributed and for what purposes. Policy makers at the federal and state levels are increasingly responding to these privacy concerns with a range of proposed solutions.
Consumer privacy will be an immediate challenge for the wireless industry.
When the Net becomes unplugged, these privacy issues will multiply, and they may well be the most difficult for the wireless industry to address. Beyond mobility itself, the explosive new ingredient that wireless adds to this already volatile policy mix is location information, the by-product of the Federal Communications Commission’s E911 policies. Not only will consumers’ interests and spending habits be trackable in real time, but also where they are when they transact their business on the Net with a wireless device or a Net-equipped car.
The commercial opportunities and consumer benefits of location capability combined with other attributes of the Net are enormous, of course. But so, too, are the privacy implications. Consumers are likely to welcome services that can help them when they are lost or that will direct them to nearby businesses supplying the products and services they need.
But wireless consumers will want to have some assurances they are carrying a friend in their pocket, purse or car-not a spy. One can easily envision circumstances under which consumers quickly object to certain types of location services as intrusive-or worse.
By way of example, will a dieting consumer want to be reminded of the nearby donut shop when he clicks through to his voice service? And a husband may appreciate the ability of his wireless handset to automatically alert him that a nearby flower store has a sale on the long-stemmed roses he regularly purchases, until this also alerts his wife to the fact that she has not been on the receiving end of any of these bouquets!
It is noteworthy that the wireless industry already has quietly faced-and lost-a preview of the privacy battles sure to accompany the wireless Net. Last year, Congress passed E911 legislation, which eased some key impediments to deploying wireless emergency calling capabilities. One price the industry paid to achieve passage of that bill, however, was the inclusion of provisions that prohibit carriers from disclosing location information to anyone other than public-safety providers and callers’ families, without “express prior authorization.”
It is too early to tell how the FCC will implement these privacy provisions, and how far they may extend to reach wireless information services that could constitute location services on the Net. But the passage of these provisions should stand as a stark warning to the wireless industry that when new technologies come face to face with consumer privacy concerns, legislators will be quick to react.
Another especially difficult privacy area will be protection of children on the wireless Net. In 1998, Congress passed the Children’s Online Privacy Protection Act. The FTC’s regulations, which take effect this spring, spell out detailed requirements for Web sites intended for children under the age of 13, as well as requirements applicable to general-purpose sites that have “actual knowledge” that they are collecting information from children under age 13.
If the reported popularity of Net-capable wireless services among young Japanese or Finns is any guide, U.S. pre-teens will enthusiastically flock to such services, too. COPPA was enacted before the wireless Net emerged, and it does not yet address issues peculiar to this new wireless context. For example, the location information discussed above is likely to be a particularly troublesome issue with respect to advertising targeted at children. There also may be some sensitive safety issues that arise from the ability to locate children outside of their homes.
COPPA also requires notices and other information that do not fit well within the capabilities of current wireless display screens. It is also possible consumers and policy-makers will want additional measures to protect children over age 13 on the wireless Net, since children can gain such access well outside the active oversight of their parents at home.
Traditional tactics won’t work
The challenges such privacy issues will present to the wireless industry will be magnified by the fact that many of its tried and true anti-regulatory tactics will be of limited value in this new war.
First, the wireless industry will face its opponents on multiple fronts. At the federal level, the FCC-the industry’s traditional regulatory nemesis-will not even be at the front lines of most privacy battles. The FTC will have the major role, but other federal agencies also have a significant jurisdictional stake, such as the Securities and Exchange Commission for online stock trading, the Food and Drug Administration and the Department of Health and Human Services for medical privacy, or the Fed for online banking.
The industry also is likely to confront aggressive state efforts to enact privacy laws or regulations. The wireless industry is not likely to be shielded against these efforts by the Communications Act’s pre-emption of state entry and rate regulation. The act preserves state authority over “other terms and conditions” of commercial mobile radio services, which would appear to leave plenty of room for the exercise of state consumer-protection jurisdiction.
Second, the industry’s heretofore effective argument that “we’re the newest and most competitive segment of the telecommunications industry, so we should be the most lightly regulated” will be largely irrelevant in the coming privacy battles. Proposed privacy regulations are not being predicated on concerns about monopoly carriers’ abuse of captive consumers, or bottleneck facilities choking competition in local exchange services. Indeed, the rapidly growing popularity of wireless services actually may work against the industry in privacy matters.
The evolution of wireless from a luxury to a mass-market product to a near-ubiquitous necessity may be spurring new consumer-privacy concerns-resulting in regulatory responses. As the recent E911 law demonstrated, for example, Congress is becoming increasingly aware of the important role of wireless, and how it can impact consumer privacy. Wirele
ss may well be the primary target of future Net privacy initiatives.
Finally, t
he wireless industry may find it impossible to take up the business community’s most effective shield to date against mandatory privacy requirements: voluntary disclosure of Web privacy policies plus industry self-regulation.
In other words, industry groups have convinced their members to operate their sites so as to “say what you do, and do what you say.” However, the wireless industry will have enormous difficulty accommodating any necessary disclosures on the Net-whether they are voluntary or mandatory. Even established Net players (and regulators) are struggling to develop requirements or “best practices” for effective, meaningful disclosure of information on the Net.
Effective disclosure will be even more difficult with wireless access, in light of the limited content and limited display screens that will be available for such access for the foreseeable future. And common “disclosures” in the form of bill inserts with small print are not consistent with the forms of disclosure consumers now expect with the Net, nor are such printed materials nimble enough to accommodate the fast-paced, elastic Net environment in which new services are offered at a dizzying pace.
What could work?
What can the industry do to prepare for the coming privacy battles, and to resist regulations that may be unwarranted or overly intrusive?
The industry needs to better understand consumers’ legitimate privacy expectations and concerns. These expectations and concerns, of course, continue to evolve as the Net itself evolves. The industry should develop self-regulatory standards that are flexible enough to address the changing needs of consumers and industry.
In addition, the industry can use its competitiveness to address some privacy concerns. If consumers truly value privacy, carriers and content providers can and should compete to offer consumers not merely the most advanced wireless services, but the most advanced privacy protection.
Furthermore, the industry needs to accelerate its work with agencies at the federal and state levels that have jurisdiction over privacy issues. Just as these agencies may be unfamiliar turf for the industry, the regulators in those agencies may not know wireless. Wireless is different from other industry players in many significant respects, and education can be an effective tool against unworkable and unwise proposals.
Finally, where appropriate, the industry should support federal pre-emption so that it can deal with a single privacy regime at the national level, rather than face a multiplicity of obligations at the state level.
In short, the wireless industry faces some enormous policy challenges at the same time it is positioning itself to take advantage of the incredible opportunities of the wireless Net. The industry should devote the resources necessary to managing these challenges because they will have bottom-line effects on the ultimate success of wireless.
Daniel B. Phythyon, Wilmer, Cutler & Pickering. This article is drawn from the author’s remarks at a recent conference entitled, “Preparing for the Wireless eCommerce Revolution,” which was hosted by the Personal Communications Industry Association in Dallas. He can be reached at dphythyon@wilmer.com.
