Flash cookies, more accurately known as "locally stored objects", can be used by websites to collect cookie like information on a user's computer. They can be used for such diverse purposes as remembering preferences, watching online video, setting default volume levels on video players or assigning a unique ID to users for tracking across the web, regardless of browser. Most users are unaware that when a Flash cookie is deposited on a computer the steps they take to prevent online tracking by deleting traditional browser cookies typically do not remove Flash cookies.

The Plaintiffs in Quantcast brought suit against MTV, ESPN, Hulu, MySpace & Scribd, among other websites, alleging that their use of LSOs (or Flash cookies) secretly stored user data on Adobe's Flash Player to recreate information contained in browser cookies that had been deleted by users. Also named as a defendant was San Francisco-based advertising technology company Quantcast – creator of the LSO used by the websites.

Clearspring was filed on behalf of parents and their children against one of Quantcast's competitors, Clearspring Technologies, as well as several websites including Disney, Warner Bros. Records, SodaHead and Demand Media. The Plaintiffs claim that Clearspring simultaneously deposited http cookies and a Flash cookie in users' Flash media payers when users visited the defendants' websites. When users deleted the http cookies from their browsers, unbeknownst to them, the Flash cookie restored and/or recreated history and other information, including the user's name and IP address, which in turn, was used by the defendants and others for online tracking and ad serving. The Plaintiffs also claim that the defendants' privacy policies failed to disclose that users' activities were being tracked online through the use of Flash cookies.

While some of the factual allegations in each action may differ somewhat the fundamental grievance is the same: that the defendants used a technology to track the plaintiffs' online activities without notice or consent.

Although the lawyers are, for the most part targeting high-profile, "deep pocket" defendants, at least one of the defendants, SodaHead, is a small online polling company; no website should be considered under the radar. It would not be surprising to see this effort expanded to other websites that rely on Flash or similar tracking technology, including social media sites, particularly as those sites add location based features.

We expect that this suit will be closely watched by the Plaintiffs'bar, privacy advocates and policymakers. The larger issue appears to be one of consumer knowledge about and control over the collection and use of their information and less about specific technology. That said, the use of technologies like Flash cookies should be viewed as risky because they enable tracking online activities without a user's knowledge, including when consumers believe they have taken the necessary steps to prevent tracking.

Companies that employ Flash cookies or similar tracking technologies that can be used to override consumer privacy preferences should monitor developments in these proceedings. In the process, they should consider taking measures to try to minimize the potential for becoming a target for this type of lawsuit. At a minimum, companies should firmly understand the capabilities of the tracking technologies they employ and the extent of information collected; they should provide clear notice of the use of these technologies in their privacy policies. If Flash cookies are employed, companies should prominently disclose their use and provide a link to Adobe's site for instructions for deleting these cookies. Companies may also want to consider alerting customers to other tools that can delete flash cookies or prevent them from being used altogether.

Please contact Karen Neuman at kneuman@slrno.com if you would like more information about this litigation or guidance about the use of online tracking technologies.

The plaintiff, an artist, initiated a copyright infringement action against a clothing designer alleging breach of an oral license for the limited use of the Plaintiff’s artwork in the manufacture of certain types of garments. The Complaint included allegations that the Defendant violated the terms of the license by failing to include the Plaintiff’s logo on various garments displaying the Plaintiff’s designs and also sublicensed the Plaintiff’s design work without the Plaintiff’s consent. During discovery the Defendants served subpoenas on various third parties, including Facebook, MySpace and other social networking websites. The Defendants claimed that the Plaintiff’s social media communications revealed the nature and terms of the agreement between the parties. The Court granted the Plaintiff’s motion to quash the subpoenas granted by a Magistrate on grounds that 1) the social network sites’ private messaging and e- mail webmail services constituted “electronic communications services “(ECS) under the SCA and 2) the web hosting websites and social networking websites were ECS providers under the SCA, which protects unopened private messages transmitted via an ECS provider as temporary storage. 18 U.S.C. § 2510(17) (A). In so ruling, the Court concluded that a private, undeleted message opened by a user renders the communication “stored” for backup purposes as defined in the statute.

The Court noted that other aspects of social networking sites, Facebook “wall” postings and “comments” and MySpace comments presented a distinct and more difficult question requiring an analysis of the SCA, including understanding the distinction between an RCS provider and an ECS provider. Analyzing the statute, the Court first noted observed that the SCA defines an ECS provider as “any service which provides to users… the ability to send or receive wire or electronic communications.” 18 U.S.C. § 2510 (15). The Court next observed that the SCA defines an RCS provider as an entity “providing the public computer storage or processing services by means of an electronic communications system”, and that an electronic communications system is defined as any wire, radio electromagnetic, photo-optical or photo electronic facilities for the transmission of wire or electronic communications and any computer facilities or related electronic equipment for the electronic storage of such communications. Id. §2510(14); §2702(a)(2).

The Court construed these provisions to conclude that social networking services are RCS providers with respect to wall postings and comments since the posts, once made, are stored by the provider within the meaning of the SCA. Accordingly, the Court held that wall postings and comments are protected under the SCA either as restricted access electronic bulletin boards or because social networks are RCS providers that store comments for limited use by a restricted number of users.

The case was remanded to the Magistrate to ascertain whether the Plaintiff’s privacy settings rendered the wall postings public and beyond the protection of the SCA.

This case illustrates the challenge courts face when applying a law enacted over two decades ago to rapidly evolving electronic communications technologies. This dilemma is ongoing as regulators and policy makers struggle to keep pace with innovation resulting in a platform specific approach to protecting privacy – an approach that poses challenges to users and business alike as each tries to discern a predictable framework for ascertaining privacy protection for user generated content.

This case should also be seen as a cautionary tale for employers who may now find themselves running afoul of the law if they obtain access without consent to their employees' social networking sites communications when the employees have opted to restrict access. This decision also calls into question whether an employer can use legal processes such as a subpoena to obtain information from the private social networking accounts of employees.

Please contact Karen Neuman at kneuman@slrno.com if you would like additional information about this case or if you would like guidance about the application of privacy law to social media communications.

Quon exceeded the monthly character limit, prompting the Police Chief to investigate whether 1) the character limit was too low for the City’s law enforcement needs and, if so, 2) whether police officers were being required to pay for sending work-related messages. At the City’s request, its service provider, Arch Wireless, searched the text messages on Quon’s pager and provided the City with a transcript of his messages. The City then conducted an audit of Quon’s on-duty messages. The audit revealed that the majority of the messages Quon sent during work hours were personal, many of which were sexually explicit. Quon, his wife, and the two other colleagues brought suit against the City and Arch Wireless claiming in part that the audit violated their Fourth Amendment rights. The district court concluded that the City’s audit was reasonable because its purpose was to determine whether the service plan was appropriate and not simply to investigate Quon’s use of his government- issued pager. The Ninth Circuit reversed. It ruled that although conducted for a legitimate purpose, the search was unreasonable because there were less intrusive means the City could have utilized to determine whether the service plan was inadequate for the police department’s needs. The Supreme Court reversed the Ninth Circuit. Writing for the majority, Justice Kennedy concluded the search was reasonable, noting that the City’s policy reserved the right to monitor employee communications and therefore limited employee expectations of privacy in them. The Court rejected Quon’s argument that the policy was informally modified by his superior’s assurance that his text messages would not be audited as long as he paid for overages. Although narrowly decided on Fourth Amendment grounds, this opinion seems to recognize that the Court will ultimately be asked to decide the appropriate framework for determining the respective rights of employers and employees with respect privacy in the workplace when it comes to employee communications and employee privacy regarding those communications. Nevertheless, this case strongly suggests that employers can take the following measures to minimize the risk of litigation initiated by employees, as well as by non- employees involved in a questionable exchange:

• Public employers will want to pay particular attention to the impact of state public records laws when assessing public employees’ privacy interests in workplace communications. The majority surmised that Quon should have known that, as a law enforcement officer, his on-the-job communications were likely subject to disclosure under California’s Public Disclosure Act.
• The Court noted that employers increasingly (if reluctantly) tolerate personal use of employer equipment for private use. Increased employee access of personal e-mail accounts, social media and texts using employer-issued devices requires a thoughtful, holistic evaluation of the workplace technology and communications “ecosystem”, and a realistic assessment of employee practices. This evaluation should result in carefully written use and privacy policies that put employees on unambiguous notice about the circumstances under which the employer can monitor and access employee communications.
  • Use and privacy policies should be comprehensive and address all media, platforms, devices and technologies, including social media.
  • Use and privacy policies should ensure that access to the contents of employee communications is obtained pursuant to a clearly articulated, legitimate business or work-related purpose, such as the investigative purpose asserted by the City in this case. Employer activities that are performed for a legitimate business purpose will be less likely to be found unreasonable.
  • Develop employee training materials and conduct employee training programs to minimize the potential that a supervisor will unintentionally create an expectation of privacy, like appears to have happened in Quon, verbally or through other means. Training materials and programs should be periodically updated to reflect changes in the law and communications technologies or practices.

Please contact Karen Neuman at kneuman@slrno.com if you would like more information about this case or guidance about privacy in the workplace.

¹2010 WL 2400087, No. 08-1332 (U.S., Jun. 17, 2010).

Particularly in light of the Commission’s pending Net Neutrality rulemaking, the agency has several options for addressing the D.C. Circuit’s concerns. Obviously, it could seek rehearing (and suggest rehearing en banc), but the odds of success are not high. Similarly, Supreme Court review could be sought, and while that court might agree to consider the case given the potential importance of the issue, the likelihood of a favorable outcome seems problematic. Historically, the Supreme Court has not been very expansive in its interpretation of the scope of the FCC’s powers under Title I ancillary jurisdiction.

The agency can always seek a congressional fix, but pursuing that course can prove uncertain as well, in terms of both substance and timing. The Commission’s best option - - both on the merits and from a timing perspective as well - - seems to be to address the D.C. Circuit’s decision head on in the context of the ongoing Net Neutrality rulemaking. There, two general approaches are available. The first is to parse the jurisdictional issues a bit more finely than was done in the NNP, using the guidance provided by the court to establish the necessary substantive nexus that was found lacking in Comcast. The record assembled in the rulemaking should provide the Commission with ample evidence for such an approach. However, this course still leaves the agency relying on Title I ancillary jurisdiction, which is always something of a weak reed upon which to base a significant regulatory regime.

The better approach is to jettison the Title I jurisdictional predicate and, instead, recognize what now is obvious and declare that Internet service providers (“ISPs”) are in fact carriers, directly subject to Title II jurisdiction. While this would represent a reversal of longstanding Commission policy, the agency has full statutory authority to reverse a prior policy course based upon, e.g., changed circumstances. Clearly, the record assembled in the Net Neutrality rulemaking, coupled with the lengthy proceedings that led up to the adoption of the NBP, provide a more than adequate basis for the Commission to conclude that its old policy of categorizing ISPs as non-carriers no longer serves the public interest and that, as a factual matter, ISPs now conduct themselves - - particularly from a consumer’s perspective - - in a manner indistinguishable from traditional common carriers.

For example, when the FCC first decided that ISPs should not be subject to Title II regulation, it did so in part because: (1) the then-nascent ISPs had no market power; (2) their services were distinguishable from traditional communications services; and (3) the agency did not want to stifle the new industry’s development through unnecessary regulation. As with any similar Commission policy judgment, there would be adequate opportunity to revisit the issue as the industry evolved. Today, the ubiquity of the Internet, its central role in commerce, and the ISPs’ growing head-to-head competition with traditional telephony-based services (e.g., VOIP), provide an unassailable basis for revisiting the Title II question. The Commission can reasonably conclude that in a marketplace in which traditional wireline and mobile carriers are subject to Title II (and the agency’s statutory forbearance authority), it is irrational to leave one - - now mature - - competitor operating essentially unregulated. Articulated properly - - and backed by record evidence - - such a policy reversal should be sustained on the inevitable appellate review.

The above scenario has been dubbed the “nuclear option,” mainly by the ISPs and their financial backers, because it arguably would subject the ISPs to a host of new regulations and, most importantly, financial burdens, mostly in the form of having to contribute to the Universal Service Fund (“USF”) for the first time. However, it does not necessarily follow that exercising the nuclear option will inexorably lead to “nuclear winter” for the ISPs.

First, the bulk of Title II requirements that might otherwise be imposed on the ISPs can be eliminated under the Commission’s forbearance authority, just as those burdens have been eliminated for the traditional carriers. Second, it makes no sense to continue to exempt the ISPs from USF obligations when it is generally agreed that a critical national goal for the next decade is to ensure universal broadband access to the Internet, just as universal access to the telephone network was a national goal of the last century. While this no doubt would subject the ISPs to new financial obligations - - and perhaps skew their near-term financial projections - - such a result would hardly signal the devastation of this industry segment. To the contrary, there is no reason to believe that the ISPs will find that, simply by virtue of having become subject to Title II, the entrepreneurial acumen that drove them to their current level of success suddenly will desert them.

In short, whatever basis previously existed to support the regulatory fiction that the ISPs were not really acting as common carriers, the facts on the ground today no longer sustain that position. In a sense, the Comcast court did the FCC a favor by forcing it to at least consider revisiting the matter. Particularly given the centrality of the Internet-based economy to the nation’s future well-being, it would be irrational for the agency to continue to rely on a patently out-dated rationale to maintain this regulatory fiction.

Moreover, the courts historically have accorded the FCC considerable deference when it has reversed course based on substantial record evidence and a reasoned explanation for its actions. This is so, even when the Commission’s action has the effect of “overturning” a prior adverse court decision. The Commission clearly has the statutory authority to take such action in the context of the ongoing Net Neutrality rulemaking, and the evidentiary basis for doing so.
¹ Comcast Corp. v. Federal Communications Commission, No. 08-1291 (D.C. Cir., Apr. 6, 2010).

In the notice published in the Federal Register, the FTC emphasized that changes to the online environment, including the increasing use of mobile technology by children to access the Internet warrant accelerated review of the rule. The notice specifically seeks comment on how the use of this technology, interactive television and gaming or other interactive media impact COPPA enforcement.

The outcome of this proceeding could have a significant impact on businesses that are subject to its requirements. Expansion of the definitions of such key terms and “personal information” and the “Internet” could impose additional burdens on operators of children’s and general audience websites alike, which could, in turn, make it more difficult for businesses to engage young people and even adults online. The interest in age verification and filtering technologies should be seen as an indication that the FTC may not be satisfied with the current framework for protecting children’s privacy.

The FTC is specifically interested in:

• the use of automated systems to filter technology prior to posting as a means for effectively reviewing content generated by children;
• whether operators have the ability to contact specific individuals using information collected from children online, such as persistent IP addresses, mobile geolocation data, or information collected in connection with behavioral advertising, and whether the rule’s definition of “personal information” should be expanded accordingly;
• whether there are additional technological methods for obtaining verifiable parental consent that should be added to the rule, and whether any of the methods currently included should be removed;
• Whether parents are exercising their right under the rule to review or delete personal information collected from their children, and what challenges operators face in authenticating parents; and
• Whether the rule’s process for FTC approval of self-regulatory guidelines – known as safe harbor programs – has enhanced compliance, and whether the criteria for FTC approval and oversight of the guidelines should be modified in any way.

Comments are due June 30, 2010. A public “roundtable” meeting has been scheduled for June 2, 2010, during which interested parties may share their views with agency staff, scholars, privacy advocates and businesses. Click here to view the text of the request for comment.

If you would like more information about the rule and the proposed changes, please contact Karen Neuman at kneuman@slrno.com.

The NBP outlines six specific goals to be adopted by 2020:

• At least 100 million homes should have affordable access to broadband at actual download speeds of at least 100 megabits per second, and actual upload speeds of at least 50 megabits per second;
• The U.S. should lead the world in mobile innovation, with the fastest and most extensive wireless networks of any nation;
• Every American should have affordable access to robust broadband service and the means and skills to subscribe to it if they so choose;
• Every American community should have affordable access to at least 1 gigabit per second broadband service for anchor institutions, such as schools, hospitals, and government buildings;
• Every first responder should have access to a nationwide, wireless, interoperable broadband public safety network; and
• Every American should be able to use broadband to track and manage their real-time energy consumption.

One of the most interesting provisions of the NBP is the identified need for some 500 MHz of additional spectrum to support mobile broadband, a substantial portion of which is proposed to be reallocated from television broadcasting. The broadcast and mobile services industries have been engaged in a running battle over spectrum for decades. In the late-1970s through early-1980s the FCC reallocated the then-generally fallow 800 MHz segment of the UHF TV band for the development of the first cellular networks. Twenty-some years later, the broadcasters surrendered another hefty slice of their upper-UHF allocation, the 700 MHz band (the bulk of which was auctioned off 3 years ago for Advanced Wireless Services), in return for which they were authorized to provide digital television, as well as multichannel video and information services. Now, having completed that not-inexpensive transition to digital operation a year ago, the FCC is proposing that television licensees “voluntarily” surrender their licenses for reallocation and auction for mobile services, in return for a portion of the auction revenue.

While the FCC clearly has the legal authority under the Communications Act to reallocate the subject spectrum today (setting aside whether it has the political will to exercise that authority), granting the broadcasters a piece of the auction pie is not within the agency’s gift. That part of the proposed “deal” will require congressional approval, which, if granted, will also provide the Commission with the necessary political cover for the reallocation.

Another component of this deal that that has been mentioned is granting those broadcasters who surrender their licenses the opportunity to become (for lack of a better characterization) local cable channels, with guaranteed access to the local cable systems (the ex-broadcast signal presumably would be distributed directly to cable head-ends via fiber). Here, too, congressional action would be required to create this new “broadcast”/cable relationship. How this might fare in the face of the inevitable constitutional challenge is problematic at best, given the fairly thin constitutional reed that presently upholds the current must-carry regime.

The obvious battle lines have been drawn on the Hill, and, as always, the devil will be in the details, while the law of unintended consequences - - the most pervasive law in Washington, DC - - will be fully in play. It will be fascinating - - if not necessarily an inspiring civics lesson - - to watch this process play itself out.

Additional spectrum-related issues also will be addressed in the various inquiry and rulemaking proceedings that will be initiated or reactivated by the FCC during the following months. These will involve, among others, examining ways to accelerate the deployment of spectrum-based smart-grid systems, low-power patient-monitoring technologies, and networks designed to operate in the “white spaces.” Particularly with respect white-space technologies, the Commission faces a potential dilemma. Its recent opening of the TV white spaces for various “smart” low power technologies has generated considerable investment in the development and deployment of such systems. However, the goal announced in the NBP, to reallocate a substantial portion of the TV band, may negatively impact the development of these new white space systems. The Commission must take considerable care to not inadvertently undermine these valuable new technologies, which can greatly increase the efficiency of use of many spectrum bands.

To read the full text of the National Broadband Plan, please click here.

For additional information on this or other matters, please contact Jeff Olson at jolson@slrno.com, 202-454-9401 or 703-628-2142.

Summary of December 7 Roundtable. The discussion focused generally on the benefits and risks of consumer data collection in the contexts of behavioral and contextual advertising with some attention paid to the role of data brokers in marketing that information. FTC Chairman Jon Libowitz set the tone for the day when he cautioned that industry self-regulation and the current “notice and consent” approach may need to be replaced with a more “holistic” approach -- one that clearly took shape during the final session, “Exploring Existing Regulatory Frameworks”.

During this session there seemed to be consensus among consumer advocates and industry representatives that the current approach to protecting privacy disproportionately places the burden on consumers who generally lack familiarity with technology or a meaningful understanding of privacy policies. The FTC moderator suggested that one fix would be to update the agency’s existing Fair Information Practices (FIPs) and require industry compliance. Panelists pointed to the Department of Homeland Security FIPs as an appropriate model because it better reflects trends in technology and data collection and use¹. Consumer representatives appeared to concur, advocating for an approach that, at a minimum, requires meaningful compliance with existing FIPs and more “penetrable” privacy policies, access to collected data and correction rights.

A related approach suggested by an industry representative was a “use and obligations”² framework under which industry data use rather than collection is the primary driver of industry privacy obligations to which the FIPs are then applied. Privacy protection obligations carry throughout the use of the information, including use by third parties, and require company formulation of appropriate data management plans at the outset of the use.

All of the panelists were clearly reluctant to entirely do away with industry self-regulation on grounds that it promotes innovation and better keeps pace with technological advances than traditional regulation. Government’s role was framed as providing guideposts for industry that would serve as a floor for privacy protection. Panelists also encouraged a more robust use of the FTC’s subpoena power for truly bad actors as authorized under the Federal Credit Reporting Act.

Other key themes that emerged throughout the day included:

• Consumers generally expect the greatest security for the most sensitive information (e.g., health and financial data) with a risk-based assessment for less sensitive classes of data and also expect government intervention if data collection and use practices go too far. Information brokers suggested defining sensitive data as that which would create a risk of identity theft and treating it differently from data that does not pose similar risks.
• Consumers generally do not understand how companies use their information and are therefore unable to make informed choices about available options for protecting privacy, including “opt-in” and “opt-out” frameworks, or tools such as those offered by Google and Yahoo that let users set privacy “preferences”.
• Consumers are generally most interested in information sharing practices and secondary uses of their data. Learning about these practices should not require multiple clicks or site registration.
• The FTC should maintain a list of data collection entities and their practices with appropriate contact information that is easily accessible to consumers.

It is worth noting that the Roundtables are occurring as the Federal Communications Commission is examining similar issues.³ The concurrent inquiries suggest the possibility of a regulatory scheme that could involve multiple agencies, adding a new layer of complexity for some businesses.

Conclusion. It is unlikely that the Roundtables will result in immediate regulation. A more plausible scenario is that the Roundtables will lead to a revision of the FTC’s FIPs and the classification of sensitive data that may require heightened degrees of protection. In addition, we expect that the record may form the basis for an FTC report to Congress seeking greater rulemaking authority, which may then result in formal rulemaking proceedings to codify some of the approaches emerging from the Roundtables.

We are available to discuss your current privacy protection practices with you and to update those practices based on anticipated actions by the FTC and other policymakers. Please contact Karen Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com.

The rules would apply to all non-wireline platforms for broadband Internet access, including providers of mobile wireless, unlicensed wireless, licensed fixed wireless, and satellite broadband. At the same time, the NPRM seeks information about how the rules should apply to these platforms. Recognizing that they operate with different market structure, consumer usage patterns, regulatory history and technologies the FCC is asking how these platforms should be treated under the new rules and what enforcement mechanism should be employed to ensure compliance.

The FCC seems particularly interested in how application of the “device attachment” rule to mobile wireless networks could harm or otherwise affect those networks. The agency is also interested in appropriate time frames for phasing in application of the rules, or alternatives, to mobile wireless broadband providers. Similarly, the NPRM recognizes that the unique technical characteristics of mobile devices, including how the functionality of a particular device may be tied to spectrum limitations and how limited spectrum availability and the resulting potential strain on network capacity from bandwidth intense services like streaming video, might require a different definition of “reasonable” for purposes network management practices for mobile devices that are typically sold by the same network operator.

The FCC similarly noted that the unique characteristics of mobile devices might require a different framework for application of the “access to applications” rule.

Anticipating a challenge to its authority to undertake this particular rulemaking, the NPRM reflects a concerted effort to inoculate final rules against an adverse outcome on appeal. The NPRM first provides an overview of the history of the public Internet then recounts the FCC’s role in setting the stage for the Internet’s evolution. It goes on to discuss the FCC’s subsequent exercise of authority while addressing various issues in markedly different types of proceedings that had the effect of promoting and preserving the Internet, including the medium’s qualities of openness and nondiscriminatory access – all of which is portrayed as culminating in the Internet Policy Statement.

Within this framework, the narrative conveys a sense of inevitability about the FCC’s jurisdiction to act in this instance, portraying the current rulemaking as a logical next step in the FCC’s ongoing effort to preserve the open Internet. Notwithstanding this approach, the jurisdiction question may be resolved if the DC Circuit decides the appeal of an FCC enforcement action against Comcast² (in which the agency found that Comcast’s network management practices violated the Internet Policy Statement) before the conclusion of this proceeding. A finding in favor of the FCC could strengthen the agencies assertion of jurisdiction to regulate in this area. A ruling in favor of Comcast could do just the opposite, unless the Court both concludes that the FCC has requisite jurisdiction but exercised it improperly.

The NPRM also lays out the marketplace and technological forces that could shape the Internet of the future -- namely the mobile Internet -- including the rapid growth of and demand for high bandwidth use applications and content, particularly video, and the evolving tools that are available to network operators to manage increased demand for capacity. These tools include sophisticated routers that enable network operators to distinguish among different classes of traffic, deep packet inspection, cacheing services, and algorithms that can be used for scheduling transmission of certain classes of traffic, to name a few.

All of this background tees up the thrust of the NPRM, which is a request for specific comment on the proposed rules.

As mentioned, the first four rules codify the existing Internet principles and would prohibit broadband ISPs, subject to “reasonable network management practices”³, from:

• Preventing their users from sending or receiving lawful content of the user’s choice over the Internet;
• preventing their users from running lawful applications or using lawful services of the user’s choice;
• preventing their users from connecting to and using on its network the user’s choice of lawful devices that do not harm the network; and
• depriving any of their users of their entitlement to competition among network providers, application providers, service providers and content providers

Two new rules would impose transparency and nondiscrimination obligations, and would require broadband ISPs to:

• treat lawful content, applications and services in a nondiscriminatory manner; and
• disclose such information concerning network management and other practices as is reasonably required for users and content, application and service providers to enjoy the protections “specified in this rulemaking.”

Broadband ISPs would be permitted to address harmful or unwanted traffic such as spam, and prevent the transfer of unlawful content, including child pornography and the unlawful transfer of content, including a transfer that would infringe on works protected by copyright. Questions about what constitutes spam and works protected by copyright might raise concerns about whether ISPs want to be in a position to make these kinds of determinations without specific guidance. The rules would not interfere with an ISP’s obligation to deliver emergency communications or to address law enforcement, public safety, or national or homeland security needs.

The NPRM also reveals the FCC’s interest in whether “managed” or “specialized” services should be subject to different treatment, including how to define these services and what if any rules should apply to them. Examples of managed or specialized services include voice, subscription video, enterprise and business services, telemedicine, smart grid and e-learning – all of which may be delivered over the same Internet access facilities but have not been considered to be traditional Internet services or products.

In addition, the FCC seeks comment on whether the proposed rules would apply to Internet-based applications providers like Google -- whose services (for example “Google Voice”) may or may not be classified as telecommunications services -- and the implications of how those services are classified for purposes of FCC’s jurisdiction and regulatory treatment.

An interesting issue that could surface involves whether the scope of this proceeding should be expanded to include entities that arguably play a “gate keeping” role on the Internet or in the mobile ecosystem. For example, applications developers have expressed growing concern about how “app stores” decide what applications are approved for “shelving” and sale in those stores and whether those decisions effectively decide the success or failure of any given application instead of ceding that power to the market . This argument is very similar to those made in previous debates about the risks to the Internet posed by the comparable powers of the ISPs. Similar concerns have also been raised about the role search engines play in listing search results. An obvious obstacle to addressing these concerns in this proceeding is its explicit focus on the activities of “broadband access providers” and neither app stores nor search engines fall within the definition of broadband access provider in the proposed rule. But it is an intriguing question and one that may strike a chord with other agencies, such as DOJ or even the FTC – both of which have made clear their interest in closely scrutinizing the activities of technology companies and possible competition risks posed by those activities.

Since this proceeding was initiated, technology has continued to evolve quickly and there is some risk of obsolescence to the final rules as published – despite the FCC’s stated goal that any rules will be sufficiently dynamic for unforeseen technological innovation. The outcome of this rulemaking has potentially significant implications for broadband ISPs, and wireless mobile broadband network operators in particular, as well as a wide array of business and other interests that increasingly, if not exclusively, depend on the Internet to sell or provide services, products and information. These interests include applications and device manufacturers – in addition to the smart grid, electronic health care and e-learning sectors that are explicitly mentioned in the NPRM; subscription and user generated video, music, news and other content producers and distributors, consumer electronics manufacturers, online advertisers , publishers and retailers, financial and educational institutions, and even the hospitality and travel sectors.

This proceeding should be of equal interest to end user; its outcome could set the stage for congestion management practices that have only been the subject of discussion thus far, including offering tiered service or charging for priority transmission of packets. The challenge for regulators will be to 1) understand of the nature and extent of the network operators’ need to manage and prioritize network traffic and the tools for doing so, and 2) balance this interest with the interests of entities that currently use -- or are planning for future uses of -- the Internet to deliver content, products and services, as well as the end users who will use existing and new applications to access those products or services.

Accordingly, those at the “core” of the network, including broadband ISPs as well as innovators at the “edge” of the network have a strong stake in taking advantage of this opportunity to educate the FCC and shape the contemplated rules through comments at the very least.

This is a proceeding that is technically complex and one that poses novel policy and legal questions. We are available to provide you with various forms of assistance, including providing strategic guidance about how to move forward with contemplated business objectives based on our judgment of the likely regulatory environment your business will be operating in, helping to prepare comments, arrange meetings with key FCC officials, and monitor related developments in Congress or the courts.

Please contact us if you would like additional information.

Judith St. Ledger-Roty : judithslr@slrno.com

Karen L. Neuman: kneuman@slrno.com

Jeffrey H. Olson: jolson@slrno.com

Explaining that multiple state and federal authorities have grappled with these issues, Karen recommended that any entity contemplating a mobile advertising campaign be aware of the many laws, principles and best practices that could apply to mobile marketing activities including commercial text messaging, mobile sweepstakes and telemarketing.

Using a case on remand in the Northern District of California, Karen demonstrated the impact of the current uncertain legal environment that many behind-the-scenes players in the mobile advertising sector operate in, and how compliance with industry best practices could be a prudent approach to minimizing the potential for litigation. This seems to have been particularly so in California case, which involved an unsolicited text messaging campaign to a cell phone subscriber who signed up for a free ringtone for her son. The case addresses some issues that may be familiar by now to the online advertising sector, including the nature of the consent given and the relationships of the commercial entities involved in the transaction. Also addressed was the classification of the ringtone as voice or data and the medium specific nature of the equipment used to send the text for purposes of the pertinent legal analysis.

Karen concluded her remarks by emphasizing that some common themes have emerged in the currently splintered regulatory environment, including clear preferences for transparency and choice that goes well beyond today’s privacy policies and terms of use agreements. She also described some novel approaches, including Google’s ad preference program, which enables individuals to control the amount and type of advertising delivered to them. Another approach involves providing something of value to the consumer, such as a coupon or rebate, in exchange for commercial use of personal information.

Karen L. Neuman’s bio

Mobile Media & Privacy

Bloggers. The revised guides now apply to bloggers and other “word of mouth marketers” who use social media to discuss, review or evaluate products or services. The guides illustrate what constitutes an endorsement when the endorsement is conveyed by a blogger and specifies the applicable disclosure. A blog post by a blogger who receives cash or in-kind payment to review or evaluate something they’ve read on a website, or a product or service they’ve received, must disclose the material connections with the website or seller of the product or service. An example of the former would be a website that helps bloggers find advertisers willing to sponsor specific reviews or other content; an example of the latter would be a manufacturer of a product or service that gives the blogger a free product and asks the blogger to write about it. The critical question is the “net” consumer impression.

One example given by the agency to illustrate the principle involves a college student who has earned a reputation as a video game expert and maintains a personal blog where he posts entries about his gaming experiences. Readers seek his opinions about video game hardware and software. A video game system manufacturer provides the student with a free copy of the system and asks him to write about it on his blog. Because the blogger’s review is disseminated “via a form of consumer-generated media” in which his “relationship to the manufacturer is not inherently obvious” and “readers are unlikely to know that he has received a product free of charge in exchange for a review of a product” and given the value of the system, these factors could “materially affect the credibility attached to the endorsement”. The Agency’s intent is to ensure that consumers are informed about bloggers whose posts are the result of a commercial transaction where consumers would otherwise be unaware of such a relationship. Under these circumstances, the blogger “should clearly and conspicuously disclose” receipt of the gaming system free of charge.

Moreover, the manufacturer has obligations under the revised guides: it should advise the blogger at the time it provides the gaming system that this connection should be disclosed and the manufacturer should have procedures in place to monitor the blogger’s postings for compliance.

The revised guides exempt product or service reviews in traditional media from the disclosure requirements applicable bloggers. The rational appears to be that a newspaper or even an Internet news website with independent editorial functionality typically assigns an employee to review a product or service for publication by the newspaper or news site. These reviews are not treated as sponsored endorsements under the guides, unless the reviewer receives a direct benefit from the manufacturer of the product or service.

Celebrity Endorsements. The revised guides impose a duty on celebrities to disclose their relationships with advertisers when endorsing products or services in non-traditional advertising settings such as talk-shows or through social media outlets. Celebrity endorsements through traditional advertising are exempt from the revised guides on the theory that consumers understand that celebrities may be paid to appear in traditional advertising. On the other hand, consumers may not expect celebrities to be compensated for expressing their views about a specific product or service when appearing on a talk show. Both advertisers and celebrity endorsers may be liable for false or unsubstantiated claims made in an endorsement – or for failure to disclose material connections between the advertiser and endorsers.

Endorsement by Research Organization. The revised guides characterize endorsements by a research organization as viewed as representing the judgment of a group whose collective experience exceeds that of any individual member, and whose judgments are generally free of the sort of subjective factors which vary from individual to individual. If an organization is represented as being expert then in conjunction with a proper exercise of its expertise in evaluating a product its endorsement must be supported by an expert evaluation by an expert or experts recognized as such by the organization, or by compliance with standards previously adopted by the organization and aimed at measuring the performance of the product in general and not with the particular attributes of the advertised product in mind. A company that refers in an advertisement to the findings of a research organization that conducted research sponsored by the company must disclose the connection between the advertiser and the research organization.

The revised guides adopt significant changes that will affect advertisers in general, and bloggers and social media particular. If you are an advertiser relying on testimonials or endorsements covered by the revised guides, or are a blogger or social media critic or other user unfamiliar with the reach of the FTC to your medium it important that you become familiar with and understand the revised guides and their application to your activities. We are available to assist you with this undertaking as well as provide compliance and other pertinent advice.

Please contact Karen L. Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com.

The Commission noted a number of beneficial uses to broadband in Tribal communities. Some of these uses include broadband solutions for better health resources, greater community connectedness, improved educational opportunities, more efficient public safety measures, and greater energy efficiency. But the agency also identified a number of hurdles to realizing these benefits, including difficult terrain, low population densities, and correlating higher deployment costs, the combination of which discourages network operators, like the telephone companies before them, from serving these areas. Other potential hurdles mentioned by the FCC include difficulties obtaining required government licenses or permits or access to government assets, as well as restrictions in the use of government funding that hinder the pursuit of broader broadband goals.⁷ Many similar issues have surfaced in connection with examining broadband deployment in other under- or un-served areas, including rural communities and low-income urban areas.⁸ In those instances, however, one notable hurdle is absent and that is the jurisdictional challenges posed by Tribal sovereignty or applicable treaties.

With this in mind, the Commission is requesting specific information in the following areas: 1) quantitative deployment and adoption data, 2) tools and resources available for promoting broadband deployment in Native American communities “consistent with the realities of the telecommunications marketplace on Tribal lands” and the “fiduciary trust relationship between the federal government and the Tribes, ” including whether there are lessons to be learned from the build-out of telephone lines that can be applied to broadband deployment, and whether there are examples of coordination or cooperation among tribal, state and local governments in the build-out of telecommunication infrastructure that could serve as models for broadband deployment; 3) deployment and mapping, including whether there are any jurisdictional or other reasons why states do not include Tribal lands in broadband mapping and the extent to tribal census tract data could assist with broadband mapping efforts; 4) digital literacy/education, including whether existing facilities already serve or could serve as training locations , such as computing centers, schools or libraries or “chapter houses,” and the percent of Tribal community centers, schools and households that are passed today by fixed, mobile telephony or cable services; 5) affordability, including what public and private entities can do to promote broadband adoption, including discounting computers or the cost of monthly service to specified tribal consumers, or reducing the cost of broadband connectivity and service through such programs as Lifeline/Link Up programs; and 6) the role of Broadband Service Providers in bringing broadband services to Tribal lands, including such factors as the practical utility of pilot programs and the impact of Tribal sovereignty and jurisdictional issues on the ability of carriers to obtain rights of way over Tribal lands and entry.

This proceeding presents unique opportunities to influence the FCC’s thinking about how to address pertinent market, jurisdictional, regulatory and legal issues. Tribal authorities, mobile wireless broadband providers, spectrum licensees or other holders of interests in spectrum, backhaul facilities providers, and network management applications and device manufacturers that can be used for broadband deployment could be affected by this proceeding. Large network operators that serve adjacent areas could also be affected by the outcome of this proceeding.

Comments are due November 9, 2009. Reply comments are due December 9, 2009.

We are available to analyze the Public Notice, help arrange meetings with appropriate officials as necessary assist with preparing comments for filing with the FCC and monitor related proceedings at the agency.

For further information please contact Karen Neuman at kneuman@slrno.com or Jeff Olson at jolson@slrno.com.

The American Recovery and Reinvestment Act of 2009 embodies the recognition that revamping the nation’s utility grid to accommodate the energy needs of the 21st century is likely to increase demand for electricity. At the same time, however, digitizing some aspects of electricity transmission and delivery could help manage demand while utilizing emerging applications and technologies to reduce energy consumption.

The FCC is soliciting comments about barriers to entry and growth – as well as opportunities – for companies bringing smart grid technology to the wireless ecosystem. In particular, the FCC is asking for information about highly technical aspects of the smart grid, including the type of bandwidth and speed required for smart grid technologies, and how home networks will fit into the energy grid. The FCC also is also seeking information about the suitability of existing communications technologies and availability of existing networks for smart grid deployment and data transmission. The Agency, mirroring parallel assessments by utilities and meter device manufacturers about the use of spectrum for transmission of real time pricing and consumption data is particularly interested in whether smart grid wireless networks can perform better over licensed wireless spectrum, which is dedicated, or unlicensed spectrum, which is shared. The goal is to promote the efficient use of energy on both the supply and demand sides to help utilities and consumers reduce energy consumption through demand response by utilities and providing consumers access to their consumption information via in-home displays or web portals on wireless mobile devices.

Companies that produce wireless networking management tools, software or hardware manufacturers that enable two-way dialog between utilities, retailers and consumers, and other application or device manufacturers that can be utilized for smart grid purposes could be affected by the outcome of this proceeding. Spectrum licensees or users of shard spectrum could also be affected by the outcome of this proceeding.

We are available to interpret and analyze the Public Notice, help arrange meetings with appropriate officials as necessary and assist with preparing comments for filing with the FCC.

For further information contact Karen Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com.

Competition and Consumer Benefits. As part of its inquiry, the FCC asks a range of questions about both network providers and the consumers they serve. From a competition perspective, the FCC is not looking at just the total number of broadband wireless licensees in a given market segment, but also “how [it] should assess the ways in which spectrum holdings affect market structure, conduct and performance”. Of particular interest to the FCC is whether “consumers and end users are able to access the internet and other applications over their wireless network provider’s system.” This assessment also includes the device market for both traditional handsets, and smart phones, netbooks and modems/aircards as well as other devices which are connected by the customer or end- user to access the services or applications they desire. In order to judge the level of competition in specific wireless submarkets, the FCC asks what the different market segments are, and the degree to which specific pricing plans affect consumer choice. It also want to know whether consumers are constrained from switching carriers, and if so, why.

The FCC recognizes that there are already proceedings underway which address competitive conduct in the wireless market and that it may make decisions in those proceeding based on those records. Among the proceedings the FCC may be referencing include a Skype Communications S.A.R.L. (Skype) petition to the FCC. Skype, a VOIP, asks the FCC to declare that the FCC’s decision in its seminal Carterphone decision, which allowed consumers to connect their choice of customer premises equipment to the landline network, applies equally to wireless networks.

Also pending is the Rural Cellular Association (“RCA”) petition alleging that some data enabled smart phones, are not available to rural users. RCA claims that the iPhone ™ manufactured by Apple is exclusively available to customers of AT&T, making it unavailable in at least large portion of 15 states. ( In an August 21st letter to the FCC’s Wireless Bureau, AT&T indicated that it offers the largest subsidy AT&T has ever provided to subscribers who purchase the iPhone 3G.™ ).

Spectrum Utilization and Innovation. Both NOIs ask exhaustive sets of questions about spectrum utilization. For example, the FCC asks how the current wireless carriers utilize the spectrum that they have, if some spectrum is lying fallow, and if so why. It wants to know whether there are things it could do to improve utilization, including allowing more use of white space, encouraging more spectrum sharing, and whether such use should be licensed or unlicensed. It wants to know whether there is a relationship between investment in the wireless ecosystem, and spectrum utilization, and if so, how to measure it. The FCC also inquires if there is more it can do to encourage efficient shared use, subleasing, partitioning, and use of white space generally.

The FCC recognizes that one of its key challenges in bringing innovation to the market is the availability of sufficient spectrum, especially since most of the spectrum in the U.S. has already been put into use. With this in mind, it asks whether there are specific radio bands which could be “repurposed” and how such repurposing can be accomplished. It also asks whether in such circumstances clearing existing users off the band is required, or if there are additional innovative uses which would allow both applications to co-exist.

Referencing the FCC’s creation of the ability to transfer certain spectrum rights, including leasing of spectrum in the secondary markets, the FCC wants to know the extent to which the market for secondary use is working and if there are rule changes that would increase the amount of available spectrum for prospective users. It also seeks to understand the degree to which determining what constitutes “harmful interference” imposes unreasonable delays and whether it should rely on different means of dispute resolution that might yield quicker decisions where interference occurs. The FCC notes that the “association of particular services and applications with particular spectrum may become less relevant” and asks if the FCC should use a new spectrum access model that permits for increases in spectrum use.

The FCC asks new stakeholders such as the energy and health care providers to help it undertake its analysis by providing information and data within their purview, including how wireless is being used in their industries for innovative purposes, and if there is anything the FCC can do to facilitate innovation. It encourages participation by entities in edge markets by indicating that its rules allow for those confidential submissions, which can be withheld from public inspection.

The answers to these questions may show the wireless ecosystem and each of its subsets to be vigorously competitive and operating consistent with the public interest. However, these proceedings may also reveal that dominance in the spectrum arena allows carriers to dominate the broader market for wireless services. Answers to these questions, and the FCC’s response thereto, may well determine how this marketplace continues to develop in this country, perhaps not just in wireless but in other goods and services as well.

We are available to interpret and analyze the NOI with your needs in mind.

Please contact Judith St. Ledger-Roty at judithslr@slrno.com, Karen Neuman at kneuman@slrno.com, or Jeff Olson at jolson@slrno.com for further information.

Notification Requirement Triggers.

The rule’s notification provisions are triggered when an individual’s unsecured PHR data maintained by a PHR vendor or related entity is discovered to have been acquired by a third party without the consent of the individual. A breach is deemed discovered at the point when any employee, officer or other agent of the PHR vendor knows or should reasonably have known that a breach occurred. Notice must be given to affected individuals without unreasonable delay and in any event no more than 60 days after discovery of the breach. Breaches involving 500 or more people require FTC notification

In addition, third party service providers must notify the PHR vendor or related entity for breaches arising from its products or services. Third party service providers must notify a senior official of the PHR vendor or related entity. In order for this notice to be effective its receipt must be acknowledged, after which the PHR vendor must notify affected individuals and the FTC, unless the vendor and the related entity or service provider have otherwise contracted.

Notification Time, Method and Content.

The time, method and content of notification of a breach are prescribed in the rule and may include notice to specified media outlets, posting on a vendor’s website, and even by e-mail. Breaches affecting 500 people or more require FTC within 10 business days of discovery and notice to the public through the media. The agency has a form posted on its website for submitting breach notices to the FTC. When breaches involve less than 500 people vendors may maintain a log of breaches occurring during the calendar year and submit the log to the agency at years’ end.

Business Consequences.

The rule could entail significant compliance costs. The FTC anticipates that the rule covers approximately 900 entities, including 200 PHR vendors, 500 related entities and some 200 third party service providers. It is also estimated that each of these entities will experience 11 breaches per year that may trigger the rule’s notification requirements.

The potential costs to covered entities could include significant compliance costs estimated by the FTC to exceed $1 million annually. These costs include: 1) determining what information was breached, 2) identifying affected individuals, 3) preparing the breach notices and 4) reporting the breach to the FTC. Other costs include those associated with notifying affected individuals and responding to their inquiries through various means, including a toll-free number set up by the responsible entity.

These costs could potentially deter innovation, particularly by small companies that develop applications, products and services for remote monitoring, storage, access and use of personal health data by patients, family and care providers, physicians and insurance companies. In addition, violators would be treated as having engaged in unfair or deceptive acts or practices in violation of the FTC Act4and could be subject to criminal or civil penalties. The rule could also affect contractual relationships created by a PHR’s terms of service agreement and users of the PHR product. For example, the rule could create uncertainties about contractual obligations or impose obligations that exceed existing ones.

Application.

The rule applies to breaches that occur after September 18, 2009 although the FTC has indicated that for the first 180 days it will exercise discretion enforcing it, after which all covered entities are expected to be in full compliance. It can be found at 16 CFR Part 318.

We are available to assist you in evaluating your current data security and breach detection procedures and to provide guidance about bringing those procedures into compliance with the new rule.

Please contact Karen Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com to obtain additional information.

Accordingly, the rule applies to entities as diverse as newspapers, lawyers, medical professionals, retailers that offer financing or process credit applications as well as “mom and pop” retailers that routinely bill in arrears for goods and services. Many entities that do not consider themselves creditors may be surprised to discover that they are covered under the rule. Companies should assess their business practices -- including their billing practices -- carefully to determine whether they are covered by the broad "creditor" definition.

Following numerous requests seeking exemption from the rule, the FTC initially delayed enforcement until May 1, 2009 as it sought to clarify which entities would be covered.

More recently, the American Bar Association filed suit in U.S. District Court for the District of Columbia to block enforcement of the rule, arguing in part that billing a client is not an extension of credit that turns every lawyer and law firm into a creditor. The ABA also contends that in applying the rule to lawyers the FTC failed to articulate a rational connection between the practice of law and identify theft.

Despite the FTC’s decision to delay enforcement of this rule and the federal court proceedings, businesses that provide services to their customers for which those customers are later billed should assess their current programs for detecting and responding to potential identity theft. While it is possible that very few businesses may obtain exemption from the rule, the majority of businesses that bill in arrears will be required to comply with its provisions.

We are ready to assist with assessing your business and billing practices to ascertain if you are a covered entity under the rule, evaluate your identify theft detection program for compliance with the rule, and provide guidance as needed to bring it into compliance.

For additional questions about FTC enforcement of the Red Flags rule please contact Karen Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com or call Karen or Judith at 202.454.9401.

Given the short time frame for submitting applications in response to this NOFA (July 14-August14), the most competitive applications were those where rigorous market analysis, business planning and engineering were already well underway. Many potential applicants that were not very far along in the process decided to consider the risks and benefits of applying for funding in the subsequent rounds. We are available to undertake this analysis for entities considering seeking funding in the second or third rounds.

Summary of Key Provisions in First NOFA.

State and local governments, Native American tribes, nonprofit foundations, corporations and associations and private sector entities were eligible to apply. This approach was intended to encourage partnerships to expand to the greatest extent broadband capabilities and uses.

The agencies intended to award approximately $4 billion in this initial round of funding, for which applications were to be submitted between July 14 and August 14. NTIA intended to release 1.6 billion dollars in grants and RUS appropriate $2.4 billion for “last mile” and “middle mile” projects. NTIA grant recipients must provide a minimum of 20% in matching funds. Priority was to be given to projects that give end users a choice of providers: serve the highest proportion of rural residents that lack access to broadband service: were projects of current or former RUS borrowers; and were fully funded and ready to start once funding is received. The majority of the $2.4 billion released by RUS were in loan/grant combinations. 320 million dollars was held in reserve. Following an elaborate review process, described below, both agencies are slated to begin making awards on a rolling basis around November 7. Applications were required to include a legal opinion as to your ability to apply for funding. Five percent of the grant could be used to cover costs associated with preparing the application.

Definitions.

The NOFA defines the following key terms:

Broadband: a “terrestrial wireless or wireline connection that can deliver speeds of at least 768kb/s downstream and 200 kb/s upstream”. These speeds appear slow by today’s standards, reflecting a desire to make the process as least restrictive as possible, preserving the ability of a broad range of technologies and applicants to qualify. That said, preference will be given to higher-speed projects.

Unserved: one or more contiguous “census tracts” in which at least 90% of households lack broadband connectivity.

Underserved for last mile projects: areas where 50% of households or more lack broadband, where fewer than 40% of households subscribe to broadband, or where no service provider advertises broadband transmission speeds of at least 3 Mb/s. At least one of these factors must be met, although there is a presumption that more than one factor is present.

Underserved for middle mile projects: where “one interconnection point terminates in a proposed funded service area that qualifies as unserved or underserved for last mile projects.” Service areas are composed of one or more contiguous census blocks that meets the criteria for broadband service and advertised speeds.

The challenges posed by the granular census block designation was intended to 1) identify eligible areas without a definitive or authoritative source for this information, which is largely in the possession of incumbent broadband providers and, therefore, 2) surviving challenges by existing broadband providers who are able to .

The grant set asides for middle mile projects were intended to promote the extension of service in the last mile to a home by ensuring that the connection extends back to the local ISP through the network and then out to the Internet.

Non-discrimination and Interconnection Obligations: All applicants were required to adhere to the FCC’s Internet Policy Statement, and disclose proposed interconnection, nondiscrimination. Network management practices were also required to be disclosed in the applications. We expect these requirements to be included in subsequent NOFAs.

In addition to a commitment to an open, non-discriminatory network, applicants were evaluated on the proposed openness of the proposed network. Preference was given to applications that exceeded the minimum requirements for interconnection and nondiscrimination.

Evaluation/Award Process.

The first NOFA established an elaborate, two-step application process. The goal of the first step was to create a pool of viable applications for consideration. The goal of step two was to fully vet the submissions that made the cut in step one and identify the most highly qualified projects for final review and selection. The scoring systems for RUS and NTIA proposals differed and it was necessary for applicants to be familiar with each. Nevertheless, in each instance applicants were required to submit a system design and project timeline, certified by a professional engineer for any project seeking funds over $1 million. States were granted considerable influence over who would receive awards under the BTOP program by being able to provide a priority list and recommended projects, along with an explanation of whey selected proposals meet the greatest needs of that particular state.

There were a number of questions raised by the NOFA which the agencies tried to address on their websites, and in information meetings with potential applicants. Concerns remain about the programs’ scoring criteria, eligibility requirements, and even whether projects proposed in the future that differ from those that appeared to be competitive in the first round will be funded in the subsequent rounds. It is therefore anticipated that the rules will revised for the second and third rounds of funding, currently slated to commence in fall 2009, and may be broadened to support funding for urban and other projects. It is possible that one or both agencies will revise the rules in the first NOFA rules through rulemaking proceedings but so far there has been no announcement.

We remain available to interpret, analyze and clarify the forthcoming NOFAs, provide strategic guidance to help you prepare your application, and provide other legal or strategic review and support. We are also available to help prepare comments for filing and, in any event, arrange meetings with appropriate officials as necessary.

Please contact Karen L. Neuman at kneuman@slrno.com or Jeff Olson at jolson@slrno.com to discuss how we can provide assistance with the application process for future funding rounds and related projects.

The Agency flagged three areas that might be ripe for regulation. They involve:

Disclosures about the cost of mobile service. The report notes that industry best practices often lack transparency and are poorly understood by consumers. The staff recommended improved education within the industry about these practices along with frequent monitoring for compliance purposes and to update knowledge of best practices.

Unwanted or harmful mobile text messages. The FTC will continue working with law enforcement to monitor unwanted mobile text messages, malware and spyware. The FTC admonished that multiple players in the mobile ecosystem, including carriers, manufacturers, software providers as well as users bear responsibility for the security of personal information in their handsets.

Privacy challenges related to children’s use of smart phones for Internet access. The report identifies several areas of concern involving the use of mobile devices by children, including functionality for limiting their ability to make purchases, the use of mobile devices for cyber-bullying, and ways to limit classroom disruption by mobile devices. The FTC also announced that it will expedite the regulatory review of the Children’s Online Privacy Protection Rule² to ascertain whether it should modified to address rapid changes in the mobile marketplace. This review was originally slated for 2015, but will now commence in 2010 with opportunity for extensive public comment.

As with the agency’s behavioral advertising proceeding,³ this report sends a strong signal that the FTC will closely monitor consumer protection, including security, privacy, and the business practices of carriers, applications and device manufacturers, and other entities operating in the mobile marketplace. It is very likely that the ubiquity of mobile computing and communications in all aspects of social, economic, individual and political life will result in increased demand for legislation and/or regulation. Accordingly, mobile service providers, device and applications manufacturers, and content providers should continuously monitor industry best practices in the areas that are the topic of this report to ensure that their privacy policies are in compliance with industry best practices, applicable FTC principles, and even potentially applicable regulations promulgated by other agencies.⁴

We are available to assist you in reviewing your privacy policies and data security programs for compliance with the principles set forth in this report as well as applicable industry best practices. We are also available to monitor further developments at the FTC that could affect companies offering mobile services, applications and devices as well as related proceedings at the FCC, and to provide counsel companies about appropriate future compliance measures.

For additional information please contact Karen Neuman at kneuman@slrno.com or Judith St. Ledger-Roty at judithslr@slrno.com.