|History: Common Carriage & Bailment|
- Common Carrier
- - Market Power / Essential
- - Non discrimination
- - Refusal to carry
- - AT&T
© Cybertelecom ::
When a customer / end user hands over its information to a network service provider for delivery, the customer / end user loses control over that information and must trust that the service provider will deliver the information and that the service provider will protect the security and integrity of the information. [Fred Baker, Internet Routing with MANRS, MANRS (n.d.), ("Customers trust that their ISPs and IXPs will connect them to those entities with whom they want to communicate. Routing incidents, such as accepting or propagating a false prefix, are a fundamental service failure in that they connect their customers to someone else.").] [Rafi Goldberg, NTIA, Lack of Trust in Internet Privacy and Security May Deter Economic and Other Online Activities (May 13, 2016), (discussing how end users must "trust" network service providers for the security of their data and communications)]. [NY p. 56 ("Once having undertaken public service, at common law a carrier was obligated to perform fully, and was held strictly liable for failure which resulted in any damage to goods. Thus a customer of a common carrier can expect that the carrier will transport/transmit that which is tendered without loss or unreasonable delay to the requested destination. For today's telecom, this duty may translate to assurances of transmission to the connection at satisfactory sound or error levels, without unreasonable losses or down-time, and timely network access and transmission.")]
Entrusted with the information, the service provider has the ability / opportunity to monitor or damage the information. [Coggs v. Bernanrd, (1703) 2 Ld Raym 909, 918, 92 ER 107. (holding common carriers strictly liable "else these carriers might have an opportunity of undoing all persons who had any dealings with them, by commingling with thieves, &c. and yet doing it in such a clandestine manner, as would not be possible to be discovered.")] [China Telecom Americas Corporation, GN Docket No. 20-109, Order Instituting Proceeding, para 33 (2020)("A service provider, such as China Telecom Americas, could analyze application content or metadata derived from packets transiting a device or infrastructure that is managed by the service provider. For example, tools that are used by a service provider to identify network intrusion or perform deep packet inspection can be leveraged by such service provider to perform pervasive monitoring, which has been identified as an attack on the privacy of Internet users and organizations.")]
If the service provider has an incentive to engage in malicious actions, the customer / end user may have little ability prevent such actions and may have little ability to know that the service provider has so acted. [China Telecom Americas Corporation, GN Docket No. 20-109, Order Instituting Proceeding, para 33 (2020) (considering scenario where network service providers incentive might be economic espionage)]
Traditional common carriage jurisprudence viewed the relationship of a customer / end user to a network service provider as a bailment relationship.
The network service provider is entrusted with the communications / information / data / message. There is an ongoing relationship between the service provider and the customer / end user (including situations where the information may be a customer's customer's information). A network service provider of a customer sits in a unique gatekeeper position, and is able to see all of the communications sent and received by its customer. [China Telecom Americas Corporation, GN Docket No. 20-109, Order Instituting Proceeding, para 34 (2020) (quoting Prof. Paul Ohm in support of the proposition, a service provider sits at a privileged place in the network . . . from which it enjoys the ability to see at least part of every single packet sent to and received from the rest of the Internet.")] [FCC Broadband Privacy Order 2016 para 28 (Rescinded by Trump FCC) ("a broadband provider sits at a privileged place in the network, the bottleneck between the customer and the rest of the Internet a position that we have referred to as a gatekeeper. As such, BIAS providers can collect an unprecedented breadth of electronic personal information.") ] [How Will the FCC's Proposed Privacy Regulations Affect Consumers and Competition? Hearing Before United States Senate Committee on Commerce, Science and Transportation, 114 Cong. (2016) (Testimony of Prof. Paul Ohm. Every network service provider "sits at a privileged place in the network, the bottleneck between the customer and the rest of the Internet. This favorable position gives it a unique vantage point, from which it enjoys the ability to see at least part of every single packet sent to and received from the rest of the Internet."); Harold Feld, et. al., Protecting Privacy, Promoting Competition: A Framework for Updating the Federal Communications Commission Privacy Rules for the Digital World, Public Knowledge White Paper, (2016) (discussing the data that can be gathered by a network service provider from its customers and end users)]
The network service provider has the opportunity / ability to engage in malicious acts which exceeds the authorization of the original relationship:
- Information Gathering (monitoring, copying, mirroring, stealing, forensics) [China Telecom Americas Corporation, GN Docket No. 20-109, Order Instituting Proceeding, para 34 (2020) ("China Telecom Americas, like any other service provider... has the technical ability, with or without the authorization of its customers, to observe, gather, intercept, inspect, and alter or compromise data that transit its network or any equipment under its management")]
- Meta / transactional information such as addresses, protocols, ports, encryption, size, time of day, location. Even where communications are encrypted, service providers can engage in forensics and gather a tremendous amount of information from communicators
Service providers can combine information gathered from network communications with information about the customer learned from the commercial relationship or from other sources.
Recognizing this vulnerability, the common law has held common carriers strictly liable for damage to the goods entrusted to them. From the beginning, communications networks gave rise to privacy laws and rules.
- Benjamin Franklin's postal service was created in order to ensure the privacy and security of communications.
- The first rules of the first commercial communications networks, telegraph services, addressed the privacy and security of communications. (see also Intl Telegraph Convention first treaty)
- Telephone rules ensured the privacy and security of communications through the Wiretap Act and the Customer Privacy Network Information (CPNI) rules.
- The FCC's Network Neutrality rules of 2015 sought to address this concern, but there were rescinded by Trump's FCC.
- Other laws such as the Computer Fraud and Abuse Act protects the privacy and security of data