Striking back at The New York Times Company, the Federal Communications Commission is urging a judge to rule the agency need not disclose information about net neutrality commenters because it would compromise their privacy.
The Times, which is investigating potential Russian meddling in the 2017 net neutrality proceeding, recently sued the Federal Communications Commission in an attempt to force it to disclose information about people who filed comments with the agency. The Times says it needs a host of data -- including users' IP addresses and time stamps of their comments.
But late last week, the FCC countered in new court papers it can't divulge that data without compromising commenters' privacy.
“If the FCC is compelled to disclose an individual’s IP address, operating system and version, browser platform and version, and language settings, and that information is linked to the individual’s publicly-available name and postal address, that disclosure would result in clearly unwarranted invasions of personal privacy,” the FCC argues in papers filed late last week with U.S. District Court Judge Lorna Schofield in the Southern District of New York.
The court battle stems from the 2017 net neutrality proceeding, which resulted in the FCC's decision to repeal the Obama-era net neutrality rules. Those rules prohibited broadband providers from blocking or throttling traffic and from charging higher fees for fast-lane service.
In April 2017, FCC Chairman Ajit Pai proposed revoking the rules. That proposal drew a record-breaking 22 million comments, but many were submitted under fake names, or by Russian bots. The precise number of fake comments is unclear, but around 450,000 came from Russian email addresses.
The Times sued the FCC last September in an attempt to obtain IP addresses, timestamps and user-agent headers -- which could provide information about commenters' browsers -- for all public comments regarding net neutrality submitted between April 26, 2017 and June 7, 2017.
The newspaper argues it's entitled to the information under the Freedom of Information Act.
Last month, the Times argued in court papers that any risk to consumers' privacy is small, since most web users have different IP addresses now than in 2017. “Most individuals connect their devices to the internet using a steadily changing series of IP addresses assigned by internet service providers,” the Times wrote in a motion for summary judgment. “An internet-connected device’s IP address today may not be its IP address tomorrow. And the IP address of a device used by a commenter in mid-2017 is almost certainly not its IP address in mid-2019.”
The newspaper also argued IP logs will reveal clues about the geographic locations of commenters -- including whether they came from Russia.
But the FCC counters that not all commenters necessarily have different IP addresses now than in 2017. The agency adds IP addresses can be combined with other data in ways that pose a risk to people.
“Anyone who can link an individual commenter’s name and postal address with his or her IP address and User-Agent header can commercially exploit the user’s personal information for financial gain, commit identity theft, or otherwise harm the user,” the agency writes.
FCC associate Chief Information Officer Erik Scheiberg adds in court papers that even old data about IP addresses can be used for tracking.
“Even 'outdated' IP address information can be useful to digital advertisers,” Scheiberg writes in a declaration submitted to the judge. He adds that ad companies could match older IP addresses with commenters' names and addresses in order to “identify and learn more about a person’s past online activity.”
The Times and FCC are expected to submit additional arguments to Schofield later this month.