Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act
Section-by-Section Summary Section 1
–
Short Title Section 2
–
Definitions
Commission
Communications Provider
Competing Communications Provider
Competing Communications Service
Custodial Third-Party Agent
Interoperability Interface
Large Communications Platform
Large Communications Platform Provider
User Data
Section 3- Portability
Large communications platform providers
–
i.e. providers operating communications platforms with over 100 million monthly active users in the U.S.
–
must operate transparent, third-party accessible interfaces that allow users to safely transfer their data (directly to the user or to a competing communications provider acting at the direct of a user)
Competing providers that receive ported data must properly secure ported data
Products or services that do not generate income from the collection, use, or sharing of user data are exempt from the
Act’s
portability obligation
Section 4
–
Interoperability
Large communications platform providers must operate transparent, third-party accessible interfaces
(“interoperability interfaces”)
that facilitate and maintain compatible communications with competing providers
Competing providers that receive data through an interoperability interface must properly secure all data accessed via that interface
The bill sets forth terms of service under which a large communications platform provider must maintain interoperability, including:
o
non-discrimination, by which a platform provider must facilitate interoperability based on fair, reasonable, and nondiscriminatory terms
o
reasonable fees and access terms, by which a platform can:
establish reasonable thresholds on the frequency, nature, and volume of requests, including assessing a reasonable fee for such access
establish reasonable usage expectations to govern access by competing providers
provide advanced public notice of any fees, penalties, or usage expectations associated with access (or changes) to an interoperability interface
o
privacy and security standards, which a platform provider must set consistent with industry best practices, as well as an obligation to report suspected violations to the Federal Trade Commission
o
prohibiting changes to interfaces, or to terms of use, which would undermine interoperability by competing communications services
If a large communications platform provider uses an interoperability interface between its own platforms and services, it must offer an equivalent interface to competitors
In the context of communications between a user of a large communications platform provider and a user of a competing communication provider, neither provider may
collect, use or share the data associated with the other service provider’s users
Products or services that do not generate income from the collection, use, or sharing of user data are exempt from the interoperability obligation
Section 5
–
Delegatability
Users of a large communications platform may delegate the management of their online interactions, content, and account settings to a custodial third-party agent
The FTC must establish rules to authenticate access by custodial third-party agents
Custodial third-party agents must register with the FTC and abide by a list of rules governing their access to large communications platforms. If custodial third-party agents do not, they are subject to a range of penalties, including revocation of access rights
Custodial third-party agents:
o
must reasonably safeguard the privacy and security of any user data provided by a user or accessed
on a user’s behalf
o
may not collect, use, or share user data for the commercial benefit of the custodial third-party agent
o
do not gain greater access rights than the user has to a large communications platform, and
o
cannot access or manage user’s online interactions in any way that:
benefits the third-party agent and harms the user,
will result in foreseeable harm to the user, or
is inconsistent with the directions or reasonable expectations of the user
Section 6
–
Implementation and Enforcement
The FTC must promulgate regulations no later than 1 year after the enactment date
No later than 180 days after enactment, the FTC, in consultation with industry stakeholders, shall establish rules for verifying user portability and interoperability requests
No later than 180 days after enactment, the National Institute of Standards and Technology must develop and publish model technical standards for interoperability among popular services, including:
o
online messaging,
o
multimedia sharing, and
o
social networking
Large communications providers who maintain interoperability through open standards, such as those established by NIST, are entitled to a rebuttable presumption of providing access on fair, reasonable, and non-discriminatory terms
The FTC must regularly assess compliance by large communications platform providers
The FTC will establish procedures so users and competing platform providers may file complaints alleging that a large communications provider, competing provider, or third- party agent has violated this Act
The FTC is empowered to treat violations of the Act as violations of a rule defining an unfair or deceptive act or practice
–
allowing the FTC to directly assess fines or related penalties for violations
The Act shall supersede conflicting state laws and regulations
Section 7
–
Relation to Other Laws
Nothing in the Act modifies, limits, or supersedes the operation of any privacy or security provision in
—
the Privacy Act of 1974;
the Right to Financial Privacy Act of 1978;
the Fair Debt Collection Practices Act;
the Children’s
Online Privacy Protection Act of 1998;
title V of the Gramm-Leach-Bliley Act;
chapters 119, 123, and 206 of title 18, United States Code;
the Family Educational Rights and Privacy Act of 1974;
section 445 of the General Education Provisions Act;
the Privacy Protection Act of 1980;
the regulations promulgated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d
–
2 note), as those regulations relate to
—
o
a person described in section 1172(a) of the Social Security Act; or
o
transactions referred to in section 1173(a)(1) of the Social Security Act;
the Communications Assistance for Law Enforcement Act;
sections 222 and 227 of the Communications Act of 1934; or
any other privacy or security provision of Federal law
Reward Your Curiosity
Everything you want to read.
Anytime. Anywhere. Any device.
No Commitment. Cancel anytime.
