Some businesses are pushing for a veto of Vermont’s privacy bill, Wiley attorney Joan Stewart said on a webinar Wednesday. The Vermont legislature passed H-121 earlier this month but Gov. Phil Scott (R) hasn’t signed it yet (see 2405130050). “Outlier provisions” in Vermont’s bill have raised grave concerns in the business community “and there are some strong efforts going on right now to try and persuade the governor to veto that [proposed] law,” said Stewart. One key difference with other state laws is the Vermont bill’s broad private right of action (see 2403220040). Most existing privacy laws allow enforcement by only the state attorney general, though California gives individuals a more limited right to sue, she said. Vermont could be the 20th state to enact a privacy law. Minnesota became the 19th on Friday (see 2405280038).

It wouldn’t be an “unfunded mandate” to require ISPs to have $15 affordable broadband plans as a condition of getting support from the California Public Utilities Commission’s federal funding account (FFA), The Utility Reform Network said Tuesday. TURN replied in docket R.20-09-001 to industry objections to the group’s petition asking the CPUC to pause FFA grants until it modifies rules to account for the federal affordable connectivity program (ACP) winding down (see 2405160055). "The courts have previously held that funding conditions for voluntary programs are permissible; funding conditions are not unfunded mandates or rate regulations,” said TURN. "Providers are free to decline FFA participation and instead charge customers whatever they wish.” Existing ISP-designed affordable plans are no substitute for ACP, added the consumer group: Such industry plans "tend to have significantly more restrictive eligibility requirements than the ACP and therefore will not be available to all ACP recipients.” TURN has two other petitions related to ACP's end (see 2405240060).

Reject T-Mobile’s request to make it optional for California Lifeline providers to accept applications for low-income support from people who lack social security numbers, said consumer and low-income advocates in replies Friday at the California Public Utilities Commission. In comments earlier this month (see 2405130044), T-Mobile’s Assurance Wireless raised concerns about “requiring companies to process, review and collect a fluid set of unfamiliar and unverifiable ‘identity documents’ without any safe harbor.” Legal Services of Los Angeles County, the Legal Aid Association of California and other low-income advocates disagreed. "While providers may assist with collecting additional identity documents, the [third-party administrator] will make eligibility determinations based on identity documents, so the alleged basis for the need for providers to discriminate against individuals without SSNs is specious.” The Utility Reform Network and the Greenlining Institute “oppose any call for California LifeLine to discriminate against people without SSNs.” The consumer groups noted that people lacking SSNs include "some of the most vulnerable members of our communities: survivors of domestic violence, refugees, and people facing housing insecurity.” Meanwhile, AT&T urged the CPUC to slow down. That every commenter suggested revisions to the staff's proposal shows that the CPUC should take additional time to develop a plan, said the carrier: Require staff to submit a revised, more-detailed proposal and seek more comments. But the low-income advocates said it’s time to act. “Despite any lingering questions or disagreements … the Commission should immediately change the application and expand the list of acceptable identification documents ... without further undue delay,” they said. “Any other feedback on the staff proposal can be resolved later."

Many applications for federal broadband funds at the California Public Utilities Commission propose projects that would mostly cover already served areas, the CPUC’s independent Public Advocates Office said Friday. PAO has “major concerns about several grant request proposals” seeking federal funding account (FFA) cash, it said in a letter to CPUC Communications Division Director Robert Osborn. PAO reviewed 484 pending applications seeking $4.6 billion from the $2 billion fund. “Even with this oversubscription, the applications appear to cover less than half of eligible unserved FFA locations,” it said. PAO urged the CPUC to prioritize projects that cover the most unserved locations and “especially those that cover low-income and disadvantaged locations.” Also, the commissions should work with applicants to expand proposed project areas to cover more unserved locations, it said.

California lawmakers supported limiting smartphone and social media time at school in votes last week. The Assembly voted 69-0 on Thursday to approve AB-3216, which would require schools to adopt limits or bans on student use of smartphones. Meanwhile, the Senate voted 35-0 to pass SB-1283, which would require a similar policy for social media. Each bill will now go to the opposite chamber.

Despite expectations that the affordable connectivity program (ACP) will run dry in days, telecom companies continued arguing in comments last week that the California Public Utilities Commission should take its time forming its response. However, while larger ISPs slammed consumer advocates' proposal, small local exchange carriers said they would work with the advocates on a compromise that quickly expands California LifeLine support to broadband.

National Cyber Director Harry Coker told the President’s National Security Telecommunications Advisory Committee the Biden administration is focusing on cybersecurity in space and strengthening internet routing security. Meeting virtually late Thursday, NSTAC also received an update from cloud-service providers on a pending report about baseline security offerings that was initially expected to be finished this month (see 2312070053).

A state court needn’t set a deadline for the California Privacy Protection Agency (CPPA) to make rules on cybersecurity audits, risk assessments and automated decision-making technology, with enforcement “still distant,” the agency said Wednesday. The California Superior Court of Sacramento asked May 3 if it should set a “date certain” for those rules after the California Chamber of Commerce’s lawsuit against the agency returned to the court. The court scheduled a June 21 hearing on the question. In February, California’s 3rd District Court of Appeal reversed the court’s June decision that granted a CalChamber petition and stayed any CPPA rules for 12 months after they become final. CalChamber petitioned for review at the California Supreme Court (see 2402210031), but that court declined to take the case on April 24. As a result, the only remaining issue for the Superior Court to decide is whether to set a deadline for the upcoming CPPA rules. In its Wednesday brief, the privacy agency said it started drafting remaining rules at issue in the case and will finalize them "once it has determined that it has received sufficient feedback from stakeholders and obtained necessary approval from state control agencies. In the meantime, it will not enforce the law in the specific areas still subject to regulation. Petitioner is entitled to nothing more.” It would be “improper” for the court to set a deadline because the Administrative Procedure Act (APA) “rulemaking process involves a substantial exercise of judgment and discretion over the timeline of the process itself,” the agency said in case 34-2023-80004106-CU-WM-GDS. “Petitioner's interests are already protected by enforcement delays and the APA-mandated procedures for stakeholder input.” The agency already took more feedback than the APA requires in a pre-rulemaking phase and will soon seek more input when it opens a formal rulemaking process, added the agency. In another brief, CalChamber pointed out that the agency was supposed to adopt final rules by July 1, 2022. “Petitioner continues to be concerned about the Agency’s timeline for fulfilling its statutory obligations with respect to the three outstanding rulemakings.” Given the coming rules’ significance, CalChamber "remains invested in ensuring the Agency does not attempt to adopt the regulations on a timeline that does not allow sufficient time for stakeholder review and participation, public comments, and meaningful consideration of public input,” said the business group. That said, CalChamber noted that only the agency "can fully address the anticipated timing for the adoption of the outstanding regulations.”

California Assembly members supported a proposed ban on digital discrimination the same day that state senators backed a proposal that would remove a free internet requirement in the state’s public housing broadband grant program. Bills on universal opt-out and social media also cleared their originating chambers Wednesday. The Assembly voted 43-10 to pass AB-2239, which would codify in California law the FCC’s definition of digital discrimination and allow state and local enforcers to seek injunctive relief (see 2404230039). On the privacy front, Assembly members voted 53-7 to pass AB-3048, which would require web browsers to include an option to opt out of selling and sharing data on all websites. The California Privacy Protection Agency supports that bill (see 2403130048). Also, the Assembly voted 46-0 for AB-2481, which would create a mechanism for people who report threatening content on social media platforms. In the other chamber, senators voted 37-0 for SB-1383 to remove restrictions included in the California Advanced Services Fund (CASF) public housing account that require ISPs to provide free internet before receiving grants. The cable industry supports the bill because it claims that the current restriction deters grant applications (see 2404020049).

Several California bills crossed chambers Tuesday. The Assembly voted 47-15 to pass AB-1826, which updates the state’s 2006 cable law, the Digital Infrastructure and Video Competition Act. The bill would increase fines for service-quality problems and aims at increasing participation of the public and its advocates in the franchise renewal process (see 2404250036). The Assembly voted 71-0 for AB-2765, which would require the California Public Utilities Commission to report on inspections that ensure companies comply with resiliency plans. The body also voted unanimously for AB-2905, expanding the state’s autodialer definition to include calls made with an AI voice. On the privacy front, the Assembly voted 50-14 for AB-2930 to set rules for automated decision-making technology, including requiring impact assessments and disclosures to consumers. The same chamber voted 58-0 for AB-1949 to amend the California Consumer Privacy Act (CCPA) to additionally stop businesses from collecting, using, sharing or selling personal data of anyone younger than 18, unless they get consent or if it’s absolutely needed for business purposes. The state’s Democratic Attorney General Rob Bonta backed the bill (see 2401300049). In addition, the Assembly voted 50-10 to pass AB-1791, which would require social media platforms to delete personally identifiable information, called provenance data, from uploaded content. In the Senate, the vote was 38-0 in favor of SB-1223, which amends the CCPA to include “neural data” as a type of sensitive personal information. And senators voted 34-0 to pass SB-1504 to tighten a cyberbullying law that requires social platforms to have reporting mechanisms (see 2404230039). Also, the Senate voted 30-9 to approve SB-1460, which would require a group to develop model contract provisions for telecom sector apprenticeships.