Lawmakers, Others Ask 6th Circuit to Rehear August Decision on FCC Data Breach Rules
A coalition of 24 members of Congress, led by Sen. Eric Schmitt, R-Mo., and Rep. Scott Fitzgerald, R-Wis., urged the 6th U.S. Circuit Court of Appeals to rehear en banc an August decision that upheld the FCC’s data breach notification rules, despite a Congressional Review Act action in 2017 that overturned similar requirements in other privacy rules (see 2508140052). Right-leaning interest groups also asked for rehearing, as sought by ISPs (see 2509290066). Briefs were filed Monday in case 24-3133.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
Judge Jane Stranch wrote the 6th Circuit's 2-1 decision. Judge Richard Griffin dissented, saying the order was unlawful and should be set aside.
“Congress rarely exercises its powers under the CRA, but when it does so, it acts as strong medicine to nullify each and every constituent rule within the targeted regulation, which also bars the agency from issuing a substantially similar rule in the future,” the lawmakers said. “This power would be meaningless if the agency could simply reissue the same rule piece-meal -- but that is precisely what the majority opinion held. Because the matter is of exceptional importance to the separation of powers, this Court should grant rehearing.” The lawmakers' brief was written by Trent McCotter, who also represented Consumers’ Research in its challenge of the universal service contribution factor at the U.S. Supreme Court.
“The existence of administrative agencies, those sprawling departments tasked by Congress with the faithful execution of its laws, has regularly threatened to unconstitutionally combine the legislative and executive powers,” said a trio of free-market-oriented groups. “It is the responsibility of the Legislative and Judicial Branches to ensure that administrative agencies do not so run amok. ... In this case, the Legislative Branch has done that work,” said the brief, signed by the Washington Legal Foundation, the National Federation of Independent Business' Small Business Legal Center and the Buckeye Institute.
TechFreedom said the “purportedly new” data rule violates the CRA because it's “substantially the same -- indeed, functionally identical -- to the 2016 Data Breach Notification Rule.” The panel’s split decision addresses “a question of exceptional importance, mistakenly holding that courts must compare revised rules to entire agency orders to determine whether they are substantially the same,” TechFreedom added. “The case strikes at ‘the heart of the CRA’ and warrants the full Court’s attention.”
“The job of a judge has always been ‘to say what the law is,’ not what they want it to be,” the Cato Institute argued. The 2024 order “is substantially similar to the FCC’s 2016 order, which Congress disapproved. Respecting the clear and obvious meaning of the law would mean striking down the FCC’s 2024 order.”
The American Free Enterprise Chamber of Commerce (AmFree) also filed in support of rehearing. “If allowed to stand, the panel majority’s interpretation of the Congressional Review Act provides a blueprint for agencies with an anti-free-market agenda to effectively nullify Congressional disapprovals of agency regulations, robbing AmFree and its members of the certainty that should accompany a binding resolution that is passed by Congress and signed into law by the President.”
CRA resolutions are “legislation,” not “administrative action,” the group said. The CRA “strips courts of jurisdiction to review any ‘determination, finding, action, or omission’ made pursuant to the CRA … and prohibits agencies from re-issuing any disapproved rule ‘in substantially the same form’ without legislative authorization.”