FCC Investigating Role of Connected Car Services in Protection of Domestic Violence Survivors

On April 8, 2024, the FCC released a Further Notice of Proposed Rulemaking (FNPRM) seeking comment on a number of issues under the Safe Connections Act (SCA) specifically related to connected car services. As indicated by Chairwoman Rosenworcel's February 28, 2024, announcement, the agency was spurred to issue the FNPRM by media reports about connected car services being used against domestic violence survivors. The FNPRM was published in the Federal Register on April 23, 2024.

In its November 2023 Order on the SCA, the FCC enacted rules requiring mobile service providers, upon request by a domestic violence survivor, to separate a mobile phone line from the account held by an abuser. The current FNPRM addresses domestic violence issues in a different context―connected car services―that was not a focus of the SCA. In general, connected car services can include remote start, location-based services, entertainment apps, internet access, and Wi-Fi hotspots, but do not include mobile voice service. And, while connected car services will generally make use of the same data connection embedded in the vehicle, a car manufacturer may choose to offer only a subset of the available services.

Line Separation Obligation Under the SCA

In 2022, Congress passed the SCA, focused on ensuring that domestic violence survivors could separate their phone lines so that they no longer had to share a joint mobile service contract with their abuser. The statute specifically requires a "Covered Provider" to separate either the line of the abuser or the line of the survivor (and any others in the care of the survivor) no later than two business days after receiving an eligible request for line separation from a survivor.

This statutory language is narrowly tailored to the mobile phone context, defining a "Covered Provider" as a provider of either private or commercial mobile services as defined in 47 U.S.C. § 332(d). These categories are familiar to the FCC and the industry, and commercial and private mobile service providers can meet their obligations under the statute using already-established mechanisms (e.g., using conventional number porting operations to separate phone lines and establish separate contractual relationships with the survivor and abuser) without interrupting either party's use of the services.

The FCC's Order Implementing the SCA

In its November 2023 Order, the FCC issued new mobile phone service rules implementing the SCA in subpart II of Title 47, Part 64. These rules define "calls" as voice service transmissions and use the same language from the statute to define "covered provider," consistent with the SCA's incorporation of long-standing statutory terminology.

These rules establish highly specific obligations for covered providers when a survivor seeks to separate a line from a shared mobile service contract. For example, 47 C.F.R. §§ 64.6401(b) and (c) allow covered providers to "attempt to assess the authenticity of the evidence of survivor status," but prohibit them from directly contacting entities that created the evidence to confirm its authenticity or otherwise assess the veracity of survivor status evidence. 47 C.F.R. § 64.6401(a) also specifies the process for a survivor to request line separations, covering the identification of the lines to be separated, the names of the survivor and abuser, provision of affidavits (if relevant) regarding individuals in the survivor's care, and the specific types of acceptable evidence to verify survivor status. These rules also establish the procedure for submitting a line separation request, provide detailed requirements for processing the separation of lines from a shared mobile contract, and identify specific prohibitions on the requirements and limitations covered providers may place on a line separation request.

The FCC's 2024 FNPRM

In the April 2024 FNPRM, the FCC seeks comment on what type of connected car regulations or policies it could adopt under the SCA. Many of the possible regulations will raise jurisdictional issues, as well as questions about the role of the agency in overseeing or adopting policies for the connected car industry. To develop its approach to the relevant issues, the FCC makes a broad request for comments to improve its understanding of connected car services, which is currently based mainly on auto manufacturers' responses to earlier FCC information requests. More specifically, the agency seeks comment on:

• How connected car services are offered to consumers;
• The extent to which auto manufacturers are engaged in reselling mobile connectivity when providing connected car services;
• Whether connected car service is covered by the SCA and, if so, whether the statutory line separation requirements apply;
• What steps providers of connected car services can take to prevent the misuse of connected car services in domestic violence situations; and
• Covered providers' existing connected car service misuse policies.

The FCC also seeks comment on whether the agency could use "other authority" or "other steps" to prevent the misuse of connected car services if such services are not covered by the SCA or the FCC's current rules.

Next Steps

Comments are due by May 23, 2024, and replies are due by June 24, 2024. Stakeholders in the connected car industry, from wireless providers to auto manufacturers and parts suppliers, are likely to participate in the rulemaking and should continue to monitor these developments given the FCC's focus on connected car data security, the scope of its jurisdiction under the SCA, and personal privacy issues.

Among the industry-specific issues likely to be raised in comments is the overarching question of whether the statutory language of the SCA fits connected car services, and specifically whether there are practical challenges in expanding the current line separation rules protecting domestic violence survivors to cover those services. Many related questions stem from this issue. Some of the key problems include:

Contractual relationships and structure of customer accounts.

Generally speaking, in the automotive context, the contractual relationship and structure of the customer accounts make interaction with multiple parties much more limited. For example, the equivalent of a "shared mobile service contract" does not exist as connected car services and call records are not associated with individual people. Instead, connected car services and records are associated with the vehicle itself. This lack of relationship between multiple parties using a vehicle and the connected car service provider makes it challenging to engage in the same kind of "separation" of accounts in the connected car context contemplated by the SCA.

Connected car services and provision of wireless connectivity.

Not all connected car services are directly sold or enabled by auto manufacturers. Instead, in some cases, for a car owner to obtain data services such as internet access and automotive Wi-Fi hotspots, the owner must enter into a separate service agreement with the wireless carrier that uses the vehicle's embedded SIM card (necessary for the services to work). When the auto manufacturer's only role is to provide the SIM card (which it will have obtained from a mobile network operator), it would not appear that the manufacturer is providing wireless service to car owners, or, indeed, providing wireless services at all. Instead, the wireless carrier provides the service directly to the car owner. Any application of the SCA in this situation would seem to be limited to the wireless provider and not involve the car manufacturer.

Some services may not use wireless connectivity at all.

Some connected car services may not use regulated wireless connectivity to function. For example, an auto manufacturer may offer GPS-enabled location or navigation services, but those services may not require a data connection to function. One concern raised in the FNPRM (paras. 6 and 22) involves preventing an abuser from learning the vehicle's location. Even if the communication of that information from the vehicle to the location service is handled via a data connection, preventing abuser access to that data would involve imposing restrictions on the abuser's ability to access data from the web and would not seem to involve wireless services of the kind addressed by the SCA. Similarly, some short-range remote start services might use Bluetooth or other near-field communication connections that would not meet the definition of either a private or commercial mobile service, and thus, again, would appear to be outside the reach of the SCA.

+++

The DWT Mobility & Transportation Industry Group is available to advise clients on these and other emerging issues as the FCC evaluates stakeholder comments and considers its options.