Low-Income Citizens Deserve Better Digital Privacy Protection Too

When the Federal Communications Commission began its Lifeline program 35 years ago, the nation was dominated by landline telephones and had no commercial internet service. And smartphones seemed like something that appeared on the futuristic cartoon series, “The Jetsons.”

In these simpler times, there was all upside and no downside to the Lifeline program. Typically, it would provide a significant monthly discount for eligible low-income subscribers, with a limit of one discount per household. Since its inception, the Lifeline program has been available to those who are at or below 135 percent of the Federal Policy Guidelines for income, or those in federal assistance programs such as the Supplemental Nutrition Assistance Program or Medicaid. Its geographic reach is expansive, covering all states, U.S. territories and tribal lands.

The program has been extremely beneficial in providing a vital communications link to friends, family, employers and social services. In 2016, the FCC enacted a much-needed comprehensive reform and modernization of the Lifeline program. Notably, Lifeline now includes broadband internet as well as conventional voice service, whether offered via a wire or wirelessly. The Lifeline budget for the subsidy is administered federally, but the providers of Lifeline services — the telecommunications companies that customers interface with — are overseen by individual states and territories, which also provide general consumer protection for their residents.

A number of companies compete for the ability to offer Lifeline service, often providing a free or reduced-cost smartphone as part of the package. This phone has both cellular telephone and Wi-Fi capability, and comes with pre-loaded apps. It also has limits on the amount of talk, text, and data that Lifeline customers will receive under their discounted plan.

This is where the good news about such a useful government program begins to grow darker. According to Malwarebytes Labs senior malware intelligence analyst Nathan Collier, at least one such carrier — Assurance Wireless by Virgin Mobile — is offering a $35 smartphone that has press-installed apps to collect user data, create backdoors for future access, and enable auto-installers for other apps. These activities are undertaken without any customer knowledge or consent, while providing a potential for malware to be installed later on when an app update becomes available.

In short, consumer privacy is being compromised by virtue of a smartphone being offered as part of the federal Lifeline program. Only the most sophisticated technical users even will know how to remove these apps that they did not agree to have downloaded at all.

Here’s how this can be stopped: Since it is connected to the Lifeline program, the FCC could prohibit any company from offering free or reduced-cost smartphones that come with pre-installed apps. It should require that Lifeline customers be provided information about why an app would be useful, along with an opportunity to choose whether to download it or not. Additionally, carriers should be required to report to the FCC how they screen apps at the outset and in updates, including disclosure of what user information is being collected and how it is being used. Customers also should have access to this disclosure so that any consent given is informed consent.

Granted, this FCC regulation, while feasible, may take time to be enacted in light of the agency’s lengthy procedural rules. In the interim, as well as after the FCC acts, states and territories have existing consumer protection authority to pursue specific carriers that are enabling potential privacy-harming malware in apps that are provided to unsuspecting customers when they turn on their smartphones. This need for consumer protection is even more pronounced since it involves a federal subsidy program that has such a salutary purpose.

It’s bad public policy for federal dollars being used to undermine digital privacy in this way, and the practice needs no new law to be enacted by Congress in order for it to end. A well-known part of the medical Hippocratic Oath — Do No Harm — should apply to the Lifeline program, the sooner the better.


Stuart N. Brotman is a fellow at the Woodrow Wilson International Center for Scholars in Washington, D.C.; he is based in its Science and Technology Innovation Program, focusing on digital privacy policy issues.

Morning Consult welcomes op-ed submissions on policy, politics and business strategy in our coverage areas. Updated submission guidelines can be found here.

Morning Consult