Congress Just Voted to Allow ISPs to Sell Your Web Search History
The US Senate today voted 50-48 to repeal broadband privacy rules that required Internet service providers to give consumer consent before selling their web browsing data to advertisers or other data companies.
Update: As expected, the House of Representatives also voted in favor, which means it will now be on the president’s table.
Regulations passed last October regulate the collection and sale of personal data by providers such as Verizon, Comcast or AT&T. Those rules would require ISPs to request permission before selling your usage data, such as your web browsing history and location, as well as financial, health, app usage, and more. The Senate just voted against it.
Basically, your ISP will need your approval before it can tell advertisers what websites you like, what apps you use, where you are, or what medical and financial information it has about you. These defenses did not exist yet; the privacy protection rules will come into force on December 4, 2017.
The Senate today used the Congressional Review Act to repeal the rules and ensure that the FCC cannot pass similar rules in the future. Senator Jeff Flake (RR from Arizona) introduced the rollover measure, arguing that :
The FCC midnight ruling does nothing to protect consumer privacy. This is unnecessary, confusing, and adds another disincentive to innovation on the Internet … My solution is the first step in rebuilding the FTC’s lightweight and consumer-friendly approach. This will not change or weaken existing consumer privacy protections. This enables consumers to make informed choices about whether and how their data can be transferred.
The “confusion” stems from the fact that ISPs will adhere to different privacy standards than websites like Facebook or Google, which can collect and collect all kinds of data about your browsing habits . The difference, of course, is that you need an ISP to access the Internet, while we can all opt out of using Facebook or Google. It is not so difficult.
On the Democratic side, Senator Ed Markey (a Democrat from Massachusetts) is one of the more vehement opponents of the measure. Stamps released a statement today :
President Trump may be outraged by fake violations of his privacy, but every American should be alarmed by a very real breach of privacy that would lead to Republicans abandoning broadband privacy protections.
With today’s vote, Senate Republicans made it easy to use, distribute, and sell Americans’ confidential information about their health, finances, and families without their permission. The American public wants us to strengthen privacy protections, not weaken them. We must not give up our fundamental right to privacy just because our homes and phones are connected to the Internet.
The measure still has to go through the Republican-controlled House of Representatives before it travels to President Trump.
Let’s go back in time a bit to better understand why this is important.
Back in 2015, the FCC reclassified Internet service providers as information providers , putting the oversight on the FCC. This was important because it meant that any rules about how ISPs operate, including what they do with personal data, now fall under the purview of the FCC, which has historically well protected our privacy when it comes to phone companies. Fast forward to October 2016, and today the FCC adopted said rules under the leadership of previous FCC Chairman Tom Wheeler . These rules won’t take effect until 2017, so the Senate decided to step in using the Congressional Revision Act, which allows Congress to overturn agency rules by a simple majority.
Internet service providers collect data about you and sell it for a very long time, although most of them claim that they anonymize this data and do not include individual IP addresses. ISPs have long been interested in metadata, which boils down to aggregated information about your habits, because it’s easier to share with outside companies without violating applicable consumer privacy laws.
These laws have been confusing, opaque, or absent for a while, but in the past few years we have finally begun to see some form of regulation. If passed by the House of Representatives, it won’t override the FTC’s standard consumer privacy protections , but it does get confusing. Ars Technica notes that ISPs say they will support the FTC’s approach that “protects consumers from malicious data collection practices while providing the flexibility needed for the Internet to flourish,” but the problem is that the FTC cannot regulate ISPs. it’s the FCC’s job. This means Congress will need to find a way to take control from the FCC and turn it over to the FTC.
See, they told you it was confusing. More confusing than the difference between Google and Comcast, anyway.
If you’re wondering what a modern ISP can collect and share, here ‘s an example of the Xfinity Privacy Policy . Keep in mind that Comcast owns Xfinity, a company that praised AT&T last year and offered a cheaper level of internet service to anyone who chooses to collect data.
It is widely believed that after the Federal Communications Commission (FCC) took a course to protect consumers, most ISPs have withdrawn their tracking in preparation for these new rules.
The Senate has now voted to overturn any potential rules, and if the move is passed by the House of Representatives, ISPs will be able to collect everything about you and sell it to data brokers for whatever they want without your consent.
So what does all of this really mean for us normal people who use the Internet to look at adorable photographs of bears and buy new shoes?
In simple terms, this means that the ISP has the potential to collect and sell a personal profile on you. It’s all about making money from advertising.
Think about where you were on the Internet in the last day right now. Check your browser history for more details. Who is this person who was looking for Waluigi’s poems one second , and the next – hockey skates. Think how much your ISP knows about you based on all of this. This is a gold mine of data.
Your ISP knows when you wake up and go online. He knows what strange ailments you might find at one in the morning. He knows where you shop. He may also know what you are listening to, where you are listening to it, and how many times you have playedSpace on repeat. He probably knows your sexual preferences, your fetishes, and your deepest concerns. He knows your political views, the protests you participated in, and the books you were looking for.
The more data an ISP has, the better it builds your profile, which it can then sell for more money to data brokers who take that information and pass it on to advertisers.
Aside from the general bulkiness of the ISP, you are already paying an exorbitant fee just for Internet access to roll out and make more money for you without your consent, if history suggests that all this data will be hacked and released at some point. … Even if you have “nothing to hide,” there are some awkward searches in your history.
Beyond advertising, the Electronic Frontier Foundation points out a number of worst-case scenarios an ISP could do without regulation, including tracking traffic and injecting ads, pre-installing software on your phone, embedding cookies to better track your data, or capturing search results. and redirecting them.
However, you have several options. The easiest way to get around all of this is to use a virtual private network (VPN). The next problem is that VPNs are also completely unregulated, and choosing one that doesn’t sell your data is a complex mess . Most of us have more choices for a VPN provider than an ISP, but it’s still a gamble when you assume the company is as legitimate as they claim.
That said, it still has to go through the House of Representatives, and while it appears to go through, nothing has been set in stone yet.