A recent judgment by the US Senate has successfully proved that at the end of the day, money is what makes the world go round. A few months ago in the last leg of the Obama administration, the FCC started adopting a set of broadband privacy rules. These rules strictly prevented the practice of ISPs selling information collected on you without your permission, to interested companies. Now, let's fast forward a few months to March 2017. The bill which was supposed to take effect now has (un)surprisingly been struck down by the Senate. Well, what happened? How does this affect us and what can we do about it? Let's find out.
FCC's Broadband Privacy Order
Broadband Privacy was an order in which the FCC applied the privacy requirements of the Communications Act of 1934 to broadband internet access. As quoted in the broadband privacy order itself,
Privacy rights are fundamental because they protect important personal interests—freedom from identity theft, financial loss, or other economic harms, as well as concerns that intimate, personal details could become the grist for the mills of public embarrassment or harassment or the basis for opaque, but harmful judgments, including discrimination.
Read the complete FCC order [PDF] to gain an insight into how the ISP sees you as a commodity.
ISPs were already required to handle CPNI (Customer Proprietary Network Information) and PII (Personally Identifiable Information) as sensitive personal information. With the broadband privacy order, the FCC tried adding your browsing history to this list of sensitive information. This would have prevented ISPs selling information collected from your browsing history. However, strong ISP lobbies have always resented this decision.
It is true that the FTC has a different set of rules permitting device fingerprinting and the use of your personal information by companies. But they still regulate the way companies handle this personal information. ISPs getting a leeway in this aspect creates an anomaly which has no explanation at all.
In essence, the same company which is required to handle your PII with utmost care to comply with FTC laws can still procure the information from your ISP now. ISPs selling information collected from your browsing history is an unethical practice which can now be done covertly behind your back. Moreover, with this repeal, corporations will also be able to get around the limitations imposed on them by the FTC. This an unethical legal framework by design. There is a definite gray area here and corporations and advertisers are going to exploit it for profits. This ruling can potentially create a marketplace to buy and sell consumer identities and data.
Why Did the Senate Overturn This FCC Order?
There has to be a good reason to support the repeal of a sensible bill like this and true enough, there is a reason. The way South Dakota senator John Thune puts it,
The FCC unfairly distorted the marketplace when it imposed unnecessarily onerous privacy restrictions on broadband providers while leaving the rest of the Internet under the strong and successful regime of the FTC.
Watch the entire C-SPAN recording of this session.
But is this reason good enough? The current Republican regime blames the FCC for creating uncertainty and creating rules significantly different from those of FTC. Thune has also hinted at increasing the role, power and space of the FTC over that of the FCC in the coming days. What he chooses to ignore, is that using Internet services is a matter of choice. however, the choice is not that easy with selecting a broadband Internet service provider.
In addition to the unconvincing reasoning above, there is some financial motivation at play here too. ISPs have spent over $1,726,288 in donations to 22 senators who are voting to push this anti-privacy bill.
What Are the Risks of This Repeal?
ISPs have access to all of your personal information including your financial data, buying habits, online communications, and health information. All of this will now be available for sale legally.
ISPs selling information will no longer require your consent before handing it over to third parties and online behavior tracking services. This promotes dishonest and unethical business practices.
With no regulation on who can buy your personal information, and with a low regard for privacy, ISPs will sell your data to anyone who can pay. This creates a Government-approved path to identity theft.
This repeal is clearly in the best interests of businesses that exploit customer information and take away the power, the will, and the choice for consumers to take informed decisions.
How to Prevent ISPs Selling Information About You?
At Tom's VPN, we are fierce advocates of online privacy. We believe that your personal information is your own, should never be abused in any way, and is definitely not for sale. But sadly, we do not make laws. However, we can, and we will make an attempt to help you take control of your data.
When you connect to your ISP to use the Internet, your ISP sees your entire traffic. It knows the websites you visit, the data you enter, and the products you buy online. This is valuable information and can profile you to the extent of predicting or affecting your next choices. So, is there a way out? There is.
Use a VPN, preferably one based in a country outside the US. A VPN tunnels you out of your ISP's network. Besides, it also secures your traffic with strong encryption. Even if your ISP sniffs and tries reading data from your Internet connection, a VPN will prevent it from landing upon anything of value. Your ISP will only see a stream of encrypted traffic going to a VPN server. This will let you take back the control of your personal information which is rightfully yours and should never be exploited for profit. We spend weeks testing and researching every VPN service that we choose to review. This lets us ensure that what you read in our review matches your expectations and your experience any VPN service that we suggest. Head over to our detailed VPN reviews and tests to know more.
We are not saying that VPNs are perfect, and they anonymize you completely. However, this theft of your personal data by ISPs is the one problem that VPNs can solve by design.
What's Next in Broadband Privacy?
A bigger looming danger with this bill is the way the Senate used the Congressional Review Act. The Senate is stripping the FCC of its powers. It is not allowed to draft privacy orders anymore that involve your browsing history.
Update: This bill has now passed the House too. The only last remaining stop is the President's signature.
The bill is still under review and is yet to pass the House. The President too can use veto powers to stop it from becoming law, but let's not hope against hope. It is time for you to start acting like a responsible citizen of the world and take control of your private information. You are not a commodity, and your personal information is not for sale. ISPs selling information that can fingerprint you on a behavioral level destroys years of progress made towards privacy and anonymity. There is no better way to mitigate this risk than to anonymize yourself with VPNs.