AT&T and Comcast hit the Motherlode with Internet Privacy Repeal

April 06, 2017 / in Blog, General / by Zafar Khan, RPost CEO

This week, the President approved a measure that removes internet privacy restrictions for Internet Service Providers (ISPs) who connect millions of consumers and businesses to the Internet through wireline and wireless connections. Privacy advocates and late-night talk show hosts have voiced their outrage over this “internet privacy repeal”. But what is actually at stake?

What do ISPs know about their users?

ISPs like AT&T, Comcast and Verizon, have access to customer browsing history from computers and any mobile devices connected via the Internet. They have access to more data in one place than any web services firm. ISPs can track the websites that you visit and use algorithms to identify patterns of behavior. For example, an ISP can determine your political leaning if you visit democratic candidate websites. If you are visiting physician profiles, cancer support groups, and pharmaceutical websites, it’s going to be pretty clear that you or a family member is suffering from a certain type of cancer. ISPs can also track your app usage, location, credit card and social security numbers.

Under the prior law (which had not yet been implemented), the FTC would have been able to prevent ISPs from selling consumer usage data without user permission.  Isn’t this the same data that powerful web services firms like Google and Facebook have been selling to advertisers in the form of targeted ads based on customer usage partners? Yes, but there’s a key difference.

The freedom of choice

While you can choose not to use Google or Facebook when you go online, it’s almost impossible not to use an ISP to connect to the Internet. And ISPs have access to “the motherlode” – all of your browsing history and not just the sites that you access from Google or Facebook. So ISPs wield more power in the form of better, more comprehensive behavioral data.

Many ISPs have insisted that they have no plans to sell customer usage data. And most have privacy guidelines in place that prevent them from selling certain customer data. But if they have access to this information, then so do hackers. ISPs have less incentive to protect your information since the FCC halted a data security rule requiring ISPs to take “reasonable” steps to protect customers’ information.

What if you are considering a divorce? You may not have mentioned this to anyone, even your closest friends. But AT&T might already know your plans. If a hacker comes across this data, it could be used for blackmail.

What to do — what’s next

There are ways to mask your browsing history including paying to use a Virtual Private Network (VPN) or using a browser like Tor, which promises anonymity by routing your web traffic through different Tor servers using encryption, so it can’t be traced back to you. (Consider carefully before using this option.) You can also encrypt your email messages to protect your email contents from ISPs.

The Internet Privacy rules were repealed because powerful ISPs did not want to be held to a different standard than web services firms like Google and Facebook, who have enjoyed enormous profits from targeted advertising. And now ISPs may have the same opportunity. The big question is what will consumers do next, now that they are squarely in the crosshairs of ISPs looking for their next big revenue opportunity.