Five things to know about the ISP privacy decision in the Senate

Posted Mar 24, 2017 by Jack Derricourt
Earlier this week, Senate Republicans struck down Obama-era regulations against Internet Service Providers (ISPs) selling customer information. This has big implications for U.S. Internet users.
The Senate s side of the Capitol Building in DC.
The Senate's side of the Capitol Building in DC.
Wikimedia- scrumshus
Every Republican senator voted to kill the privacy rules, while every Democrat opposed the vote. The original privacy rules would have required ISPs to obtain explicit consent from their subscribers before they could share ‘sensitive’ customer information with advertisers. Republicans relied on the seldom-enacted Congressional Review Act to bring about the resolution — a rare rule that has only ever been used once before 2017, but is likely to be seen more often as Republicans work to strike down regulations put in place by the Obama administration.
Now that the rules on sensitive information have been all but struck down, there are some important things you should know.
Google and Facebook are already selling their data about you — but your ISP knows so much more about you
Under the new rules, big ISPs like Sprint, Verizon, Comcast and AT&T will be able to make money off you twice — charging you for your Internet, and then selling your private information to ad companies. Consumer advocacy groups see this as very different from the kinds of services being offered by Google and Facebook, who offer free services in return for the money they make off ad data. The kind of information that ISPs can determine about their customers includes not only Internet browsing info, but what time you get up in the morning (when you log on regularly to the Internet), what your health is like (determined by any kind of search for medical care or online symptoms information) or even what you regularly listen to and watch. That’s a lot of data.
Hot and cold aisles in a data center
Hot and cold aisles in a data center
Back before the FCC started rolling out their rules for ‘sensitive’ consumer data and ISPs, AT&T started charging a $29 extra fee to customers who wanted to avoid having their private data mined for ad content. We could see similar ‘pay for privacy’ plans rolling out from other service providers in the near future.
The more things change, the more they stay the same
The Obama-era privacy rules would have taken effect December 2017, so in one sense nothing has changed; but Democrats and consumer advocates worry that ISPs will now open up the floodgates on selling their users’ data to advertisers. By killing off the Obama-era rule, Capitol Hill would be handing legal certainty over to ISPs, letting them know they could legitimately go ahead with information sharing practices they had been kept on the fence about until now.
Encryption is your best friend
You’re forced at this point to fight the uphill battle of opting out. It can be a gruelling process. And while Republicans often tout the prospect of customers just switching service providers when they’re unhappy with the opt out experience or the ISP’s behaviour in general, often the service is unilaterally expensive and discouraging.
Investors are pumping millions of dollars into encryption as unease about data security drives a ris...
Investors are pumping millions of dollars into encryption as unease about data security drives a rising need for ways to keep unwanted eyes away from personal and corporate information
Thomas Samson, AFP/File
Using a virtual private network (VPN) remains one of the smartest choices if you want to hide your browsing history from an ISP that’s collecting it up and selling it to the highest bidder. While it’s true that there’s no way to know if the VPN provider is keeping a log of your browsing history or not, it may be preferable to having your service provider blatantly digging through your Internet usage data. The Tor Project and HTTPS Everywhere also offer more options for making sure your browsing is more secure.
ISPs can now self-regulate… which sounds like a great idea to ISPs
The major players in this situation want fewer regulations on ISPs. In order to convince the public that they won’t immediately start using customer data for ad profit in any nefarious ways, the major ISP lobbies signed a non-binding agreement in January of 2017, promising to embrace “a set of core privacy principles”. Those principles are Transparency, Consumer Choice, Data Security and Data Breach Notifications. Essentially, the ISPs promise to work within the set of rules they’d like to see provided to them by the historically fangless FTC, rather than the more modern and consumer-proactive FCC.
There’s still a chance that the privacy rules could be saved
Like all good things American and legislative, now that the resolution to eliminate the privacy rules has been voted on by the Senate, it has to be ratified by the House to make it official. Consumer advocates and Democrats are rallying support in an effort to stop the rules from being nullified.