7 min

ISPs can sell users' web browsing history

http://toledotalk.com/cgi-bin/tt.pl/article/210675/28Mar2017/Internet_privacy

Kaptur voted NO.

Latta voted YES.

http://www.whitehouse.gov/the-press-office/2017/03/28/statement-administration-policy-sjres-34-%E2%80%93-disapproving-federal

Mar 28, 2017 - House passes resolution that lets ISPs sell customers' browsing history without user permission; measure will go to President Trump for signature

As most had expected, the House of Representatives today voted 215 to 205 to kill privacy rules protecting US broadband subscribers. If you're interested in a little thing called public accountability, you can find a vote down of which Representatives voted for the measure here.
The rules, approved by the FCC last fall, were slated to take effect this month.

But thanks to relentless lobbying by the broadband and marketing industries, the GOP quickly rushed to dismantle the rules at ISP request.

Today's vote came after the Senate voted 50-48 last week to [kill] the rules. The vote to dismantle the rules is seen as one of the more brazen examples of pay-to-play politics in recent memory. It's a massive win for giant ISPs; especially those like AT&T and Verizon that are pushing hard into the Millennial advertising business.

The FCC pursued broadband privacy rules after companies like Verizon got caught covertly modifying packets to track users around the internet, and companies like AT&T and Comcast began exploring forcing users to pay more for privacy. Other ISPs, like CableOne, have crowed about using financial data to provide poor customers with even worse customer service.

https://www.axios.com/house-votes-to-roll-back-privacy-protections-for-internet-c-2333770227.html

The House voted 215-to-205 Tuesday night to overturn Obama-era regulations that require internet providers like Verizon, Comcast and AT&T to get a user's permission before sharing their browsing history and other data with advertisers. It also prohibits the FCC from creating similar regulations in the future.
... this likely clears the way for ISPs to go full speed ahead in taking on Facebook and Google for digital ad dollars.

https://www.washingtonpost.com/news/the-switch/wp/2017/03/28/the-house-just-voted-to-wipe-out-the-fccs-landmark-internet-privacy-protections

Hacker News thread

Here's an idiotic comment from the HN thread:

This, right here, is the consequence of the withdrawal from politics many geeks advocated very strongly in an earlier time. "Everything is corrupt, it doesn't matter"... turns out to only be a viable philosophy when things mostly work well enough.

What a shitbird. Blaming citizens who don't vote is absurd.

I could argue that people who use Facebook and Google products already don't give a damn about privacy.

Here's a a sensible-sounding comment from the HN thread:

Before getting all spun up, I'd dig a little deeper on the issue than what the WaPo does in this piece.
These regulations were only voted on late in 2016 and never went into effect. To do the regulations, the FCC reclassified the internet as basically ye olde telephone system, which then made it subject to their purview based on laws created in the 1930s. This is classic overreach. Congress never gave this authority to the FCC and is acting to put them back in line with the law.

It's pathetic the the WaPo used their platform to create more heat than light on this, by selective quoting. Here's a more full quote from Rep Blackburn that explains her position more fully.

“The FCC already has the ability to oversee privacy with broadband providers,” Blackburn explained. “That is done primarily through Section 222 of the Communications Act, and additional authority is granted through Sections 201 and 202. Now, what they did was to go outside of their bounds and expand that. They did a swipe at the jurisdiction of the Federal Trade Commission, the FTC. They have traditionally been our nation’s primary privacy regulator, and they have done a very good job of it.”

The lesson here really is that if the issue is really important, then get an actual law passed instead of trying to contort regulatory authority based on laws from the 1930s. The previous president could certainly have done this, but chose not to.

Another level-headed HN comment:

Something that is not mentioned in the [WaPo] article is that the FCC regulations in question were passed in October 2016 and have never gone in to effect. So, to be strictly accurate, the vote does not roll back any regulations which actually ever affected the internet.

https://www.eff.org/deeplinks/2017/03/congress-sides-cable-and-telephone-industry

http://mediagazer.com/170328/p18#a170328p18

http://twitter.com/fmanjoo/status/846855626412089345

re Goog/FB: we trade our privacy for free service. there's competition in these services. But we already pay ISPs, and they're monopolies.

That person's argument is that we voluntarily use Facebook and Google, and acceptable for those services to violate our privacy because those services are free, whereas many areas in the U.S. have almost no option for home internet service.

We have used Toast.net since the late 1990s, almost 20 years. It's a Toledo ISP that serves the area.

Buckeye is probably the main internet provider. It's a division of Block Communications, which also owns the Toledo Blade. Buckeye is the main provider of cable TV too for this area.

But other internet and cable TV options exist, depending upon what neighboring county residents reside. Still, Buckeye dominates.

Now it's not like we MUST have internet access at home. It's still a luxury. It's helpful for working from home, but we could go into the office or work somewhere that offers WiFi.

We could still live without home internet access. The ISPs do not have a monopoly over me.

The reason why the masses won't care about this latest vote by the House is because of what the person tweeted above, and he's missing his own point.

"... we trade our privacy for free service."

People are comfortable with surrendering privacy for something that's free. That flippant mindset regarding privacy leads to carelessness about privacy when it's a service that we fund.

What about Amazon Prime? We pay for that for shopping and watching TV over the Roku. Do we know for sure that Amazon is NOT using our shopping and TV viewing preferences for other means?

What about subscribing to digital and print publications? We pay for those services. Do those companies respect our privacy?

Only a tiny percentage of the U.S. population will be upset if Verizon or Buckeye use our web browsing history for advertising. We are bombarded with ads dozens or hundreds of times every day. I don't think that people will care about a little more targeted advertising.

http://nymag.com/selectall/2017/03/why-congress-is-dismantling-the-fccs-internet-privacy-rules.html

ISPs would like to do what Google and Facebook, not covered by the new FCC rules, are already doing: sell anonymized profiles based on data those companies gather to third parties for ad targeting.

And it has been claimed in the past that Facebook builds profiles of users who do not have Facebook accounts. When users visit websites that contain Facebook code, worthwhile web user info is phoned home. The profiles would not have names, but it's the patterns that interest Facebook and advertisers.

https://asininetech.com/2017/03/28/vpns-are-not-the-solution-to-a-policy-problem/

https://news.ycombinator.com/item?id=13982447 --- important thread to study

... warning people away from VPN's probably isn't going to help. Chances are that some form of VPN connection will become part of the standard solution (along with HTTPS/encrypted comms everywhere) now that the reality of ISPs and users not sharing privacy interests is here and many are aware of it.

hn comment:

A heads up: theres a really nice project called Streisand¹ which provides a multi-protocol VPN with very little effort. You can launch one on a cheap cloud provider (like DO, if their policy allows).
¹ https://github.com/jlund/streisand

hn:

I've used streisand on DO (while traveling in China) and it worked well. There's also a similar project called algo¹ which provides a single protocol with maximum security, in contrast to streisand's multi-protocol flexibility (and increased surface area).
https://github.com/trailofbits/algo

hn:

I'll just leave this here: https://github.com/trailofbits/algo/blob/master/README.md
I used a droplet on DigitalOcean to configure an Algo server. Very seamless setup, highly recommend. There's a $10 promo floating around: DROPLET10. You can self host too.

From JR's : articles
1287 words - 8707 chars - 7 min read
created on Mar 28, 2017 at 07:38:24 pm
updated on Mar 29, 2017 at 09:25:33 am - #
source - versions