The last six weeks has not filled anyone concerned with internet privacy anything approaching a sense of comfort. In a move that has been widely criticised, the Trump-controlled congress in the United States has rolled back the broadband “privacy” regulations passed by the Federal Communications Commission (FCC) passed only last year. Repealing the FCC privacy rules that were specifically designed to prevent Internet Service Providers (ISPs) from gathering and selling users’ Internet browsing history, is a potential death knell for individual online rights to privacy.
There is increasing concern that the Trump political machine – and Republicans at large are now being targeted by an increasingly influential telecom industry. In fact, the two Republican sponsors (Sen. Jeff Flake, R-Ariz., and Rep. Marsha Blackburn, R-Tenn.) of the new legislation received significant amounts of cash in the form of campaign donations from key players in the Telecom industry such as Verizon.
Of course, these telecoms giants have a very good reason to celebrate the repeal of the privacy protection provided by the FCC privacy rules. Without privacy protection for their customers, ISPs have smoothed the way to monetising the masses of data they gather on Internet users surfing habits – data which marketers would find almost invaluable.
FCC privacy rules – The ISP position
ISPs have tried to spin the repeal as a positive for Internet users – although the logic seems a bit murky. In a nutshell, the ISPs claim that the latest blow against privacy will actually enhance the Internet users’ experience by allowing targeted marketing focused on their individual preferences as indicated by their surfing habits. The lobbying group NCTA – The Internet & Television Association, which represents giants like Verizon, AT&T and Comcast was instrumental in the push to roll back the FCC privacy rules and was also quick to defend the action.
In a statement released after the repeal, the NCTA responded to enquiries on their support of the move:
“We appreciate today’s Senate action to repeal unwarranted FCC rules that deny consumers consistent privacy protection online and violate competitive neutrality. … Our industry remains committed to offering services that protect the privacy and security of the personal information of our customers. We support this step towards reversing the FCC’s misguided approach and look forward to restoring a consistent approach to online privacy protection that consumers want and deserve.”
This is both disingenuous and puzzling. Why would repealing protection of privacy allow for ‘consistent privacy protection?’ One of the reasons that was put forward by the NCTA was that it was in response to consumer demand.
In a follow-up statement the NCTA maintained that “Consumers expect to learn about new products and services through marketing or advertising based on non-sensitive data.”
However, user browser history, which would now be for sale to the highest bidder is actually classified by the FCC as “sensitive,” not “non-sensitive” information.
In an attempt to clarify their stance, the NCTA claimed that ISPs ‘have never challenged the recognised categories of sensitive data (health, financial, children’s information, precise geo-location, etc). That information has not and will not be used.’
The devil, as they say is in the details – and this is where the difference between what is seen as ‘sensitive’ and ‘not sensitive’ data. The new FCC privacy rules would require that ISPs obtain specific consent from clients prior to sharing any data deemed ‘sensitive’ with marketers and advertisers. At least this is what the FCC is pushing.
However – even this sort of safeguard seems to be on the verge of falling by the wayside under the continued pressure from ISPs and their powerful lobbyists – and even if the distinction between ‘sensitive’ data and other information is maintained (which seems unlikely) ISPs would still not be required to obtain that ‘problematic’ (at least for them) opt in consent for the use of information such as the clients’ email address.