Friday, March 24th 2017
Invading Subscriber Privacy - Senate Says ISPs Can Now Sell Your Data
The US Senate on Thursday passed a joint resolution to eliminate broadband privacy rules that would have required ISPs to get consumers' explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies. This win was pulled by a hair - 48 Nay against 50 Yea - and went entirely through party lines, with Republicans voting Yea, and the Democrats voting Nay. The effects won't be immediate, mind you - the measure will have to pass the House and then be signed by President Donald Trump before it can become law.
The FCC's privacy rules that are now put in peril would require ISPs to get opt-in consent from consumers before selling or sharing personal information. This includes geo-location data, financial and health information, children's information, Social Security numbers, Web browsing history, app usage history, and the content of communications - things we can all agree give almost unthinkable leeway in understanding your daily habits. Opt-out requirements, on the other hand, would have applied to less sensitive data such as e-mail addresses and service tier information, much less important in the scheme of things.
These opt-in and opt-out provisions were to take effect as early as December 4, 2017. The rules would also force ISPs to clearly notify customers about the types of information they collected, specifying how they use and share the information, and identifying the types of entities they'd share the information with.
The FCC's privacy rules also had a data security component that would have required ISPs to take "reasonable" steps to protect customers' information from theft and data breaches. This was supposed to take effect on March 2, but the FCC's Republican majority halted the rule's implementation. Another set of requirements related to data breach notifications is scheduled to take effect on June 2.
As was to be expected, party lines didn't fracture only on the Senate floor, with comments and positions regarding the voting separating cleanly in all other areas.
Ajit Pai, the new chairman of the newly Republican-led FCC, welcomed the Senate vote, telling reporters that his own core goal was "to make sure that uniform expectation of privacy is vindicated through the use of a regulatory framework that establishes a more level playing field."
Senator Bill Nelson, on the other hand, said during Senate floor debate that "Your home broadband provider can know when you wake up each day-either by knowing the time each morning that you log on to the Internet to check the weather/news of the morning, or through a connected device in your home (...) and that provider may know immediately if you are not feeling well - assuming you decide to peruse the Internet like most of us to get a quick check on your symptoms. In fact, your broadband provider may know more about your health - and your reaction to illness - than you are willing to share with your doctor."
Home Internet providers can also "build a profile about your listening and viewing habits." Mobile broadband providers, on the other hand, "know how you move about your day through information about your geo-location and Internet activity through your mobile device," Senator Bill Nelson said.
"This is a gold mine of data-the holy grail so to speak," Nelson said. "It is no wonder that broadband providers want to be able to sell this information to the highest bidder without consumers' knowledge or consent. And they want to collect and use this information without providing transparency or being held accountable."
This measure also ties the FCC's hands in advancing "substantially similar" rules in the future. Kate Tummarello, a policy analyst for the nonprofit Electronic Frontier Foundation (EFF), pits this as a "crushing loss for online privacy."
"ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online," Tummarello said. "They shouldn't be able to profit off of the information about what you search for, read about, purchase and more without your consent."
What is your opinion on this matter? is this the way you envision your connected life?
Sources:
NBC News, Ars Technica, Senate.gov
These opt-in and opt-out provisions were to take effect as early as December 4, 2017. The rules would also force ISPs to clearly notify customers about the types of information they collected, specifying how they use and share the information, and identifying the types of entities they'd share the information with.
The FCC's privacy rules also had a data security component that would have required ISPs to take "reasonable" steps to protect customers' information from theft and data breaches. This was supposed to take effect on March 2, but the FCC's Republican majority halted the rule's implementation. Another set of requirements related to data breach notifications is scheduled to take effect on June 2.
As was to be expected, party lines didn't fracture only on the Senate floor, with comments and positions regarding the voting separating cleanly in all other areas.
Ajit Pai, the new chairman of the newly Republican-led FCC, welcomed the Senate vote, telling reporters that his own core goal was "to make sure that uniform expectation of privacy is vindicated through the use of a regulatory framework that establishes a more level playing field."
Senator Bill Nelson, on the other hand, said during Senate floor debate that "Your home broadband provider can know when you wake up each day-either by knowing the time each morning that you log on to the Internet to check the weather/news of the morning, or through a connected device in your home (...) and that provider may know immediately if you are not feeling well - assuming you decide to peruse the Internet like most of us to get a quick check on your symptoms. In fact, your broadband provider may know more about your health - and your reaction to illness - than you are willing to share with your doctor."
Home Internet providers can also "build a profile about your listening and viewing habits." Mobile broadband providers, on the other hand, "know how you move about your day through information about your geo-location and Internet activity through your mobile device," Senator Bill Nelson said.
"This is a gold mine of data-the holy grail so to speak," Nelson said. "It is no wonder that broadband providers want to be able to sell this information to the highest bidder without consumers' knowledge or consent. And they want to collect and use this information without providing transparency or being held accountable."
This measure also ties the FCC's hands in advancing "substantially similar" rules in the future. Kate Tummarello, a policy analyst for the nonprofit Electronic Frontier Foundation (EFF), pits this as a "crushing loss for online privacy."
"ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online," Tummarello said. "They shouldn't be able to profit off of the information about what you search for, read about, purchase and more without your consent."
What is your opinion on this matter? is this the way you envision your connected life?
109 Comments on Invading Subscriber Privacy - Senate Says ISPs Can Now Sell Your Data
This means if your ISP sells your data to a fishy third party and that third party is hacked? Your data is compromised and you cannot sue anyone so your left cleaning up the mess which can get very very expensive. Its basically a law thats a continuation of the running theme that Human beings are essentially a product to be sold. Like mining or folding @ home. ISPs can data mine your net history and sell you as a commodity. The difference is Google or Bing are limited by what you search for to an extent. ISPs know everything. Considering how shitty US ISPs are. lol its gonna be fun. Now this issue has been around awhile its just now ppl are realizing whats going on. Its just in the USA we now have an environment where you pretty much can't protect your privacy period unless going back to the dark ages. Which is todays world is no nearly impossible for most people :roll:
That said it doesnt really matter. If you are in the USA every phone call / email / text goes through the government in some way shape or form. The data is collected by Google / Facebook etc or your unwittingly spied on via webcam / smart TV etc. So in reality who cares. Everyones already snooping on everything you do. Now ISPs can too. Do i personally like that nope but im not giving up net access etc just to avoid the problem.
I feel such is the case here.
Do you honestly think I agree with such a notion that my personal data is to be manipulated as they please? Hell, no. But is it the end of the world? This perv thinks not.
This perfectly explains the current POTUS' musings :laugh:
FYI he's not even from America, so he has far less right to talk about this.
oh the irony ! you could use some freedom, tho
*takes a shot*
Someone derailed the discussion
*takes four shots *
Looks at the state of American politics and polite discussion of same
*finishes the bottle and takes a shot to the head*
And you being Canadian, you should actually be worried even more. Canada has some really scary stuff going on with privacy and censorship. All the crazy feminism thing, people getting sued for wrongthink, banning "islamophobia"...
The fact politicians got the idea of "Hey guys, lets give ISP's power to sell data of our citizens" is insult to intelligence and freedom of their people. It's clear that everyone involved are getting paid really well for it.
And yes, one thing is ISP level and another application level. If one doesn't trust Windows 10 privacy, you still have Linux. Who's going to move to another continent because of internet situation in USA? It's a bit different isn't it? And there is also a trust an control thing. For example, avast! Antivirus collects data as well within it's scope of operation (it's how antivirus clouds work and are efficient, no way around it). Again, first fact is I have option not to use it in the first place. Then they give me control where I can disable things if I feel like it. I lose some capability, but I keep my privacy. And lastly, the trust thing. I've personally talked with them and they aggregate all data, making it personally unidentifiable. They have that in their privacy statement and they are obliged to follow it by law. And lastly, I can opt out of them sharing the data with 3rd party. They are very transparent with the stuff. Who controls how ISP's collects and sells data? Any control or privacy rules they have to follow? I don't think there is any. They can just sell data. En mass now.
How happy would you be if one day EVERYTHING you've ever browsed surfaces in a 3rd party company data leak? That's usually the primary concern. Even if ISP handles personal data with care, selling it to some careless 3rd party can cause a massive nation wide disaster.
Can you imagine a day when you'll have to explain the client that you can't send the work you have done for him over the internet, because your ISP will immediately claim it as theirs and sue you for copyright infringement.
Which means VPN business might start flourishing in USA...
What you've said is true in all countries: both poor and rich. A state health system is always overloaded, because that's the idea by definition.
I.e. the queues are full of elderly people who enlist for popular treatments simply because... most elderly people have medical issues. Some will not pass medical checks before a surgery, some will have their diagnose changed, some will have more important things to do and some will - obviously - die.
This is well visible with eye and orthopedic medical issues - that's why they're usually used as benchmarks for health system efficiency.
Based on what I've found on this page, the situation in Canada is actually fantastic. You clearly don't know how bad this can be in other countries. :p
According to this data 83% of Canadians get a hip replacement in half a year. Shock.
www.cbc.ca/news/canada/calgary/alberta-cataract-wait-time-cihi-report-1.3514209
In Poland the waiting time for hip endoprosthesis is over 3 years...