Friday, March 24th 2017
Invading Subscriber Privacy - Senate Says ISPs Can Now Sell Your Data
The US Senate on Thursday passed a joint resolution to eliminate broadband privacy rules that would have required ISPs to get consumers' explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies. This win was pulled by a hair - 48 Nay against 50 Yea - and went entirely through party lines, with Republicans voting Yea, and the Democrats voting Nay. The effects won't be immediate, mind you - the measure will have to pass the House and then be signed by President Donald Trump before it can become law.
The FCC's privacy rules that are now put in peril would require ISPs to get opt-in consent from consumers before selling or sharing personal information. This includes geo-location data, financial and health information, children's information, Social Security numbers, Web browsing history, app usage history, and the content of communications - things we can all agree give almost unthinkable leeway in understanding your daily habits. Opt-out requirements, on the other hand, would have applied to less sensitive data such as e-mail addresses and service tier information, much less important in the scheme of things.
These opt-in and opt-out provisions were to take effect as early as December 4, 2017. The rules would also force ISPs to clearly notify customers about the types of information they collected, specifying how they use and share the information, and identifying the types of entities they'd share the information with.
The FCC's privacy rules also had a data security component that would have required ISPs to take "reasonable" steps to protect customers' information from theft and data breaches. This was supposed to take effect on March 2, but the FCC's Republican majority halted the rule's implementation. Another set of requirements related to data breach notifications is scheduled to take effect on June 2.
As was to be expected, party lines didn't fracture only on the Senate floor, with comments and positions regarding the voting separating cleanly in all other areas.
Ajit Pai, the new chairman of the newly Republican-led FCC, welcomed the Senate vote, telling reporters that his own core goal was "to make sure that uniform expectation of privacy is vindicated through the use of a regulatory framework that establishes a more level playing field."
Senator Bill Nelson, on the other hand, said during Senate floor debate that "Your home broadband provider can know when you wake up each day-either by knowing the time each morning that you log on to the Internet to check the weather/news of the morning, or through a connected device in your home (...) and that provider may know immediately if you are not feeling well - assuming you decide to peruse the Internet like most of us to get a quick check on your symptoms. In fact, your broadband provider may know more about your health - and your reaction to illness - than you are willing to share with your doctor."
Home Internet providers can also "build a profile about your listening and viewing habits." Mobile broadband providers, on the other hand, "know how you move about your day through information about your geo-location and Internet activity through your mobile device," Senator Bill Nelson said.
"This is a gold mine of data-the holy grail so to speak," Nelson said. "It is no wonder that broadband providers want to be able to sell this information to the highest bidder without consumers' knowledge or consent. And they want to collect and use this information without providing transparency or being held accountable."
This measure also ties the FCC's hands in advancing "substantially similar" rules in the future. Kate Tummarello, a policy analyst for the nonprofit Electronic Frontier Foundation (EFF), pits this as a "crushing loss for online privacy."
"ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online," Tummarello said. "They shouldn't be able to profit off of the information about what you search for, read about, purchase and more without your consent."
What is your opinion on this matter? is this the way you envision your connected life?
Sources:
NBC News, Ars Technica, Senate.gov
These opt-in and opt-out provisions were to take effect as early as December 4, 2017. The rules would also force ISPs to clearly notify customers about the types of information they collected, specifying how they use and share the information, and identifying the types of entities they'd share the information with.
The FCC's privacy rules also had a data security component that would have required ISPs to take "reasonable" steps to protect customers' information from theft and data breaches. This was supposed to take effect on March 2, but the FCC's Republican majority halted the rule's implementation. Another set of requirements related to data breach notifications is scheduled to take effect on June 2.
As was to be expected, party lines didn't fracture only on the Senate floor, with comments and positions regarding the voting separating cleanly in all other areas.
Ajit Pai, the new chairman of the newly Republican-led FCC, welcomed the Senate vote, telling reporters that his own core goal was "to make sure that uniform expectation of privacy is vindicated through the use of a regulatory framework that establishes a more level playing field."
Senator Bill Nelson, on the other hand, said during Senate floor debate that "Your home broadband provider can know when you wake up each day-either by knowing the time each morning that you log on to the Internet to check the weather/news of the morning, or through a connected device in your home (...) and that provider may know immediately if you are not feeling well - assuming you decide to peruse the Internet like most of us to get a quick check on your symptoms. In fact, your broadband provider may know more about your health - and your reaction to illness - than you are willing to share with your doctor."
Home Internet providers can also "build a profile about your listening and viewing habits." Mobile broadband providers, on the other hand, "know how you move about your day through information about your geo-location and Internet activity through your mobile device," Senator Bill Nelson said.
"This is a gold mine of data-the holy grail so to speak," Nelson said. "It is no wonder that broadband providers want to be able to sell this information to the highest bidder without consumers' knowledge or consent. And they want to collect and use this information without providing transparency or being held accountable."
This measure also ties the FCC's hands in advancing "substantially similar" rules in the future. Kate Tummarello, a policy analyst for the nonprofit Electronic Frontier Foundation (EFF), pits this as a "crushing loss for online privacy."
"ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online," Tummarello said. "They shouldn't be able to profit off of the information about what you search for, read about, purchase and more without your consent."
What is your opinion on this matter? is this the way you envision your connected life?
109 Comments on Invading Subscriber Privacy - Senate Says ISPs Can Now Sell Your Data
Oh, boy. Never fun in that country.
Now, we could argue semantics about what about murder, theft.....etc. But if we need to do that it means the actual point was missed, and there is no reasoning.
ISPs are doing it to make a buck. The only interests it's best for are those of the ISPs and those who they sell the data to.
Attempting to conflate the two is laughable.
I have always been a person that think that proactive actions are useful, in the case of NSA i could use words like bomb, explosion and massacre "randomly" in posts like this and planning terrorist attacks between myself and myself(me having 2 or more email accounts) are by no means illegal. Something similar could be done in this case, having "paparazzi" photos taken of CEO's(other executives also) of ISP's that sell internet info and the same for CEO's buying(and using) this info and the visiting sites posting these images, this may make them rethink their strategy. One should remember that these people think their life is open to the public(similar to the "Big Brother" show), we could at least come to this conclusion.
I've just checked again and from what I've seen it is not mandatory. It is merely necessary in some situations (opening a bank account, boarding a plane etc). As such, you can still live in the US as a "free man" (Wild West style). Also, it seems that even if you have and ID card, you are not obligated to carry it all the time (other than driving, obviously). Is this correct?
And this is still a document used only if you don't have a driving license and issued by a DMV, which is rather cute. ;)
Just the fact that you could be 30 when applying for a Driving License and you'd have to prove your name or date of birth (because the government is not keeping such data) is like decades apart from what is going on in other countries.
Sure, we all admire the sense of freedom that US government gives (at the same being a leader in tracking people via multiple internal safety agencies :P), but hasn't it gone too far? Or rather - why isn't US going with the global trends? In most countries
I think it is common to treat SSN as a US-equivalent of and ID. But again, AFAIK it is not mandatory. If you don't pay taxes, you don't need one. If you don't want tax benefits stemming from having children, you don't have to apply for SSNs for them (until they need it themselves). Can you confirm?
A defeatist will always be defeated. It does not matter when he is born.In America, Vagrancy laws have been off the books for a very very long time. You may be using the wrong term. Legally speaking, vagrancy generally is a term not for lacking ID, but for "hanging around" too long. (It used to be a blanket way to clear out the homeless).
I couldn't find any Act saying otherwise (any source maybe?)
It seems you're merely required to identify yourself - it doesn't mean you need a document to confirm anything (I guess it varies between states according to the local "Stop and identify" statute).
From what I've learned you only need an ID while driving (but a driving license is an ID) and of course when a situation makes it mandatory to show one (buying alcohol, opening an account etc).
Because I think we're mixing things up a bit, I can tell how it works in Europe (and in fact most other developed countries).
You usually have an ID number given at birth. It is mandatory (even if you don't use state insurance or pay taxes).
All adults need to posses a valid ID card, which is a separate document (not a driving license).
In some countries carrying the ID card is mandatory at all time. :)
I swear for a tech site there are a crap top of naïve idiots on here.
:roll::roll::roll::roll::roll:
I think you lack the knowledge to pass judgement on that topic, based on that statement.
I will agree though that extremely low profile tires that are no more than rubber bands on rims do nothing for the handling.
You usually have an ID number given at birth. (Federally issued SSN)
All adults need to posses a valid ID card, which is a separate document (Issued by state but tied to SSN, for all intents and purposes now doubles as a federal id)
In some countries carrying the ID card is mandatory at all time. (Yes, you don't have to carry it around the clock but you can't do much without it)
Also you seem to be unaware that a driving license supersedes an ID card, it is an ID card with an endorsement that allows you to drive. It is not a separate doc.
Kids ~ kids, candies here ~ Come on out.
They do come out. Amazing.
This planet is screwed.
When you sign a contract (for a flat, a car, an internet/mobile plan etc) do you use your SSN? Is it written on the document?Well this is surprising, but you seem very confident. :D
I used to think (and all I've found on the web seems to support it), that ID cards are not obligatory. Yes, you often need them to confirm your identity, but you are allowed not to have them.
But assuming what you've said is true, I'm somehow surprised by what I find on official websites.
dmv.ny.gov/id-card/bget-non-driver-id-card-ndid
Fragment:
"Who can get a non-driver ID (NDID) card
A person any age can get a non-driver ID card."
In Poland (where the ID card is mandatory for adults) you must apply for your first ID card before you turn 18. If you don't, you're actually breaking the law and are subject to detention or fine (same if you don't renew it in time).I know that very well and actually mentioned it before. I actually used to work "cute" to describe a situation when an ID card is in fact an ID document for the unfortunate that don't have a Driving License. And that the ID card is issued by DMV. Just how American is that? :D
Come on guys you write well bring back my TPU!
BTW - the US House of Representatives votes Tomorrow - Tuesday, March 28, 2017 on the issue.