What the Latest Internet Privacy Regulations Mean for You

What the Latest Internet Privacy Regulations Mean for You

By Marleigh Green & Matthew Harvey

This article was originally written for Stone | Dean's At Issue Newsletter. You can find the original & full edition of At Issue Summer 2017 here.

The Death of Private Data?

The issue of online privacy has been nuanced since the inception of the internet. The lines between what is private and what isn’t have been blurred by rampant social media use and the expectation for everyone to have an online persona.

Along with the Federal Communications Commission (FCC), the Obama administration created strict privacy rules for consumers by preventing internet service providers (ISPs) from mining their customers’ data without express permission. The rule was set to take effect in December 2017, and would have required internet providers to be transparent about the data they collected, how they used it, and when information breaches (hacking) occurred.

Earlier this year, however, both houses of Congress voted to repeal these regulations, citing the Congressional Review Act, and President Trump signed the measure.

What Does This Mean?

This new bill strips the FCC regulations concerning ISP customer data mining, giving them free-reign to sell lucrative customer data without express permission, and effectively puts internet privacy oversight in limbo.

The FCC, which has authority to create rules for telecommunications companies (telcos), monitors how ISPs and phone companies handle customer data. However, the new administration aims to change the regulatory committee tasked with monitoring ISPs to the Federal Trade Commission (FTC), which does not maintain rule-making authority.

The FTC is the regulatory body that monitors online companies already data-mining their customers such as Facebook, Google, Amazon, etc.; these so-called “edge providers” weren’t subject to the now-defunct FCC rules. Proponents of this change claim giving the FTC oversight consolidates internet privacy regulations under one body and “levels the playing field” for all internet-based companies.

Opponents of the bill argue that the FTC is too weak of a regulatory body to properly protect consumer privacy. Fur­thermore, they argue that the new FTC chairman, Maureen Ohlhausen, wouldn’t act in the interests of protecting Ameri­cans; that she “wants to see harm first,” instead of preemptively enacting rules to protect customers.

What data is being mined and what’s being done with it?

The skinny: Online user-data is analyzed and profiled by telcos and edge providers in order to better-tailor internet advertisements to consumers. The variety of information they compile includes what you do online, what you create and post, and information about who you are. The main idea is that better research allows companies to better target consumers.

Data analysis for the purpose of creating better-targeted advertising is nothing new. In fact, companies like Nielson have been compiling market research for decades with customer-segmentation systems like PRIZM.

However, with the rise of technology, people are creating more data now than ever. Information such as geographic location, search history, how one communicates and with whom has raised the question of whether recording this unprecedented level of data amounts to an invasion of privacy.

For instance, the world’s largest advertising company, Google, originally used their email service, Gmail, to analyze emails sent or received by users. They used this content, along with searches, to create user-profiles for targeted advertisements. Google uses profiles to distinguish what each user is looking for, so it can provide accurate search results and better-targeted advertisements.

Why all the outcry about privacy?

Before these new regulations opened up mined-data-selling to ISPs, it was mostly limited to specific websites which consumers could decide not to use.

Don’t want Google tracking your browsing history? Use a different search engine!

However, now that ISPs and other telcos have the ability to sell mined customer information, it will become a lot harder to hide one’s browser data. There is no longer a framework for what information companies can record, how they use it, or how long they keep it.

What can I do to protect my online privacy?

Unfortunately for those wanting to protect their private internet information, there’s no guaranteed way to run and hide from ISPs.

One could ask their internet provider to not track their information, but ISPs do not have to comply or even tell their customers how they handle their data.

One could instead try to find an internet-provider with a no-data-mining policy. This route proves difficult, however, in places with little-to-no competition between ISPs, giving some consumers little choice in the matter.

One could also decide to browse the internet via an anonymous internet-program like the infamous Tor Browser (associated with the Deep Web). This option, though, re­quires higher-than-average technical knowledge and opens un-indexed sites to the user — many of which exist for illicit purposes.

Another option for privacy-centric users are Virtual Private Networks (VPNs) which are paid-services that allow users to connect to secure servers over a less-secure network such as the internet. This “secure tunnel” between your PC and browser can only be seen by yourself, the VPN-service-provider, and the website you’re visiting. But even VPNs can sell your mined data to advertisers, so even these “private” networks aren’t so private.

Should I be scared?

It’s not likely that the new pri­vacy regulations (or lack there­of) will have any effect on the lives of regular people, whose data has likely been unknow­ingly mined for years.

It’s important to have a con­versation about online privacy, however, and the current regu­lation-void makes it even more so. Common mistakes to avoid are: posting personal informa­tion publicly (contact info, ad­dresses, etc.), shopping on unsecured websites (a secured website’s address will begin with “https://” as opposed to “http://”), and posting pass­words anywhere online.

“Think before you click” is true now more than ever, and it’s worth keeping in mind that the internet, as well as the number of eyes watching it, grows every day. In a world full of connection, it shouldn’t come as a surprise that the World Wide Web isn’t very private.