Thursday, 19 October 2017 / TRUTH-OUT.ORG
  • Trump's First DC Circuit Nominee Thinks Waterboarding Can Be Okay

    Gregory Katsas has been picked to fill a vacancy on the DC Circuit Court of Appeals, which is the only appellate court with nationwide jurisdiction.

  • Steve Bannon's Armageddon

    William Rivers Pitt of Truthout: Former White House Chief Strategist Steve Bannon is fomenting a "revolution" against a number of Republican officeholders, and against the Republican party itself, with President Trump as his unspoken partner.

SUPPORT MEDIA THAT DOESN'T SELL OUT

The stories you read here are published thanks to our readers -- not corporate sponsors or advertisers.

We need your help to continue this essential work. Will you support boldly independent journalism today?

Click here
to donate.

Three Myths the Telecom Industry Is Using to Convince Congress to Repeal the FCC's Privacy Rules, Busted

Thursday, March 23, 2017 By Kate Tummarello, Corynne McSherry, Ernesto Falcon and Jeremy Gillula, Electronic Frontier Foundation | News Analysis
  • font size decrease font size decrease font size increase font size increase font size
  • Print

Back in October of 2016, the FCC passed some pretty awesome rules that would bar your internet service provider (ISP) from invading your privacy. The rules would keep ISPs like Comcast and Time Warner Cable from doing things like selling your personal information to marketers, inserting undetectable tracking headers into your traffic, or recording your browsing history to build up a behavioral advertising profile on you -- unless they can get your consent. They were a huge victory for everyday Internet users in the US who value their privacy.

But since the restrictions also limit the ability of ISPs and advertisers alike to profit from the treasure trove of data ISPs have about their subscribers, powerful interests have come out in force to strip those protections away. Lobbyists in DC are pulling out all the stops trying to convince Congress that these straightforward, no-nonsense privacy rules are unnecessary, unfair, overly burdensome, or all of the above. EFF wrote a memo for congressional staffers that busts these myths.

And we're sharing the content of that memo with you, Team Internet, so you can see the type of FUD  ISPs and their allies are pushing in order to take away your privacy.

(Fair warning: some of these are fairly wonky, so if you're not the type that gets excited by telecom law, you can always skip to the part where you call your senators and representative and tell them not to repeal the FCC's ISP privacy rules -- because if we raise our voices together, we can stop Congress before it's too late.)

Myth 1: If the FCC's privacy rules are repealed, state officials and the Federal Trade Commission will fill the gap -- so customers' privacy will still be protected.

Fact: Unfortunately, recent court decisions have limited the FTC's ability to enforce privacy rules on ISPs. Plus, relying on each state to enforce its own laws to protect privacy would create a terrible patchwork of mismatched regulations. You'd think with all the uncertainty and bureaucracy that would create, the ISPs would actually prefer clear, bright-line rules at the national level. But you'd be wrong: at this point, they'll say anything to block the FCC's privacy-protective rules.

Extended Version:

The 2016 FTC v AT&T Mobility decision at the 9th Circuit eliminated the Federal Trade Commission's authority to enforce privacy rules on ISPs in Arizona, Alaska, Hawaii, California, Idaho, Montana, Nevada, Oregon, and Washington. Other courts may do the same. And while some states' Attorney Generals have brought actions against ISPs that mislead or deceive consumers about how the companies collect, share, and sell customer data, many other states have scaled back their enforcement on the premise that federal enforcement was sufficient and preferable. 

What's more, a state-by-state patchwork of consumer protection enforcement is bad for customers and telecoms. It leaves customers in states with weaker consumer protection statutes or less assertive Attorneys General without crucial safeguards from their ISPs. And it leaves ISPs subject to a bewildering array of regulations depending on where they operate.  That regulatory thicket will impede competition and innovation by discouraging service providers from entering new markets.

Myth 2: Even if Congress repeals the FCC's recent privacy rules, the FCC still has authority to enforce consumer privacy protections more generally under Section 222 of the Communications Act.

Fact: Due to the way Congress plans to repeal the FCC's privacy rules, there's going to be a lot of legal uncertainty about whether or not the FCC will be allowed to do anything related to ISPs and privacy in the future. In other words, it's not clear if you'll be at the mercy of your ISP or not, and by the time the courts figure it out, your ISP will have already had the chance to do some pretty creepy things.

Extended Version:

Section 222 of the Communications Act is the underlying authorization for the rules the FCC has already adopted, but if Congress passes a Congressional Review Act (CRA) resolution to repeal the rules, whether or not the FCC can pass new rules using that authority will be an open question.

That's because a CRA resolution would prohibit the FCC from issuing rules that are "substantially the same" in the future. If the FCC brings an action against an ISP under Section 222 for mishandling customer data, the ISP would likely try to challenge the action in court on the grounds that Congress preempted the agency with the CRA, creating uncertainty around ISP obligations and consumer privacy protections. 

Myth 3: The FCC's privacy rules put Internet service providers at an unfair disadvantage when compared to Internet companies like Google who can profit off of consumers' data.

Fact: Google doesn't see everything you do on the Internet (neither does Facebook, for that matter, or any other online platform) -- they only see the traffic you send to them. And you can always choose to use a different website if you want to avoid Google's tracking. None of that is true about your ISP. You probably only have one, maybe two options when it comes to ISPs offering high-speed Internet, and your ISP sees everything -- they have to, in order to send your traffic to the right place. That's why we need the FCC's privacy rules: ISPs are in a position of power, and they've shown they're willing to abuse that power.

Plus, if you're worried about creepy third-party tracking online, you can use free tools to protect yourself; the only way to protect your privacy from your ISP is to pay for a VPN.

Extended Version:

To begin with, it's worth remembering that ISPs and companies like Google or Facebook see entirely different parts of your Internet activity; namely that Google or Facebook only see the traffic you send to their servers, while ISPs see all your traffic. Even when you take into account the fact that Google and Facebook have creepy third-party trackers spread across the web, they still only see a fraction of what your ISP sees. Being able to see all of your traffic gives your ISP an unprecedented view into your life (everything from what you're shopping for, to who you talk to, to what your politics are, to what you read), which not even Google or Facebook can achieve.

There's also another big difference between Comcast and Google: choice. While Internet users can choose between numerous online services for search, email, and more -- including services that feature built-in privacy protections as a selling point -- most consumers have few if any options when it comes to choosing an ISP. According to the FCC's 2016 Broadband Progress Report, 51 percent of households have access to only one high-speed broadband provider. If that provider decides to sell their data, they can't vote with their wallets and choose another ISP. 

There's one last difference: Internet users can prevent companies like Google from spying on them as they surf the web. If you want to do something online without being tracked, you can use a variety of free tools that even powerful companies like Google cannot overcome. But nothing short of paying to use a virtual private network -- essentially having to pay a fee to protect your online privacy -- will protect you from your ISP.

Now that you've heard the FUD ISPs and the advertising industry are spreading, take a moment and help us protect your privacy from data-hungry ISPs: call Congress today and tell your senators and representative not to repeal the FCC's ISP privacy rules!

Any and all original material on the EFF website may be freely distributed at will under the Creative Commons Attribution License, unless otherwise noted. All material that is not original to EFF may require permission from the copyright holder to redistribute

Kate Tummarello

Kate Tummarello works on surveillance issues for the Electronic Frontier Foundation's activism team. Previously, she covered technology policy in Washington, DC, including writing about privacy, net neutrality, internet governance and intellectual property.

Corynne McSherry

Corynne McSherry is the Legal Director at EFF, specializing in intellectual property, open access, and free speech issues. Her favorite cases involve defending online fair use, political expression, and the public domain against the assault of copyright maximalists. As a litigator, she has represented Professor Lawrence LessigPublic.Resource.Orgthe Yes Men, and a dancing baby, among others, and one of her first cases at EFF was In re Sony BMG CD Technologies Litigation (aka the "rootkit" case). In 2015 she was named one of California's Top Entertainment Lawyers.  She was also named AmLaw's "Litigator of the Week" for her work on Lenz v. Universal. Her policy work includes leading EFF's effort to fix copyright (including the successful effort to shut down the Stop Online Privacy Act, or SOPA), promote net neutrality, and promote best practices for online expression. In 2014, she testified before Congress about problems with the Digital Millennium Copyright Act.  Corynne comments regularly on digital rights issues and has been quoted in a variety of outlets, including NPR, CBS News, Fox News, the New York Times, Billboard, the Wall Street Journal, and Rolling Stone. Prior to joining EFF, Corynne was a civil litigator at the law firm of Bingham McCutchen, LLP. Corynne has a B.A. from the University of California at Santa Cruz, a Ph.D from the University of California at San Diego, and a J.D. from Stanford Law School. While in law school, Corynne published Who Owns Academic Work?: Battling for Control of Intellectual Property (Harvard University Press, 2001).

Jeremy Gillula

Jeremy Gillula is a senior staff technologist at the Electronic Frontier Foundation. He has covered a wide variety of tech topics, including mobile devices, big data and net neutrality.

Ernesto Falcon

Ernesto Falcon is a contributor to Electronic Frontier Foundation. 

GET DAILY TRUTHOUT UPDATES
Optional Member Code

FOLLOW togtorsstottofb


Three Myths the Telecom Industry Is Using to Convince Congress to Repeal the FCC's Privacy Rules, Busted

Thursday, March 23, 2017 By Kate Tummarello, Corynne McSherry, Ernesto Falcon and Jeremy Gillula, Electronic Frontier Foundation | News Analysis
  • font size decrease font size decrease font size increase font size increase font size
  • Print

Back in October of 2016, the FCC passed some pretty awesome rules that would bar your internet service provider (ISP) from invading your privacy. The rules would keep ISPs like Comcast and Time Warner Cable from doing things like selling your personal information to marketers, inserting undetectable tracking headers into your traffic, or recording your browsing history to build up a behavioral advertising profile on you -- unless they can get your consent. They were a huge victory for everyday Internet users in the US who value their privacy.

But since the restrictions also limit the ability of ISPs and advertisers alike to profit from the treasure trove of data ISPs have about their subscribers, powerful interests have come out in force to strip those protections away. Lobbyists in DC are pulling out all the stops trying to convince Congress that these straightforward, no-nonsense privacy rules are unnecessary, unfair, overly burdensome, or all of the above. EFF wrote a memo for congressional staffers that busts these myths.

And we're sharing the content of that memo with you, Team Internet, so you can see the type of FUD  ISPs and their allies are pushing in order to take away your privacy.

(Fair warning: some of these are fairly wonky, so if you're not the type that gets excited by telecom law, you can always skip to the part where you call your senators and representative and tell them not to repeal the FCC's ISP privacy rules -- because if we raise our voices together, we can stop Congress before it's too late.)

Myth 1: If the FCC's privacy rules are repealed, state officials and the Federal Trade Commission will fill the gap -- so customers' privacy will still be protected.

Fact: Unfortunately, recent court decisions have limited the FTC's ability to enforce privacy rules on ISPs. Plus, relying on each state to enforce its own laws to protect privacy would create a terrible patchwork of mismatched regulations. You'd think with all the uncertainty and bureaucracy that would create, the ISPs would actually prefer clear, bright-line rules at the national level. But you'd be wrong: at this point, they'll say anything to block the FCC's privacy-protective rules.

Extended Version:

The 2016 FTC v AT&T Mobility decision at the 9th Circuit eliminated the Federal Trade Commission's authority to enforce privacy rules on ISPs in Arizona, Alaska, Hawaii, California, Idaho, Montana, Nevada, Oregon, and Washington. Other courts may do the same. And while some states' Attorney Generals have brought actions against ISPs that mislead or deceive consumers about how the companies collect, share, and sell customer data, many other states have scaled back their enforcement on the premise that federal enforcement was sufficient and preferable. 

What's more, a state-by-state patchwork of consumer protection enforcement is bad for customers and telecoms. It leaves customers in states with weaker consumer protection statutes or less assertive Attorneys General without crucial safeguards from their ISPs. And it leaves ISPs subject to a bewildering array of regulations depending on where they operate.  That regulatory thicket will impede competition and innovation by discouraging service providers from entering new markets.

Myth 2: Even if Congress repeals the FCC's recent privacy rules, the FCC still has authority to enforce consumer privacy protections more generally under Section 222 of the Communications Act.

Fact: Due to the way Congress plans to repeal the FCC's privacy rules, there's going to be a lot of legal uncertainty about whether or not the FCC will be allowed to do anything related to ISPs and privacy in the future. In other words, it's not clear if you'll be at the mercy of your ISP or not, and by the time the courts figure it out, your ISP will have already had the chance to do some pretty creepy things.

Extended Version:

Section 222 of the Communications Act is the underlying authorization for the rules the FCC has already adopted, but if Congress passes a Congressional Review Act (CRA) resolution to repeal the rules, whether or not the FCC can pass new rules using that authority will be an open question.

That's because a CRA resolution would prohibit the FCC from issuing rules that are "substantially the same" in the future. If the FCC brings an action against an ISP under Section 222 for mishandling customer data, the ISP would likely try to challenge the action in court on the grounds that Congress preempted the agency with the CRA, creating uncertainty around ISP obligations and consumer privacy protections. 

Myth 3: The FCC's privacy rules put Internet service providers at an unfair disadvantage when compared to Internet companies like Google who can profit off of consumers' data.

Fact: Google doesn't see everything you do on the Internet (neither does Facebook, for that matter, or any other online platform) -- they only see the traffic you send to them. And you can always choose to use a different website if you want to avoid Google's tracking. None of that is true about your ISP. You probably only have one, maybe two options when it comes to ISPs offering high-speed Internet, and your ISP sees everything -- they have to, in order to send your traffic to the right place. That's why we need the FCC's privacy rules: ISPs are in a position of power, and they've shown they're willing to abuse that power.

Plus, if you're worried about creepy third-party tracking online, you can use free tools to protect yourself; the only way to protect your privacy from your ISP is to pay for a VPN.

Extended Version:

To begin with, it's worth remembering that ISPs and companies like Google or Facebook see entirely different parts of your Internet activity; namely that Google or Facebook only see the traffic you send to their servers, while ISPs see all your traffic. Even when you take into account the fact that Google and Facebook have creepy third-party trackers spread across the web, they still only see a fraction of what your ISP sees. Being able to see all of your traffic gives your ISP an unprecedented view into your life (everything from what you're shopping for, to who you talk to, to what your politics are, to what you read), which not even Google or Facebook can achieve.

There's also another big difference between Comcast and Google: choice. While Internet users can choose between numerous online services for search, email, and more -- including services that feature built-in privacy protections as a selling point -- most consumers have few if any options when it comes to choosing an ISP. According to the FCC's 2016 Broadband Progress Report, 51 percent of households have access to only one high-speed broadband provider. If that provider decides to sell their data, they can't vote with their wallets and choose another ISP. 

There's one last difference: Internet users can prevent companies like Google from spying on them as they surf the web. If you want to do something online without being tracked, you can use a variety of free tools that even powerful companies like Google cannot overcome. But nothing short of paying to use a virtual private network -- essentially having to pay a fee to protect your online privacy -- will protect you from your ISP.

Now that you've heard the FUD ISPs and the advertising industry are spreading, take a moment and help us protect your privacy from data-hungry ISPs: call Congress today and tell your senators and representative not to repeal the FCC's ISP privacy rules!

Any and all original material on the EFF website may be freely distributed at will under the Creative Commons Attribution License, unless otherwise noted. All material that is not original to EFF may require permission from the copyright holder to redistribute

Kate Tummarello

Kate Tummarello works on surveillance issues for the Electronic Frontier Foundation's activism team. Previously, she covered technology policy in Washington, DC, including writing about privacy, net neutrality, internet governance and intellectual property.

Corynne McSherry

Corynne McSherry is the Legal Director at EFF, specializing in intellectual property, open access, and free speech issues. Her favorite cases involve defending online fair use, political expression, and the public domain against the assault of copyright maximalists. As a litigator, she has represented Professor Lawrence LessigPublic.Resource.Orgthe Yes Men, and a dancing baby, among others, and one of her first cases at EFF was In re Sony BMG CD Technologies Litigation (aka the "rootkit" case). In 2015 she was named one of California's Top Entertainment Lawyers.  She was also named AmLaw's "Litigator of the Week" for her work on Lenz v. Universal. Her policy work includes leading EFF's effort to fix copyright (including the successful effort to shut down the Stop Online Privacy Act, or SOPA), promote net neutrality, and promote best practices for online expression. In 2014, she testified before Congress about problems with the Digital Millennium Copyright Act.  Corynne comments regularly on digital rights issues and has been quoted in a variety of outlets, including NPR, CBS News, Fox News, the New York Times, Billboard, the Wall Street Journal, and Rolling Stone. Prior to joining EFF, Corynne was a civil litigator at the law firm of Bingham McCutchen, LLP. Corynne has a B.A. from the University of California at Santa Cruz, a Ph.D from the University of California at San Diego, and a J.D. from Stanford Law School. While in law school, Corynne published Who Owns Academic Work?: Battling for Control of Intellectual Property (Harvard University Press, 2001).

Jeremy Gillula

Jeremy Gillula is a senior staff technologist at the Electronic Frontier Foundation. He has covered a wide variety of tech topics, including mobile devices, big data and net neutrality.

Ernesto Falcon

Ernesto Falcon is a contributor to Electronic Frontier Foundation.