ISP Selling Data Bill – Why Should You Care About it?

When we talk about online privacy, it’s usually to criticize tech giants like Google, Apple, Amazon, or Facebook for the way they collect their users’ data and then make money selling it without consent. 

But they are not the only ones you should be concerned about. Your ISP could also be selling your data and, in fact, thanks to the ISP selling data bill signed in 2017, they are legally allowed to do that without your consent or approval.

So what exactly does this mean for your net privacy and why should you be concerned about it?

Background on the ISP Selling Data Bill

First, a little background on the ISP selling data bill.

On 28th March, 2017, the United States House of Representatives passed a “resolution of disapproval” and overturned the Federal Communication Commission’s (FCC) Broadband Consumer Privacy Proposal law with 215 to 205 votes in favor of disapproval.

These privacy rules did allow ISPs to sell and share customer data with third parties like advertisers, but only after obtaining opt-in consent.

With the ISP selling data bill signed by the U.S. President Donald Trump, ISPs no longer have to get that consent.

Not even last-ditch efforts by privacy activist groups, like the American Civil Liberties Union (ACLU) and the Electronic Privacy Information Center (EPIC), who called on Trump to veto the bill, worked and they fell on deaf ears.

Also, almost exactly two years after the bill was passed, the Federal Trade Commission (FTC) sent orders to seven major U.S. broadband companies, including Verizon, Comcast, Google Fiber, AT&T, AT&T Mobile, Cellco and Verizon Communions to examine what information they collect and how they collect it.

Why Should You Care?

The FCC imposed privacy rules on ISPs back in 2016 at the very end of Barack Obama’s time as president and ISPs argued that it puts them at a disadvantage.

The White House responded by saying:

“The (FCC) rule departs from the technology-neutral framework for online privacy administered by the FCC. This results in rules that apply very different regulatory regimes based on the identity of the online actor.”

Of course, on their part, ISPs like Verizon and Comcast rushed in to add that they “never had and never will sell their customer’s private web browsing history”.

In their statement, Verizon said:

“Let’s set the record straight. Verizon does not sell the personal web browsing history of our customers. We don’t do it and that’s the bottom line”

Comcast’s statement on the issue was pretty much the same:

“At Comcast, we respect and protect our customers’ personal information. Always have, always will. We do not sell our broadband customers’ individual web browsing history. We did not do it before the FCC’s rules were adopted, and we have no plans to do so.”

Well, there you go. The ISPs said you have nothing to worry about. Problem solved.

Except it isn’t. The argument from these ISPs that “they never sold and never will sell their customer’s data” simply doesn’t hold water. This Bill completely gives them the keys that enable them to do so without any problem.

Imagine, for instance, the police  having the keys to your house and being able to enter as they please. Yes, they can break-in in certain circumstances, but usually, they need a very good reason and a warrant to do so. 

But if they already had the key ready and could enter as they please, wouldn’t that worry you at least a bit?

What Information Does Your ISP Collect On You and How Can You Prevent Them From Doing So?

So what kind of data exactly can (and does) your Internet Service Provider collects from your web browsing history and is there anything you can do to protect your online privacy?

Your ISP can see your web browsing history, meaning what websites you visit. By selling this information to third-party advertisers, they basically give out information on your personal relationships, health, buying habits, where you travel, who you vote for and more.

The bill also sparked a big debate on Reddit in more than 35 subreddits, with the biggest thread having almost 6k comments.

Okay, but Google can already sell your Internet browsing history to advertisers and shares it with the government, so what’s the big deal if we allow ISPs to do the same?

Yes, that’s true. But there are some big differences here:

  1. You actually don’t have to use Google. You can use any web browser you want, like Safari, Mozilla’s Firefox, Opera, or better yet, Tor. On the other hand, 9 out of 10 times, you only have one ISP choice available depending on where you live;
  2. Google has far less information on you than the ISP has.  On the other hand, ISPs can see everything you do online.

Okay, but since you have to use an ISP if you want to use the Internet, can you do anything about this? Is there a way to protect your data, at least to some extent?

There is.

  1. Use Tor Browser

We already mentioned the Tor Browser. This is a free software that enables anonymous communication over the Internet. To use it, you first need to download and install it on your computer from the Tor Project.

Once you do that, you can visit encrypted .onion addresses, like this one and enjoy far greater privacy than with regular browsing.

  1. Use a VPN

A Virtual Private Network will encrypt your data as it leaves your computer and reroutes it through their own, secure server. This server can be in a completely different country or even on another continent.

For example, you could be sitting at home in Pennsylvania, U.S, but if you’re using a VPN server that is located in Rome, for someone looking at your data, it will appear that you are in Italy.

However, you do need to be careful with your choice of VPN. Some VPNs will keep your logs and might even sell your data for profit.

  1. Use Encrypted Internet

You probably noticed, when visiting some websites, that they have an open or closed padlock or that their URL starts with “HTTP” or “HTTPS”.

What this means is that one doesn’t encrypt your Internet traffic, while the other one does.

You want the one that does encrypt it. Unfortunately, almost a third of all websites on the Internet use default protocol HTTP, according to W3 Techs Usage Statistics of Default Protocol HTTPS for Websites.

Here’s a historical trend on this:

  1. Use End-to-End Encrypted Email

4 billion people around the world use email to communicate online. The problem is that most email service providers offer very poor encryption, making your email data at risk.

CTemplar is an end-to-end encrypted email service that protects your data in transit and at rest by encrypting your email body, attachments and email subjects (on paid plans). 

We also prevent ISPs from tracking you by anonymizing your ISP and protect your password with Zero-knowledge proof, which means that even we don’t have access to your password, but only you.

So, if you want to protect your online privacy and prevent ISPs from selling your data as they please, start by using these and don’t forget to sign up today for your free and secure CTemplar email account.