Tuesday’s congressional vote to repeal U.S. restrictions on broadband providers doesn’t mean that online privacy is dead. Consumers will just have to pay for it.
The coming repeal, which President Trump is expected to sign into law, paves a clearer path for broadband providers to sell customers’ internet browsing history and other online data, without their consent.
Privacy advocates are worried. Imagine corporate giants snooping on your internet activities, and then bombarding your PC, phone and TV with targeted ads.
However, the privacy rule rollback might have an opposite effect too. Expect broadband providers and other internet services to emerge offering online privacy protections -- but at a price.
“The cost for consumers wanting a private internet experience is going to go up,” said Travis LeBlanc, a former enforcement bureau chief with the Federal Communications Commission.
To some degree, that’s already happening. Consumers worried about the privacy rule rollback have been flocking to VPN (Virtual Private Network) services, which can encrypt an internet user’s online connection. This can prevent broadband providers from learning what you're browsing.
PureVPN has seen a “drastic increase in traffic,” said Mehmood Hanif, brand strategist for the provider. In addition, U.S. sales have increased by 37 percent in the last week.
But the catch is that many VPNs aren’t free. They usually require a subscription that costs about $10 a month.
Privacy advocates like Ernesto Falcon, legal counsel at the Electronic Frontier Foundation, also recommend subscribing to a trusted VPN provider, but say the added fee amounts to a “privacy tax” on consumers. Those who don’t pay face the prospect of broadband providers harvesting their online data and selling it to the highest bidder.
“Plenty of ISPs will push to extract rent and value from that information the best way they can,” Falcon said. He cited a recent case, where Verizon Wireless was fined $1.35 million for inserting tracking cookies into users' internet browsing sessions.
However, the U.S. broadband industry says that consumers shouldn’t be worried about the privacy rule rollback. Earlier this year, companies including AT&T, Comcast and Verizon pledged to remain transparent over the data they collect from consumers and how it's used. FCC rules also require broadband and telecom providers to take steps to protect consumer data from hacking
“Their privacy is protected under existing FCC authority, which requires companies to keep consumers’ data safe,” said USTelecom, a trade association that represents broadband providers.
But experts like LeBlanc say a more realistic possibility is that some ISPs will offer privacy protections, in exchange for higher fees, which AT&T once did.
“This may end up impacting lower income consumers, than upper income consumers. There’s a digital equity issue here,” said LeBlanc, who left the FCC earlier this year, and now works as a partner at law firm Boies, Schiller & Flexner.
Unfortunately, not all U.S. consumers have much choice when it comes to broadband providers, especially if they want faster internet speeds, said Dane Jasper, CEO of Sonic, a small ISP that serves California.
“If you want 25 Mbps or more in performance, you often only have one choice,” he said. “I argue that we have a failed competitive market.”
Nevertheless, customers who do have access to multiple ISPs should look them up and consider if they have a stronger stance on data privacy over their current provider, Jasper said. His own company is among the small ISPs who have been against the U.S. Congressional effort to repeal the broadband privacy regulations.
Consumers on a budget have some solace, though. The internet already offers a level of free privacy protection. It comes in the form of HTTPS, a protocol that internet companies are using to encrypt the data exchanged between a user’s browser and a website.
That means broadband providers can spy on what websites you visit, but not the content you view. Many top destinations such as Google, Facebook, Twitter and banks have been using HTTPS.
However, the protocol probably won’t stop enterprising ISPs from monetizing their customers’ data. “If I can see you are going to Alcoholics Anonymous and exchanging a certain amount of data there, I’ve learned something about you,” Jasper said.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.