Open in app

Sign in

Write

Sign in

A primer for the recent controversial internet privacy rule change

Chris Shaffer
5 min readApr 5, 2017

This is complicated, so first, just some facts. (Since this is mostly intended to be a factual primer, please let me know if there’s a mistake or an example that’s conspicuously absent)

Also note, we’re talking about privacy rules, here. It’s a different topic than Net Neutrality (the principle that carriers should be content agnostic). There are plenty of posts about Net Neutrality, and this is not one of them.

Internet companies that run websites or build apps, like Google and Facebook, know what you do on their sites. They also have a pretty good idea of what you’re doing when you visit sites that display their ads. They don’t know what you’re doing on other sites, but they sometimes have ways of guessing.

Internet Service Providers, like Time Warner and Verizon, carry traffic from your phone or computer to the Googles and Facebooks of the world, and back again. Most internet companies (above) that carry sensitive data encrypt it these days. That means that unless/until they sell your data, only they know what you’re doing on their sites. The ISP can’t break into that encrypted envelope, but they do know where it’s going, and when.

Examples:

  • Time Warner knows how many times you visit Amazon but doesn’t know what you bought; only Amazon knows that.
  • Verizon knows that you’re using the Facebook app, but only Facebook knows whose profile you viewed and what you wrote on their wall. Verizon probably doesn’t even know whether you wrote on someone’s wall or not, they just know that you’re on Facebook.
  • Comcast knows how often you use Google vs. Bing, but they don’t know what you’re searching for. Google doesn’t even know you whether or not you use Bing… unless/until you click on a search result that takes you to a Google partner site.
  • Google knows your location when you use Google Maps, but not when you use Apple Maps. Your cell phone provider knows your location pretty much all the time your phone isn’t in airplane mode, but they don’t know what address you looked up directions to.
  • If you’re careful with which sites you visit and how you get there, you can generally keep the Googles and Facebooks of the world from knowing that you visit certain … compromising sites … but you can’t hide the fact that you visit AshleyMadison every day from your ISP.*

A general rule of thumb might be: websites/apps know specific but narrow information, your internet service provider knows broad but unspecific information.

There are, of course, caveats to any and all of this — some apps use encryption such that even the company that makes the app itself couldn’t read your messages if they wanted to… or companies might buy data from one another, giving a site you’ve potentially never visited information on your browsing habits.

*It’s of course, not actually impossible. VPNs can tunnel your traffic through a third party and mask where it’s really coming from. You could buy burner phones and only use coffee shop wifi. But speaking in terms of the typical consumer, the ISP knows about their porn habits, and what political parties’ sites they spend time on.

With that in mind, let’s move on to the debate.

The rule in question concerns internet service providers — such as Time Warner and Verizon. The FCC sets rules for these companies, while the FTC sets them for companies that solely run websites and apps. The Obama-era FCC rule set (comparatively) strict rules on the ISPs, requiring them to take security precautions to protect your browsing data and get your permission before selling it. The rule in question was scheduled, but hasn’t yet taken effect.

The logic behind those rules is fairly straightforward: Consumer privacy is important to protect. There was also a general push to treat internet service as a utility — so your ISP would be put into the same regulatory bucket as your landline or electricity provider.

Tom Wheeler, the last FCC Chair, gave this example recently (https://www.nytimes.com/2017/03/29/opinion/how-the-republicans-sold-your-privacy-to-internet-providers.html): “Your phone company can’t sell the fact that you are calling car dealerships to others who want to sell you a car. But if the same device and the same network are used to contact car dealers through the internet, that information — the same information, in fact — can be captured and sold by the network.” That’s true, but it’s important to note that the rules in question only applied to ISPs. Tom Wheeler’s FCC aimed to fix the above scenario when it comes to Verizon and Sprint, but never had the authority to impose such a rule on Google, only the FTC could do so.

Republicans believe that to be the salient point: here the FCC is making a rule that applies to your cable and cellphone data providers, while Google still can capture and the fact that you’re searching for car dealerships and sell it to other car dealerships. That’s not just an academic point, Google does do this, every day. If you run a few searches for car dealers right now, you’re likely to start seeing ads for specific ones — dealers that paid to have their ad shown to people that search specific keywords.

One Republican argument, the one I’ve heard the most, revolves around that key point: The government should not create winners and losers. Since the FCC rule applies to some companies, but not others, it’s putting (for example) Comcast at a huge, unfair disadvantage compared to Netflix. The FCC shouldn’t impose a rule like that without coordinating with the FTC.

There’s also a Republican argument that consumer choice should reign supreme — it’s consumers’ job to decide whether whatever product the ISP cooks up using their data is worth their privacy — what would the internet look like if Google weren’t allowed to sell ads using your browsing data?

The Democratic counterpoints would be:

  • The Obama administration didn’t decide to apply rules to one segment of the market but not to another. The FTC was prevented from issuing similar rules to the FCC’s because of Republican opposition.
  • Whatever element of consumer choice exists with apps and websites doesn’t really exist with ISPs. You can switch from Google Maps to Apple Maps or from Yahoo Mail to Hotmail a lot more easily than you can switch your cable internet provider.

Personally, I don’t like the fact that the FTC and FCC regimes are inconsistent, and I’d prefer them to be consistently strong. Failing that, I’d take inconsistent over consistently weak. I think most consumers are on the same page.

I find the ‘inconsistency’ argument to be a dishonest one, here. If Republican leadership’s primary concern was for the FCC and FTC to have consistent regulations, they could advance legislation doing just that — they do control Congress, after all. Instead, they’re counting on voters swallowing the “apply the same rules” argument in order to repeal the rules that currently stand, and coming back around to write new, more consistent rules… never.

That the Republican leadership believes consumer protection deserves to take a back seat to consumer choice and unfettered markets should surprise no one. There’s nothing inherently wrong with that view, but it’s clear that they don’t think they can sell it as easily as the “winners and losers” argument…

Net Neutrality
Tech
FCC
Online Advertising
Privacy

--

--

Chris Shaffer

Written by Chris Shaffer

99 Followers

Current software consultant. Previously everything from junior coder to CTO at companies ranging in size from 25–10,000. Mostly but not exclusively fin-tech…

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams