No, ISPs Are Not Going To Be Selling Your Internet Searches So Employers Can Profile You
Disappointingly, as Gregg drove me home from getting my taxes done, we heard it on the radio -- some overheated dude going on about how ISPs would be allowed to sell your information from searches, as if this could be done in some identifiable-as-you way.
Well, it can't -- which isn't to say the increasing yankings of privacy aren't problematic.
As for what the actual facts are, I love Mike Masnick at Techdirt -- you can always count on him for the real deal on any tech story. PS He came up with The Streisand Effect, too.
I have to tweet this debunk by @MMasnick debunk again: No, You Can't Buy Congress's Internet Data, Or Anyone Else's https://t.co/qC0304KJNA
— Amy Alkon (@amyalkon) March 30, 2017
(Yes, I said "debunk" twice in my tweet. It's been a long day.)
As Masnick winds up his post (in the link in the tweet), he observes:
We don't solve problems by misrepresenting what the real scenario is. It's true that ISPs have way too much power over these markets, and they can see and collect a ton of information on you which can absolutely be misused in privacy-damaging ways. But let's at least be honest about how it's happening and what it means. That's the only way we're going to see real solutions to these issues.
You're arguing that because it's not currently the business model
being used, that it's impossible for more detailed information to be
sold. That's not true. Have you forgotten about the recent fine to
Verizon for adding a supercooke to mobile data in order to do
detailed tracking of its users?
http://www.cbsnews.com/news/verizon-to-pay-fcc-supercookie-fcc-settlement/
Ron at March 30, 2017 4:19 AM
I'm not arguing that at all. And Masnick says -- as I feel -- that there's plenty to worry about regarding privacy and privacy erosions. (See his last paragraph I linked to.)
Also, if companies do this, there's a market for a company that does not.
Amy Alkon at March 30, 2017 5:11 AM
I used to work in retail grocery and we collected data on every single transaction. We could have, if we'd wanted to, find your card number and track your purchases.
But we didn't. Why not? For one, it's unethical. For another, it's impractical and bad business. If customers find out we're selling or using specific customer data, they will go to another company.
Better and more efficient to aggregate what people tend to purchase together (e.g, milk and cereal) and work out a way to get people from the first product to the second. Say, put ads and coupons for salty snacks on the beer aisle to get people thinking, "hey, what a great idea, peanuts to go with this beer. And here's a coupon."
Customer information was kept in a separate database. When I needed access to card number databases, I had to fill out an application stating my intended use for the data and how I was going to safeguard customer identities. The only time I needed customer-specific data was so I could tie card numbers to households and figure out what a household was buying (in cases where Mom and Dad have separate loyalty card and numbers).
As Amy points out, most of this data will be sold in bulk and aggregated. People who browse Site X also tend to browse Site Y. How useful is that? Well, Amazon can find out that people who spend a lot of time on Amazon also spend time on advicegoddess.com or what other shopping sites are popular in certain areas and advertise accordingly, thus more efficiently spending their advertising dollars. Amazon could use that data to price competitively or offer competitive services.
Chances are the ISPs are going to scrub the data of any specific reference to customer identity before selling it, in the interest of retaining their privacy-minded customers.
Except in the politics of personal ruin, there is little need for person-specific data. Target showed how dangerous using person-specific data can be when they sent a congratulations to a young woman who had yet to tell her father she was pregnant.
Those little ads at the sides of your Web pages advertising the last item you searched on Google are based on cookies stored on your system, not a list your ISP sold. You can clear your browser history to defeat that. Of course that will also clear the list of items you browsed previously at your favorite shopping site. So, if you use that feature, you may want to think twice before you obliterate your cookies.
As computers get faster and more efficient at processing large data sets, there could conceivably come a day when a computer can target or track specific individuals quickly and efficiently, with or without human intervention. You could find yourself receiving mailers and pop-up ads from your most embarrassing Web visits. And, for that reason, we do need to get a handle now on Internet privacy. Neither the Republicans nor the Democrats seem to understand this issue; both are using hyperbole and fear in forming and socializing their positions on it.
Conan the Grammarian at March 30, 2017 5:21 AM
It does disappoint me that the GOP Congressional leadership can't get its act together on repealing Obamacare, or border security, or starting to peel back the administrative state. But it could find time to do this. Priorities, guys.
Cousin Dave at March 30, 2017 6:55 AM
I wonder about this.
Talking to the TV installer, I noticed he needed headlights, as they had aged in the sunlight beyond mere surface deterioration.
When I searched for the term, "Automotive headlamps", the specific year and model of his van appeared first on the list.
I posted a picture of two people on Facebook, which conveniently added their names to the "With..." line without action on my part.
If you point your cell phone at a picture on your computer screen, it will identify faces, and that's just your consumer-grade stuff. What do you think a professional program can do?
Radwaste at March 30, 2017 6:57 AM
"Also, if companies do this, there's a market for a company that does not."
If it's Google that does this, you use a different search engine like duckduckgo.
If it's Facebook, that means that the market is ripe for a better competitor or
back to whatever its current losing competition is (myspace?).
If it's your ISP that does this, you're probably screwed. In most markets, the
ISP has monopoly power for anyone who wants broadband. In the few other markets
with any competition, it's usually a choice between only two. If they're both
slime, you don't have any recourse.
That's why it takes a law to ensure privacy.
Ron at March 30, 2017 9:51 AM
Ron's point about monopolies and virtual monopolies — exactly.
Kevin at March 30, 2017 10:56 AM
For those who are concerned about this, why weren't you concerned four years ago?
Under Obama ISPs were reclassified as common carrier. This ment they were no longer under the old regulatory scheme but instead a new one. So to maintain the old privacy standards new regulations had to be written. Well, when they wrote those regulations they added a number of new things. All this change does is put things back at the old standard.
"It does disappoint me that the GOP Congressional leadership can't get its act together on repealing Obamacare, or border security, or starting to peel back the administrative state. But it could find time to do this. Priorities, guys."
Apparently no one cared about this till after it passed. So no one was obstructing it. Now they want to complain after the fact.
Ben at March 30, 2017 11:45 AM
If it's your ISP that does this, you're probably screwed.
*puts on tea*
*fires up laptop*
*fires up OpenVPN*
Fuck you, Commiecast. That's a bough and paid for VPN. The free ones are scraping information from you, too.
Or are operated by intelligence services.
That's why it takes a law to ensure privacy.
Oh, that'll be great. I'm sure the government won't mandate that the ISPs share that data with the government.
I R A Darth Aggie at March 30, 2017 1:45 PM
Using a VPN is an excellent privacy-enhancing choice, and for most
practical purposes does the job. Just know that it's not a
guaranteed cure-all.
>While using a VPN will help stymie efforts by your ISP to screen and
>capture the bulk of your internet use, the reality is that it won’t
>protect you entirely if someone’s really out to have a look at what
>you’re up to.
>
>Security researchers have demonstrated that the mere pattern of
>internet traffic volume — when you send data and how much, without
>any regard as to where — can still give external viewers a pretty
>big glimpse into what you’re probably doing.
>
>Other studies have also found that the amounts of data that travel,
>and the patterns in which they move, can tell a savvy watcher a fair
>amount about what you’re doing online.
>
>Even if you protect the content of your communications, then, you’re
>still pushing enough bits and bytes through your ISP that if it
>wants to develop the tools to figure out what you’re up to, it can —
>and now no law or rule exists preventing them from using that data
>in whatever way they choose.
https://consumerist.com/2017/03/30/without-internet-privacy-rules-how-can-i-protect-my-data/
Also note that Comcast has been known to block or throttle VPN for
non-commercial customers. I'd cite URLS, but that would make more
than one in a single post. Just do a search on "comcast block vpn".
Ron at March 30, 2017 10:07 PM
Leave a comment