U.S. Congress Just Voted to Legalize the Sale of Your Internet Data
The 28th of March 2017 might be a day to go down in history as the day The U.S. House of Representatives voted to repeal Obama's Internet Privacy Regulations. The motion was won with a majority vote of 215 to 205. This will roll back the yet-to-take-effect regulation initiated by the leaving Obama Administration. This regulation would have mandated Internet service Providers to, the likes of Comcast and Time Warner, to get approval from consumers to sell personal data to marketers and other data buyers. You can read the full story on NPR for full implications to you personally. To opponents of the existing Regulation, they were seen as an executive overreach by the former administration. But who is right?
The vote on the Congressional Review Act (CRA) resolution repeals core internet users' privacy protections that were put in place by the FCC in 2016. The dismantling of the nascent privacy protections had already been passed by the Senate last week. Now that the senate has agreed with the decision, internet service providers such as AT&T, Verizon and others previously mentioned will be able to sell customers "sensitive information" without needing to ask users or them being knowingly opt-in.
[Image Source: Pixabay]
What the Internet Privacy Regulations would have meant for you
Up until Tuesday these regulations, adopted by the FCC last year, would “establish a framework of customer consent required for ISPs to use and share their customers’ personal information… calibrated to the sensitivity of the information”. Internet users had been protected against the sale of their personal information via opt-in and opt-out policy, as it is a common condition of use for many internet based sights and apps. This includes information such as "precise geolocation, financial information, health information, children’s information, social security numbers, web browsing history, app usage history and the content of communications.”
Opt-out level information, which is deemed far less personal, includes data such as your email address and "service tier information". This requires the user to actively opt-out of letting your ISP share this kind of information about you. The CRA is effectively a law that “empowers Congress to review, by means of an expedited legislative process, new federal regulations issued by government agencies and, by passage of a joint resolution, to overrule [those regulations]”. This means that, in any case, congress can remove the rules put into place by the FCC. This resolution also seems to weaken the FCC in passing future laws.
[Image Source: Pixabay]
The repeal was proposed in order to readdress some concerns that the FCC had overstepped its bounds and that such regulations should be up to the Federal trade Commission for regulating privacy. Rep. Marsha Blackburn said that allowing the FCC and FTC to regulate different parts of consumers' internet use "would create confusion within the Internet ecosystem and end up harming consumers."
This view was echoed by the chairman of the FCC, Ajit Pai. He stated that the regulations picked "winners and losers" and benefited certain companies over others. Ajit Pai, FCC Chairman, was appointed to the FCC by President Obama in 2002 and then elevated to Chairman by President Trump.
NCTA, The Internet & Television Association stated that the ruling "marks an important step toward restoring consumer privacy protections that apply consistently to all Internet companies." The Center for Democracy and Technology, on the other hand, have argued that "[congress] voted today to erase basic privacy protections for Americans in favor of the internet service providers' (ISPs) bottom line,". They further argued that the regulations were "common-sense privacy and security protections for some of their most sensitive personal information."
By winning the vote in congress, lawmakers effectively precluded the FCC from restoring these rules in the future.
Why the repeal of Internet Privacy Regulations is such a big deal
Some representatives of congress also have further concerns. They believe that this CRA resolution is a preliminary assault on the FCC's rules for net neutrality. This protects and promotes an open internet that was put into place in 2015. This means that it, effectively, establishes rules for the keeping the internet in the U.S. untainted by ISP's by denying them from blocking lawful content and throttle certain websites. They could have done this by decreasing data delivery speeds or "pay for play" tactics like receiving money to increase the delivery speeds to other sites, akin to fast lanes. “The big broadband barons and their allies are firing their opening salvo in the war on net neutrality and they want broadband privacy protections to be their first victim,” - insisted Senator Ed Markey.
By eliminating this requirement to obtain consent from users will obviously, potentially, be very lucrative for ISPs. The relatively untapped aquifer of user data can be sold to advertisers so that they can more effectively target consumers. The information could be sold to the highest bidder resulting in effects to other areas aside from the more benign advertisers. Personal medical information could be given to health insurance providers, for example. Whilst companies the likes of Facebook and Google already sell your pertinent information for marketing it has been argued that the CRA resolution makes that process much easier.
[Image Source: Pixabay]
The ruling is clearly a major loss for privacy advocates who fought to get the regulation passed in the first place. Its passing is, however, definitely a victory for ISPs who had argued that the regulation put them at a disadvantage compared to so-called edge providers like Google and Facebook. They believed that these giants were effectively legislated to have a government approved monopoly in this area. As giants such as Google were regulated by the FCC and hence faced less stringent requirements.
Ajit Pai said in a written statement that “[his] view is that there should be a comprehensive and consistent framework for protecting digital privacy. There should not be one standard for Internet service providers and another for other online companies.”
Whichever side of the coin you are on the CRA resolution is certainly a big deal. But what do you think about this CRA resolution aimed at repealing the FCC’s consumer protection rules?
Let us know your thoughts in the comments below!