After much criticism and condemnation, President Donald Trump signed the repeal on ISP and consumers’ online privacy protections. The repeal rolls back the FCC’s rules established during the Obama administration that would have restricted the data that ISPs could gather and sell on their customers to advertisers and other third parties.
When the vote passed last week, it was panned by privacy advocates and academics as a step backward. Nevertheless, Trump put pen to paper on Monday night and made it official. It introduces a whole new level of uncertainty around online privacy for Americans.
For the telco sector, the law change is a big win though. In their view they can now compete with Facebook and Google in the business of selling user data to advertisers.
What does this mean for the average internet user and ISP customer? There’s a sense of the unknown around what will happen to your online privacy but here are five ways your privacy is under threat and how you can respond.
1. Don’t take your ISP’s word for it
It might seem like you just have to take your ISP’s word that it will not sell your data on to third parties. Verizon operates two programs that provide aggregate “de-identified information” to advertisers but says it does it not sell personal browsing data. Last week, Verizon, and two other major ISPs, AT&T and Comcast, said that they would not sell customers’ browsing data to advertisers despite the rule changes.
These comments were made after the vote but before Trump signed the repeal. Customers of these ISPs will need to hold the companies to account on these promises.
2. Privacy policies can and will change
There’s no strict formal rule governing how ISPs will treat your browsing data. While Comcast and AT&T may tell you that they will not sell this data on, privacy policies can be changed at any time. Customers can be given an opt-out function but they need to be fully aware of that.
By using an ISP’s services, you have most likely given the nod to an agreement, perhaps without knowing what data will be collected and sold. Often opt-in agreements by default can have bad consequences. Double check what you have opted-in for and seek out ways to opt-out if possible.
3. Not to mention the security risks
Things get hacked. That’s the world we live in now. Cybersecurity experts have raised concerns over ISPs scooping up huge amounts of browsing information—which would include a lot of sensitive data—and storing all of this in a large database for future use. It creates an enticing target for hackers to exploit. Likewise, if more ISPs start injecting targeted ads into your browsing experience, it opens up another avenue for exploitation by malicious actors.
4. You can get some added protection
In the days after the Congress vote on the matter, there was a noticeable uptick in searches for security software like virtual private networks, or VPNs. The makers of the Opera browser (which comes with an in-built VPN) claimed that its US user numbers have doubled recently. Twitter’s general counsel Vijaya Gadde even tweeted “Time to start using a VPN at home” after the vote passed, which was retweeted by CEO Jack Dorsey.
VPNs funnel your internet traffic through various servers to, in theory, obfuscate the data from prying eyes. The software is favored in countries with oppressive internet regimes like China and Turkey but has become increasingly popular in recent times. But not all VPNs are created equal and some offer more protections and commitments to privacy than others. There is no such thing as a silver bullet.
5. The fight for a free and open internet continues
The rollback of internet privacy protections is just the latest salvo in a battle that will wage for some time over security and privacy online. This week Tim Berners Lee, inventor of the world wide web, received the Turing Award, the “Nobel prize of computing”.
After accepting the award, he branded the repeal as “disgusting” and condemned efforts by the US and UK governments to weaken encryption, which would further erode our privacy online. But he also said in an interview with The Washington Post that just using VPNs wouldn’t be enough to merely protect yourself and that more people need to take to the streets to directly protest any attempts to curtail internet freedom and privacy.