April 6, 2017
On this episode of The Digital Life, in light of Congress overturning online privacy rules created by the FCC, we discuss the potential consequences of corporations tracking people’s online activities and selling their data. Last week, House Republicans overturned privacy rules — slated to go into effect later this year — that required broadband providers to receive consumers’ permission before collecting data on their online activities. Because consumers often don’t have many options for high-speed internet providers, and because ISPs can monitor nearly everything about consumers’ digital lives — from the sites they visit to the applications they use — these rules were seen as a privacy backstop, giving people the power to prevent companies from profiting from their personal information.
Congress Moves to Overturn Obama-Era Online Privacy Rules
Those rules which were supposed to go into effect later this year, required broadband providers to get consumer’s permission before collecting data on their online activities. It’s gone through both the senate and the house, so now we’re expecting that President Trump is going to sign that bill into law, which effectively-
That bugs me a bit because, we’re not talking about just internet access anymore for your computer, where you’re actively going to websites. There are all kinds of applications that regularly make calls to remote servers, where you’re not even aware that that’s happening. Additionally, with all of the connected devices that are starting to permeate our homes, in other aspects of our lives, there are an awful lot of things where your connected device is part of this larger ecosystem of devices, and you really just have no warning about when or where those devices are going to connect.
To give an example, there are all kinds of medical related devices for instance, that may be making occasional calls to remote servers. That’s not a problem if you’re ISP is more or less treating this anonymously, but the minute that that could be matched to a real consumer data, and then sold to the highest bidder, I think that’s a little questionable. So that I have some difficulty with.
The complaint that underpinned this repeal was that there were two sets of rules for online entities. So there’s your Google and Facebook, which are regulated by the FTC, and they have slightly more loose regulations compared to these FCC rules. What that doesn’t take into account is that often times when you’re using Google or Facebook, you’re very well aware that you’re using Google and Facebook. And while not all their services necessarily have this opt-in for permissions, people are certainly cognizant of the benefits and the detriments of using these, and what kind of data is going out the door.
With your ISP, literally everything that’s going out of your computer could be subject to some kind of monitoring, whether it’s directly what that traffic is, or just where it’s going to. Now I don’t want to exaggerate the dangers here, certainly the ISPs have their privacy policies and are looking to adhere to those and make the consumers feel safe about it, but they wouldn’t be cheering this rule repeal so loudly, if they really wanted it to be difficult to sell your information. This would not be a celebratory moment for broadband providers if this didn’t make it a hell of a lot easier for them to manage and sell your data.
That’s the brave new world that we’re going into, is a world where your broadband pipe might also be harvesting bits and bytes of information as you’re using that utility. And I don’t know that I like that, and I’m definitely going to be looking into ways that I can ensure my privacy online, for sure. In particular, I am very much attuned to the fact that we’re going into the next era of computing, where computing is not so obvious. It’s more built-in to the everyday things around you.
I think this rule rollback is coming at exactly the wrong time. Dirk?
Look, it’s timely and it’s scary in the theoretical breadth of how we may imagine this could be taken, or what this is. But this is just the latest frontier in a multi-decade long de-privatization of personal data as relates to things again, from purchase history now through to browsing history.
We’ve talked about it on the show before, where what we should be afraid of is the fact that the ISPs have everything. Guess what, now legislation makes it so that we should be afraid that the ISPs have everything. But I didn’t need legislation to tell me that. I’ve taken for granted, I’m not going to be a politician, or I’m not going to be some number of things, because the long and sorted history of my time online, could be twisted and decontextualized to make me look like a deviant.
That exposure was always there, the fact that it becomes more real, it doesn’t effect me. It may effect other people who are more about what the risks were beforehand, but I knew this shit was out there. I knew this exposure was there. For me personally, what it has led me to do, a long time before now, is just to be at peace with everything I’ve ever done.
So if my stuff would come out, if somebody tried to embarrass me, humiliate me, blackmail me, I’m going to own it all, and some of it aint pretty, but I’m going to own it. Like, “Yeah, I looked at those things. I did those things. This is why I did it. If you want to judge me, fuck you. This is the way it is.”
In my opinion, that’s how we all should feel. For people who’s behaviors would extend into the criminal, who the legal system won’t allow to feel that way, I’m sorry for you, but that exposure, there’s some non-trivial likelihood of that exposure coming to surface. So you better figure out how you’re going to spin it or how you’re going to live with it, if and when it does.
Legislation aside even, I mean the reality of these things is … Before digital, before data, before all of this shit, there’s the old axiom, the truth will set you free, and that the truth seeks to be out there, right? That’s just the reality of it. Now that all of these bits and bytes are stored with all of this stuff, it kind of just wants to be out there. It wants to be the next Ashley Madison scandal, to talk about an example of where embarrassing information for some people came out some years ago.
Should the law makers have laws that keep this stuff private? Probably. I mean, it’s in the best interest of the nation if for example, there’s not things that are leading to blackmail, or even more straightforward, things leading to people being rooted and identity thefted. That stuff should be minimized. So yeah, on a legislative front, we probably just took a turn in the wrong direction. But come on man, if you’re data is out there being captured, it’s going to get out. Let’s not get all in a tizzy here.
This is how it’s been for a while. If you think otherwise, you’re really being a little bit naïve. Maybe you should ask yourself, “If I’m surprised by this, what else is there about my digital footprint, that just is the reality that can and will bite me at some point, if I end up mattering in any meaningful way, and how do I make peace with it.” I’ve made peace with it Jon.
I also think this is a lan grab, when it comes to data ownership, because the suggestion is there that because you’re on the ISPs pipes, that anything that is going to and from your computer, they can have eyes on, and own that information. I don’t like that supposition because it suggests that aspects of my digital life, because I’ve decided to use your … The water flowing through your plumbing for this part of my access, it’s making I think, a dangerous supposition that the ISPs have some right, without asking me. That they can just use this data willy-nilly, how’d they’d like to do that.
That, I think as we continue to develop our digital lives, and think about all of the data that gets collected over a lifetime, I’m very much of the opinion that the consumer should have some ownership in that data. We can talk about the different aspects of that. Maybe my browsing data, I don’t feel as strongly about as say my medical data, or my genomic data, or what have you.
But there are definitely flavors of more sensitive information that you could determine by looking at my browsing. So if you’re going to WebMD, and you’re looking up diabetes, or whatever, there are … Depending on-
But in the theoretical, I mean, if I can pay one amount for internet access where they can do with my data what they please, or within certain parameters. Or I pay another rate, so that the data’s completely mine. That feels right to me. That a company could choose to offer internet service, and offer a package that if the user opts in, that they can monetize the data, and they’re charging less to the consumer.
Whereas there’s another service, where if I don’t want my data shared, they can have a business model where I’m having to pay them more for the access, but then my data is locked down. To me that feels correct. I don’t think there’s anything inherent in data that makes it absolutely prohibited to be used by a company, so long as my consent is part of it. As long as I’m aware of what’s going on, my purchase and use of a system, that is so using and monetizing my data, from my standpoint I’m no lawyer, but that feels like consent to me.
Or is it like, “Hey this is critical. You have to have water.” So if internet is more like water, then your going to get these regulations coming back. Although I think there’s some niceties to this regulation repeal that makes it very difficult to bring it back, which is unfortunate I think. But yeah, I do think that we’re probably not paying enough attention to some of the intricacies here that are just being rammed through. I have concerns going forward, but I guess just have to be a better informed consumer. Not much other choice.