Is this week’s congressional vote against Internet privacy rules something to be concerned about? In a word, maybe.
This week, in a truly partisan vote, both the House and Senate voted to repeal Federal Communications Commission rules that would have significantly improved Internet privacy. The interesting thing to keep in mind is that these rules have never been in effect. They were passed in October before the presidential election, but have never been implemented. In other words, Congress repealed rules never enacted to begin with.
Some are worried the data associated with what websites you visit will now be available to parties you do not want to have it. They key issue is that ISPs do not need your permission to collect, share and/or sell this information.
The new rules would have required ISPs to get your consent to collect this data as well as share or sell it. By default, they would not be allowed to do so, unless you expressly gave them permission to do so. Currently, both before and now after this week’s vote, ISPs do not need to tell you whether they are doing this or not. This is how it has always been, so the repeal really changes nothing. On the other hand, the repeal does insure your privacy is not being protected and your ISP has the right to collect and use this data however they wish.
So, should you be concerned? You already should have been. That’s the reality. How you feel about Congress repealing rules that would have given you protections you may have thought you already had is another matter entirely. Can you do something about this? Yes.
You can let your congressional representative know how you feel about their vote. You may also take steps to protect your privacy, though there is no guarantee the ISP will respect your wishes, without regulations that require it to. That’s an unfortunate reality of a system that relies heavily on targeted advertising. You should be able to contact your ISP, by phone or through its website and opt-in to any privacy controls they offer. Most do and opting in will require them to not collect and sell certain data. It’s a reasonable step to take, but they are not obligated to comply even though they should.
In some respects, this is like the Can Spam Act that was supposed to restrict the amount of spam targeting your email address. If you opt-out of receiving unsolicited email, it is illegal for a company to keep you on their email lists and send you unsolicited messages. Despite the law and systems that allow you to unsubscribe, not all companies follow the law and remove you from their lists. You are also not supposed to be added to email lists without opting in, yet I’m sure you have been.
There are technologies you could employ to help protect your privacy, but they are not necessarily user friendly for most people who use the Internet. Virtual Private Networks, or VPNs, encrypt and to a certain extent hide your online activity. However, this is not complete anonymity. Your online activity is still known to the VPN provider and perhaps others.
This action will surely spur some innovations that may provide the average Internet user with more control over protecting their online privacy. For now, you should opt-out of any policies that provide third parties access to your online activity. You should use encrypted connections whenever possible and just be generally smart about what you do online.
One final thing to note: These rules did not apply to search engines and social media sites. Those companies remain able to collect and use your activity on their sites for targeted ads. Even if these rules went in to place, Facebook will still know what you’ve been shopping for and will show you ads from companies that want your business. We live in interesting times.