It’s Not Government’s Job To Hide Your Browsing History, It’s Yours

It’s Not Government’s Job To Hide Your Browsing History, It’s Yours

The problem is not whether the proposed Internet privacy rules were good for consumers, but that they would be easily circumvented with the shell game of corporate subsidiaries.
Adam Rusch
By

If you follow tech news, you’ve probably heard that your Internet service provider (ISP) is now allowed to give away your private browsing history. They may share it with their partners, sell it, or use it for customized advertisements as they see fit. Privacy groups are decrying the decision as an unprecedented invasion into user rights, but I’d like to explain why it is actually a good thing.

Earlier this month, President Trump signed into law a “congressional review” bill that repealed last-minute Obama-era Federal Communications Commission internet privacy rules that limit how ISPs can use your personal browsing. The review bill passed on a party line, with no Democrats voting for and more than a dozen Republicans in the House voting against. President Obama’s FCC appointees had approved these Internet rules but they had not yet gone into effect.

Should Republicans count this as a victory? I see little reason why they should. As civil libertarians and cultural critics have noted, there is no citizen constituency for this rule reversal. The Electronic Frontier Foundation (EFF) has been outspoken against it, pointing out that this not only reverses the Obama-era rules but also prevents the FCC from making rules to police ISPs in the future. Late-night comedians like Stephen Colbert lampooned Republicans for supposedly selling out to corporate sponsors. “No one in America stood up at a town hall said, ‘Sir, I demand you let somebody else make money off my shameful desires! Maybe blackmail me someday.’”

To be fair, the ISPs have a leg to stand on when they point out that the rule unfairly targeted them without including companies like Google, Facebook, and Apple. Since these companies provide search engines, social profiles, and computing ecosystems, they don’t fall under the same sorts of regulatory schemes as ISPs.

AT&T’s top lobbyist, Bob Quinn, made the case, “If the government bans the ISP from that data but allows, for example, OS providers, app developers and everyone else who has software running on your phone to collect your location and internet data, use it, share or sell it, that does not protect but rather confuses the consumer.”

The Devil Is in the Internet Privacy Details

The problem is not whether the proposed FCC rules were good for consumers, but that they would be easily circumvented with the shell game of corporate subsidiaries. As an example, Google Fiber is a broadband company that offers fiber-optic Internet service. (While they keep their official numbers close to the chest, they are reported to offer service to more than one million households in the Kansas City metro alone.) “Google Fiber” is a separate corporate entity from regular old “Google,” which offers Web searching and Gmail, even though both still fall under the same umbrella of Alphabet, Inc.

If the FCC privacy rules had been allowed to go into effect, Google Fiber would not have been allowed to collect your browsing history and use it to target you for ads. However, you need a Google account to sign up for Google Fiber as your ISP. When you are logged into your Google account, Google will track most of what you do: every web search, every YouTube view, and every time you visit another website that is using Google Advertisements to interact with the Google cookie in your browsers.

Other companies have and will be following suit. Verizon bought AOL in 2015 and is putting the finishing touches on a deal that will merge Yahoo into the unit as a new web services company. Verizon has already migrated its email users over to this unit, and adding Yahoo will allow them to be much more like Google. This is another example of a company that would not have been affected by the FCC rules. Do we have any doubt that Comcast would follow suit—or are they called Xfinity now? Let’s try to keep up.

The thing about web services and cookies is that we voluntarily give them access to our personal information. Sure, it’s done as part of a long user agreement that we just scroll through to find the accept button, but willful ignorance is no excuse for allowing our information to be exploited. Even if we hit the decline button there is no guarantee that the system administrator will respect our wishes, as we have caught Verizon before accessing the data of people who had opted out.

As in life, our government can make as many laws and regulations as we wish, but it doesn’t mean we will be protected from bad actors. Each of us needs to realize that we are responsible for our own digital security by taking reasonable precautions in the same way we do in the physical world. We should not expect that our ISP is going to protect our privacy from themselves, their advertising partners, or even from malicious hackers who might use their network to exploit our systems.

In Colbert’s monologue he compares the situation to a hotel that says, “Yeah, you can stay here, but head’s up: we don’t lock the doors.” This is actually a very good analogy, even if not in the way he thought.

When we stay in a hotel we all know that the front door is not locked. We should assume that every employee has access to the master key that would allow him or her into our private room. That’s why we should secure the privacy bar when we go to sleep at night and lock our items in the safe when we leave. And if that hotel has a Samsung SmartTV in the room they may also be allowing hackers to get videos of us doing whatever it is we do in bed.

Here’s How To Start Being a Responsible Internet User

Perhaps in a better world we would have independent ISPs that are proud to offer privacy protection, but it’s not going to happen until users make it more economically valuable to not sell our information to advertisers. Every technology is influenced by the values of its creators, whether it is personal values or a market incentive. The market incentive already exists to collect and distribute our personal information so we need to find ways to make sure it is never collected in the first place.

If you are looking for away to secure your digital life, the first thing you can do is visit the Electronic Frontier Foundation and read their tips on protecting your Internet privacy. Be sure you understand the roles that Internet cookies play in tracking your online movements and how HTTPS protocol provides a secure connection between your system and your destination on the Web.

Be sure you understand where you, as the user, fit in the financial scheme of the service you are using. If you aren’t the customer, you are probably the product. Facebook and Gmail are free because they know so much about your habits that merchants and advertisers can easily target you with products you may want to purchase. They are paid handsomely for that information.

If you wish to opt out of directed advertising, consider using an ad blocker extension for your browser. Adblock Plus is an open-source project that filters advertisements from webpages, with the exception of a small subset of “certain non-intrusive ads” (which they describe as a way to promote ethical advertising). uBlock Origin is a harsher alternative that offers no exceptions except those made by individual users.

Of course content creators still need an incentive to produce. Think about what media you want to consume and the fact that if you opt out of the advertising ecosystem you should probably find another way to help pay your share. Perhaps you should go ahead and subscribe to your local newspaper to get web access. Consider signing up for one of the excellent (and modestly priced) newsletters being offered by The Federalist!

Finally, look at ways you can completely mask browsing information from your ISP. You can use the free open-source project TOR (The Onion Router) to mix your traffic with the traffic of millions of other users in a way that makes you anonymous. For a more reliable solution you may want to pay for a personal VPN (Virtual Private Network) connection that protects your identity. Make sure you use an unbiased source to evaluate the different companies offering services.

While it’s not good that our Internet usage data is up for grabs by so many entities, it is good that we are having this discussion about ways to make it better. Hopefully better laws and regulations will be put into place to prevent privacy abuses, but they won’t matter unless we all do our part to make the digital world a better, safer, and more secure place.

Adam Rusch is a PhD candidate in education policy, organization, and leadership at the University of Illinois at Urbana-Champaign. He may occasionally post on Twitter @adamrusch.

Copyright © 2019 The Federalist, a wholly independent division of FDRLST Media, All Rights Reserved.