Congress kills FCC Internet privacy rule: Help states resist

by Georgia Young Contributions — Published on Apr 13, 2017 03:02 PM

The United States Congress and President Trump have killed a new Internet privacy rule adopted by the Federal Communications Commission (FCC) late last year, but state legislators have stepped in to try to fill the gap.

On April 3, Trump signed in to law Senate Joint Resolution 34, nullifying broadband privacy rules that were to take effect at the end of 2017, and preventing the FCC from introducing similar rules in the future. This leaves Internet users in the United States with little recourse if their Internet service providers (ISPs) want to collect and even sell information about their Internet activity. By 2015, more than half of all broadband customers in the United States purchased from a single company, in part due to monopolization of broadband offerings.

The right to use the Internet without fear of indisciminate bulk surveillance is an important aspect of software freedom. We've spoken out against mass surveillance by governments before, and when people's options for Internet access become limited to a few huge companies, they become more vulnerable to the possibility of having records of their Internet activity collected.

The new rule would have required ISPs to protect individually identifiable customer proprietary network information (like application usage and geolocation), personally identifiable information (including physical address, date of birth, and government ID numbers), and content of communications (like the text of an email or the audiovisual information in a video chat). It would have prevented your ISP from selling that information to marketers, redirecting your searches (presumably in exchange for payment by a third party), and doing other uncomfortable things without having to tell you what they are up to, as EFF describes. Not having such protections in place is doubly creepy because many ISPs require the use of modems that only work with proprietary software that keeps you from knowing everything the modem does.

The good news is, some state lawmakers have already stepped up to secure Internet privacy for their constituents at the state level. In Minnesota, Senator Ron Latz successfully added an amendment addressing the collection of customers' personal data by ISPs to a bill under consideration. In Washington state, bills in a similar spirit have been introduced in the Senate and House. The Center for Democracy and Technology reports on several other state-level efforts to counter Joint Resolution 34 currently under way.

If you live in the United States, you can support these state level efforts by calling, writing, or emailing your legislators:

If a bill has been introduced, and they support it: thank them and tell them why this issue matters to you
If a bill has been introduced and they do not support it (yet): tell them why they should
If no bill has been introduced (or your legislature is not currently in session): tell them why they should introduce a measure

And wherever you are, now is a good time for a refresher on how to protect your privacy online. Here's three easy but important steps to take:

The FSF's Email Self-Defense Guide will help you learn to protect your email communications by using GnuPG to encrypt them.
Always use HTTPS to encrypt your Web traffic from being read by anybody but the browser and the server of the site you're visiting. EFF's HTTPS Everywhere is a browser extension that will help you do this automatically.
Use Tor. Recipient of the 2010 Free Software Award for Projects of Social Benefit, Tor may offer the greatest protection from tracking by your ISP. You must still take precautions to encrypt your Web traffic in concert with Tor.