FCC Boss Moves To Kill Broadband Privacy Protections. You Know, To Help The Little Guy.

from the Comcastic dept

New FCC boss Ajit Pai, apparently taking a break from paying empty lip service to the poor, has quietly announced the FCC will be killing consumer broadband privacy protections before they even have a chance to take root. Hoping the news would get lost in the pre-weekend hustle, the FCC quietly circulated an e-mail on Friday stating that the agency would be moving to kill the rules before they arrive March 2, just as large ISPs had demanded.

The FCC statement starts by implying that eliminating FCC oversight of broadband privacy (leaving the FTC as the lone cop on the beat) is more consistent and efficient:

“Chairman Pai believes that the best way to protect the online privacy of American consumers is through a comprehensive and uniform regulatory framework. All actors in the online space should be subject to the same rules, and the federal government shouldn?t favor one set of companies over another. Therefore, he has advocated returning to a technology-neutral privacy framework for the online world and harmonizing the FCC?s privacy rules for broadband providers with the FTC?s standards for others in the digital economy. Unfortunately, one of the previous administration?s privacy rules that is scheduled to take effect on March 2 is not consistent with the FTC?s privacy standards. Therefore, Chairman Pai is seeking to act on a request to stay this rule before it takes effect on March 2.”

This idea that the FTC should be the only regulator overseeing ISP privacy comes from the telecom industry itself, which has repeatedly tried to claim it’s unfair to “burden” ISPs (many of which are trying to get into the ad and media industry) with FCC regulations not faced by the likes of Google and Facebook. The problem: they’re ignoring the fact that while users can switch search engines or services if they’re unhappy with Google or Facebook’s privacy practices, a lack of competition often means users have no such luxury when it comes to broadband ISPs. Thus, specific rules large ISPs pretend they don’t see the reasoning for.

Meanwhile, the big push to have the FTC alone oversee broadband privacy is rooted in the knowledge that the FTC is (a) overworked and underfunded, and (b) has no rule-making authority. Now ex-FCC boss Tom Wheeler had this to say about this GOP and Trump FCC “modernization” effort in a recent, candid interview:

“It?s a fraud. The FTC doesn?t have rule-making authority. They?ve got enforcement authority and their enforcement authority is whether or not something is unfair or deceptive. And the FTC has to worry about everything from computer chips to bleach labeling. Of course, carriers want [telecom issues] to get lost in that morass. This was the strategy all along. So it doesn?t surprise me that the Trump transition team? — ?who were with the American Enterprise Institute and basically longtime supporters of this concept? — ?comes in and says, ?Oh, we oughta do away with this.? It makes no sense to get rid of an expert agency and to throw these issues to an agency with no rule-making power that has to compete with everything else that?s going on in the economy, and can only deal with unfair or deceptive practices.”

In other words, the pretense for Pai and friends is “efficiency,” when the reality, as has long been the FCC’s overarching MO, is to protect large ISPs like Comcast, Verizon and AT&T from real accountability and oversight. That’s a problem when it comes to an uncompetitive industry where the nation’s biggest carriers have no organic checks and balances on their increasingly unethical privacy practices. You need either real competition or reasonable regulators, and as these ISPs’ historical behavior makes clear, you run into problems when revolving-door regulators want neither.

The FCC rules themselves were passed last year and are relatively simple; ISPs must disclose what data they’re gathering and who they’re selling it to. In a few instances, users need to opt in if ISPs want to share more personal financial data. The telecom and ad industries whined about the rules, but the FCC only acted to create the rules after Verizon was caught covertly modifying user packets in order to track user behavior (without informing them or providing working opt-out tools), and AT&T and Comcast began making it clear they wanted to charge users a premium for privacy.

The telecom industry had its chance to self-regulate on the privacy front, and showed repeatedly it wasn’t capable of actually doing so. Repeal the FCC’s privacy rules, and there’s literally nothing standing between you and Comcast when it comes to privacy except an overworked (and likely to be similarly and intentionally hamstrung) FTC incapable of picking up the slack. That’s certainly great for Comcast. It’s less great if you’re a broadband consumer actually looking to have some amount of control over how your personal data is collected and shared in the gigabit era.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “FCC Boss Moves To Kill Broadband Privacy Protections. You Know, To Help The Little Guy.”

Subscribe: RSS Leave a comment
That One Guy (profile) says:

Absolutely right

Pai is most certainly right, rules should be consistent across the board, with no need to unnecessarily complicate things simply because trifling details might differ.

For example, in the interest of providing a fair and level playing field…

Bikes should be required to meet any and all requirements that cars are under(seatbelts, blinkers, license to use), because both bikes and cars have wheels and are used for transportation. Alternatively, car manufacturers should’t be burdened by unnecessary regulations and rules that bike manufacturers don’t have to follow for the same reason.

People can talk without any bothersome regulations in place, they can even communicate via the highly technical method of two cans and some string, and as such phone/telecommunication companies shouldn’t be saddled with burdensome regulations that just get in the way of better serving the customer.

You can take a canoe out on the lake without filing out countless forms and going through the hassle of safety checks or anything absurd like that, and as such larger boats such as those used for shipping shouldn’t be unfairly forced to deal with those sorts of things either. A boat’s a boat after all, it makes no sense to treat one different than the other just because the structure might differ a tiny little bit.

Also Anonymous says:

Re: Netzero anyone?

The idea for Netzero was you get to use the internet and we get to advertise. This here is you overpay for a service and you don’t have any real option other than one or two alternatives unless you are lucky, and then they go through your information to resell it to other people, who you may or may not know who it is, who then use it or sell it onto others. So you are paying to have your private information sold onto others with no control over it, definitely not Netzero

Anonymous Coward says:

if you want to help protect NN and privacy rules you should support groups like ACLU and the Electronic Frontier Foundation and Free Press who are fighting to keep Net Neutrality and privacy rules.




also you can set them as your charity on https://smile.amazon.com/

also write to your House Representative and senators



and the FCC


Anonymous Coward says:

Doesn’t a encrypted VPN turn any ISP into a dumb pipe? The only draw back I’ve seen is that if you do a lot of commenting on sites like these, you’ll get moderated quite a bit as the trolls like to use them too.

I would think also, to some degree, the market itself may provide said privacy with tools like the VPN/adblock/ browser plugins and such. People like their privacy, learning about and using the tools to ensure privacy may be just as effective if not more so than regulation no?

Anonymous Coward says:

Re: Re: Re:

“I don’t think so. With regulation, an ISP would have to knowingly break it and takes some effort. “

Isn’t their a law about breaking encryption? I would think that their would be, but I’m guessing here.

“For a user, if they don’t have an always on VPN setup at the router, then the one time they forget to start up their VPN client, their privacy is lost.”

I don’t know. I would think this would be a feature not a bug. Sometimes; I don’t want/need my anonymity. Others I do. Either way I get to decide. Not the Gov., not the ISP. I do. I feel somewhat empowered by that.

Anonymous Coward says:

Re: Re: Re:

Your “No” doesn’t make since. The amount of effort they would have to go through to make any of these, or any combination of these a prime method for tracking millions of people would hardly be worth the effort. Aside from that; There are counter measures for any and all of these things. It would start the most expensive game of wack a mole since the AA’s took the field. That seems more likely to curb the tracking companies more than government regulation or agencies. Hell, the Government is one of the ones trying to track you in the first place. You’ve got the NSA (Government) scooping up ALL the data at will. Then we have the FCC trying to protect us from the nasty corporations. How about they start with cleaning their own house?

Baron von Robber says:

Re: Re:

Yes. None of us will ever see the post you made that I’m replying too.

Look, just send Mike a private message that your dick loves him and that you wake up thinking about Mike. You think all day about Mike. And when you go night-night, you hope the the Sandman will give you a dream about being with Mike. Who knows? Maybe Mike plays for both teams.

Tronald Dump says:

FCC Mandates are not negotiable...

Hey, you there, Ishit Poo, I think you’re forgetting something.

The mandate behind the entity known as the FCC has to be followed regardless of how much you’re being paid by AT&T, Verizon, Sprint and T-Mobile.

The FCC is not your private barony, it’s a government entity, with *RULES* you have to follow.

Pull your face out of the big 4’s collective ass and do the job as mandated by the FCC guidelines.

If you can not or will not, then you must step down or be pushed down, hopefully it won’t hurt too much when your face hits the piles of shit that you’re corporial form is composed of.

That One Guy (profile) says:

Re: That's downright mean

That is an unfair and absolutely uncalled for comparison. Piles of shit can actually be useful, serving to help the public by increasing crop yield in the form of fertilizer.

Piles of shit have a bad enough rap as it is, they don’t deserve to be lumped in with the likes of corporate bootlickers like Pai.

I.T. Guy says:

Re: Re: That's downright mean

How funny… in my previous comment.

[Takes deep breath] Can you smell the greatness?

I was going to mention that in my area the farmers are getting the fields ready for planting. And how I indeedly do smell the “greatness” in the air. I didn’t think anyone would make the connection.

So in comparison bos taurus fecal matter is much much more useful than Pai. Smells better too?

Anonymous Coward says:

Re: Re: FCC Mandates are not negotiable...

Pai seems perfectly fine with FCC getting closed. Right now he is removing the raison d’etre for FCC. It is alright to throttle, artificially increase the cost of using the internet outside of the ISPs walled gardens and give no fox about expanding coverage/upgrading. I think other things like limits on unlimited plans will get shut down by FTC, but the future of ISPs as gatekeepers making money from both sides of the fence is here. The copyright industry is laughing at the opportunities (gatekeepers = responsibility to act. You know the song and dance)…

The Wanderer (profile) says:

All actors in the online space should be subject to the same rules, and the federal government shouldn’t favor one set of companies over another.

This is actually quite true! Barring extreme circumstances such as a monopoly position, all actors in the same market should be subject to the same rules. (I say "market" rather than "online space" both because this applies equally well to offline contexts, and because the "online space" actually represents many different markets.)

The snag is that a company providing a connection to the Internet is not operating within the "online space". That company is operating between the "online space" and the rest of the world.

All actors within that market should be subject to the same rules, but the rules to which they should be subject are not the same as the rules to which those operating within the different market that is the "online space" should be subject.

(There’s actually a lot more to it, in various crannies of the above – to do with things such as "natural monopoly" and "network effect" and "pro bono publico" and "non-profit" and so forth. But that’s a decent overall short summary.)

As it happens, most of the companies involved in this fight – including, if I understand correctly, both Google and Facebook – fall into both categories: they both provide access to the Internet, and provide services on the Internet. Those different parts of their business should be regulated separately, according to the different rules which apply to those different markets.

JimBob says:

Re: Re:

Why in the world is no one screaming about wiretapping laws? USPS cannot open my mail to do behavioural analysis, they cannot sell that information for marketing purposes, or build profiles on me based on the contents of my letters. Neither can UPS, nor can the phone company…

I do not understand why anyone thinks Ajit Pai’s arguments: (if the company you are sending USPS mail to can build a profile on you about what you purchase from them, your name, and address, and sell that, why can’t the USPS?! It’s different rules for the mail carrier from the companies they deliver mail to, and they should be regulated under the same rules!) are taken seriously; people should be screaming in the streets about this.

Yes, I get that the vast majority of people are underinformed, naive, or plain idiots, but this effort should also be terribly, ridiculously illegal. There shouldn’t need to be an FCC rule about ISP customer privacy, because deep packet inspection for non CALEA purposes should already be profoundly illegal.

Anonymous Coward says:

Doesn't a encrypted VPN turn any ISP into a dumb pipe?

No it doesn’t.

Internet is OSI layer 3 full duplex communication. VPN uses variations of NAT to accomplish what it does. Worse it creates a concentration point for traffic analysis and filtering. (most commercial VPN’s already filter email by default)

A general dependence on VPN will create choke points increasing surveillance and censorship overall. But more to the point, if you need to use a VPN service, a crime has already been committed against you.

While some VPN providers may be honorable, probably some of them are data miners themselves. It is a well known fact that TOR is rife with data mining.

The long and short of it is this:


Any transient sampling, or modification of traffic above OSI layer 3 is an abuse of the first and fourth amendments. Facilitating that abuse by means of an inhome device ( cable box) is abuse of the 3rd amendment.

While detailed traffic analysis is periodically neccessary for diagnostic purposes, that is not the same thing as buying line-rate wiretapping equipment, and bulk sampling traffic. Or bulk injecting data into communications into 3rd party communications. (many of whom the carrier has no contractual relationship with)

There is a technical solution coming that will provide end to end distributed cipher in a way that consumers will accept. I think the players all know it. So they are trying to concentrate traffic in order to make interfering with their customers civil rights cheaper and easier.

But it’s really just a flurry of misdirection in an attempt to prevent the forcible removal of their dicks from the Constitution.

The Internet was free. Now it isn’t. But it will be again. The technical means for accomplishing this is an inevitable evolution.

Anonymous Coward says:

Re: Doesn't a encrypted VPN turn any ISP into a dumb pipe?

“The technical means for accomplishing this is an inevitable evolution.”

This is what I’m hoping for. If we make it technically impossible to track data, then it won’t be tracked. You can make all the laws you want. The Government has proven time and again it doesn’t care. Same with the corporations. If we want true privacy, we will have to create it ourselves.

Anonymous Coward says:

What does this mean?

Other than they gather our data and sell it of course (which is bad enough). Can they start to inject ads into our streams again and make HTTPS even more unsafe? Does this give them the right to overwrite data on webpages like they have done before (It was other ads as I remember it)?
I use a VPN mostly, but find it often much slower… does anyone have any safe VPNs that can provide up to gigabit solutions(if we are allowed)?

Anonymous Coward says:

Re: What does this mean?

Regarding HTTPS, there is nothing your ISP can do to monitor, or inject packets into your HTTPS traffic. HTTPS traffic is safe from deep packet inspection which looks at text, images, and video transferring to and from your web browser.

However, they still can see what sites you visit, even with https. They just cant see what you send back and forth to those sites. But knowing what the sites are is enough for them to build a profile on you and market to you, even if the detailed traffic is private.

Regarding VPN, I would love to know too. I currently subscribe to a business level gigabit subscription, and I do not think ISPs would pull these shenanigans on business accounts because there would be lawsuits, but you never know.

Thad (user link) says:

Re: Re: What does this mean?

Regarding HTTPS, there is nothing your ISP can do to monitor, or inject packets into your HTTPS traffic.

Isn’t there? They’re sitting there between you and your destination at key exchange time; I don’t see anything stopping them from a man-in-the-middle attack.

Well, not anything technical. It would be extremely ill-advised for ISPs to perform MITM attacks against their subscribers, as I suspect the backlash would dwarf SOPA. (And using an MITM attack for something as frivolous as targeted advertising would be especially foolish, seeing as the purpose of MITM is not to let your target know they’re being attacked.)

Robert says:

Re: Re: Re: What does this mean?

I don’t see anything stopping them from a man-in-the-middle attack.

You need to go back and read about Alice, Bob and how they use public / private key-pairs. The ISP would need a certificate signed by root-CA (embedded in OS / browser) claiming ownership of the destination DNS name.

We can argue about the “weakness” of the root CA trust model, but it’s the single hurdle protecting your HTTPS from MiTM attacks and is not entirely trivial to break.

It’s actually MUCH EASIER for a non-ISP to get control of one of your “hops” than it is to get a useful forged certificate.

Anonymous Coward says:

Re: Re: Re:2 What does this mean?

"not entirely trivial to break."

That is an awesome turn of phrase.

While not entirely trivial, it becomes more trivial once certain infrastructure is in place. Such as an overlay network that allows selectively backhauling interesting traffic, and security software provided to the end node by the ISP that can install a false CA via autoupdate. (both already broadly deployed)

These factors become more severe as the edge devices (cable boxes) become more intelligent. Which is one of the best reasons for cable box competition. A monopoly on these devices is more likely to provide a homogenous surveillance infrastructure that can be abused by the state. (vs. a diverse infrastructure that can be abused by everybody)

Which IMHO means that cable box competition is protected by the 3rd, and 2nd amendments, no matter what the posers in the state legislature and the FCC say.

Part of the issue here is that lawyers don’t understand modern communications well enough to be able to identify negligence. So the public is like a mentally handicapped person getting a bullet in the head during a gang shoot out, while the kid who shared gummi bears with him on the short bus looks on from his perch on the judicial bench.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...