Karl Bode’s Techdirt Profile


About Karl Bode

Karl Bode is a freelance writer living in New York that has been babbling, jabbering and prattling about technology, politics and culture professionally for more than fifteen years. Follow me on Twitter @KarlBode


Posted on Techdirt - 20 January 2017 @ 11:53am

Report: President Trump Picks Former Verizon Lawyer Ajit Pai To Head FCC

from the populism-schmopulism dept

As many expected, Donald Trump has chosen former Verizon lawyer and current FCC Commissioner Ajit Pai to head the FCC, according to a report by Politico. According to two anonymous insiders "familiar with the decision," Pai, who met with Trump on Monday, should be formally announced as FCC boss in short order. Pai recently proclaimed that net neutrality's "days are numbered" under Trump, while stating that the reformed FCC would be taking a "weed whacker" to "unnecessary regulations" like the FCC's net neutrality rules and its new consumer broadband privacy protections.

Politico rather soft sells the controversy that Pai will represent to those who don't think technology policy should be dictated by Verizon, AT&T, Comcast and Charter Communications:

"Pai is already a familiar name in tech and telecom policy debates. He’s a fierce and vocal critic of many regulations passed by the commission's Democratic majority, including the 2015 net neutrality rules that require internet service providers to treat all web traffic equally and are opposed by the major broadband companies."
Let's be clear here. Pai has supported the incumbent duopoly providers on nearly every issue of substance. He has vilified net neutrality to an often-comic degree, falsely claiming the rules encouraged dictators in North Korea and Iran and led to a massive slowdown in industry investment. He has consistently refused to even admit the U.S. broadband market has a competition problem. He's made it abundantly clear he wants to eliminate every FCC consumer protection function, and, alongside fellow Commissioner Mike O'Rielly, has even repeatedly voted down holding AT&T accountable for outright fraud.

If you're looking for somebody who will rubber stamp every Comcast request shoveled in his general direction, Pai is certainly your man. If you're looking for an FCC leader who's going to care about consumer issues or the plight of the startup or small business in a word dominated by massive, ever-consolidating telecom conglomerates, you're about to get a master class in disappointment. The irony, of course, is that Pai is about as far from the "populist" rhetoric President Trump leaned on to get elected as one can get:

Yes, nothing quite says "man of the people" like a former Verizon lawyer who has fought tooth and nail against every single effort to hold large ISPs accountable to the public. On any given day, if the wind is right and with enough pressure, Pai may just be convinced to occasionally do the right thing. But as the leader of an agency tasked with keeping Comcast from viciously savaging both consumers and the competition, it's not really physically possible to make a more controversial and uninspired selection.

21 Comments | Leave a Comment..

Posted on Techdirt - 20 January 2017 @ 6:30am

Through Price Hikes And Annoyance, AT&T Still Waging War On Unlimited Data Users

from the competition-means-higher-prices! dept

Back in 2011 AT&T and Verizon killed off their unlimited wireless data plans, instead replacing them with usage caps and steep (up to $15 per gigabyte) over fees. And while these companies grandfathered the existing unlimited data users at the time, they've spent the lion's share of the last six years waging a not-so-subtle war on these users in an attempt to get them to switch to metered plans. This ranged from AT&T's decision to block Facetime completely for users on unlimited plans, to covertly throttling these users only after a few gigabytes of usage, then lying about it. Repeatedly.

Of course AT&T has also used vanilla rate hikes on these unlimited data plans to drive users to metered options.

In late 2015, AT&T announced a price hike for its grandfathered unlimited data users by $5 per month. Last week, AT&T confirmed it had tacked on yet another $5 increase. AT&T informed these users that they are still free to keep their unlimited data plan, but AT&T really hopes that you don't:

"If you have a legacy unlimited data plan, you can keep it; however, beginning in March 2017, it will increase by $5 per month," AT&T said. The unlimited data price had been $30 a month for seven years, until AT&T raised it to $35 in February 2016. The price increase this year will bring it up to $40. That amount is just for data: Including voice and texting, the smartphone plans cost around $90 a month."
Reports have indicated this attempt by Verizon and AT&T to annoy, cajole, and hammer grandfathered unlimited data users so they leave these plans has been hugely effective. Both companies have desperately tried to convince the public that they don't really want unlimited data anyway, with Verizon going so far last year as to hire an expert to pen a blog post claiming that the consumer desire for unlimited data was just a "gut feeling," and that it was simply technically impossible to offer simpler, easier unlimited data plans.

Even with limited spectrum, the rise of small cells, WiFi offloading, and more robust networks and intelligent network management tools means unlimited data certainly is technically possible. T-Mobile (even though its plans may technically violate net neutrality by throttling all video by default) has thrived thanks to its unlimited data plans. In fact, they've made consumer annoyance at AT&T and Verizon pricing the cornerstone of many of their media campaigns:
Unsurprisingly, both AT&T and Verizon have been losing customers hand over foot to T-Mobile. It's telling (both about these companies and the overall quality of real competition in the space) that their reaction to this competitive threat is to raise rates, whether that's AT&T's price hikes for unlimited data, or Verizon's recent decision to jack up a number of service fees. Yes, AT&T and Verizon could offer unlimited data. It's just far more profitable to have your customers so terrified of going over their monthly allotments, that they sign up for fat, pricey data plans they probably don't need in the first place.

Update: Like clockwork, AT&T has followed Verizon and will also be bumping its activation and device upgrade fee as well. Competition!

17 Comments | Leave a Comment..

Posted on Net Neutrality Special Edition - 19 January 2017 @ 10:41am

Netflix May Not Be Worried About The Looming Death Of Net Neutrality, But Startups Should Be God-Damned Terrified

from the what-broadband-competition-problem? dept

With Trump's telecom advisors and the remaining FCC Commissioners making it abundantly clear that they intend to gut net neutrality rules and dismantle pretty much all of the FCC's consumer watchdog functions, there are more than a few worried companies, startups and consumers concerned that the net neutrality fight is about to get downright stupid. One of Trump's telecom advisors doesn't even think telecom monopolies are real, which should speak volumes about our looming vacation to dysfunction junction.

One company that's busy pretending it's not worried is Netflix, which penned a letter to the company's shareholders this week (pdf) insisting that it doesn't expect the death of net neutrality rules to materially impact the company's revenues:

Weakening of US net neutrality laws, should that occur, is unlikely to materially affect our domestic margins or service quality because we are now popular enough with consumers to keep our relationships with ISPs stable.

Of course, that's easy to say when you're now the biggest pay TV provider in the United States, coming off one of your most successful quarters in history, while quickly expanding into hundreds of countries internationally. But what about the smaller, disruptive Netflix-like companies of tomorrow? They're about to face a future in which the government doesn't appear to give two flying shits about the wide variety of problems caused by AT&T, Comcast, Charter and Verizon's stranglehold over the broadband last mile. In fact, likely FCC boss Ajit Pai has made it repeatedly clear he does't even think any broadband competition issues exist.

Clearly, smaller companies and startups won't have the size or lobbying muscle to defend themselves from ISP efforts to use this very real competitive logjam as a weapon against competing services (see: usage caps, overage fees, interconnection shenanigans, and whatever other "creative" efforts ISPs haven't even birthed yet to allow them to double dip). And Netflix appears to have forgotten that the mere presence of the FCC's rules prevented ISPs from attempting to extract significant, new interconnection fees at the network edge. So really, even companies the size of Netflix will have plenty to worry about.

Fortunately Netflix does indicate the company isn't entirely oblivious to the advantage it holds, and proceeds to acknowledge that yes, a healthy and functioning internet free of obnoxious gatekeepers is kind of important:

However, strong net neutrality is important to support innovation and smaller firms. No one wants ISPs to decide what new and potentially disruptive services can operate over their networks, or to favor one service over another. We hope the new US administration and Congress will recognize that keeping the network neutral drives job growth and innovation.

If you've spent even five seconds reading comments made by Marsha Blackburn and other Trump telecom advisors, you should realize there's a snowball's chance in hell of that happening. The most likely path forward begins with the incoming FCC simply refusing to enforce the net neutrality rules on the books. After that, you can be fairly certain (said as somebody that has watched this industry for two decades) that the GOP will be pushing a new Communications Act rewrite (or some other new stand-alone legislation) packed with breathless platitudes toward broadband expansion, jobs, and net neutrality.

In reality this legislation will have one, singular, unwavering focus: eliminating any and all government oversight of some of the least liked, and least competitive companies in any industry in America. Any network neutrality provisions in this looming legislation will be comically hollow, much like the promises surrounding job creation, innovation, and broadband competition. If Netflix execs truly think they're going to be immune from the repercussions of this shift back to letting AT&T, Comcast and Verizon dictate internet policy, they've got a lot of painful learning to do over the next few years.

38 Comments | Leave a Comment..

Posted on Techdirt - 19 January 2017 @ 9:34am

Verizon Won't Complete Calls For Galaxy Note 7 Owners Who Refuse To Return The Flawed Device

from the spontaneous-combustion dept

Most of you recall that Samsung's Galaxy Note 7 suffered a bit of a problem with spontaneously combusting. That led to months of horrible press and an FAA ban on taking the device on airplanes. You might also recall that Samsung exponentially amplified its own PR disaster by then issuing a replacement phone that suffered from the exact same problem. Since then, carriers have been passing on a Samsung update that effectively bricks the device, preventing users from recharging the device. Most users have traded in the device for, you know, something that doesn't explode.

But there remain a few thousand Galaxy Note 7 owners that for whatever reason have chosen to ignore Samsung and the formal recall by the US Consumer Product Safety Commission. According to Verizon, there are still "thousands" of users on their network who continue to use the device, refusing to install the update that would render the device inoperable:

"In spite of our best efforts, there are still customers using the recalled phones who have not returned or exchanged their Note 7 to the point of purchase," a Verizon spokeswoman tells Fortune. "The recalled Note 7s pose a safety risk to our customers and those around them."
Interestingly, Verizon was initially the only wireless provider that refused to pass on the bricking update, insisting they didn't want to leave customers stranded for the holidays (despite the fact said users could have swapped out the device for free at any time). But Verizon has since taken a notably harder stance on the safety issues created by the device. As such, they've announced that they'll now refuse to connect any of the non-911 calls made via the Galaxy Note 7, instead routing every call to Verizon's customer service department:
"So now Verizon is going to go even further, putting the phones in a special category so that all outgoing calls not directed toward the 911 emergency service will only connect to customer service. Because Note 7 users have also already been reimbursed for the cost of the long-since recalled Note 7, Verizon is also saying it might bill the holdouts for the full retail cost of the phone."
It's a curious predicament. On the one hand, you can't feel particularly bad for customers who knowingly refuse to trade in a device that could spontaneously explode, hurting themselves or others in the process. On the other hand, these users are supposed to technically "own" this device, which a carrier is now refusing to connect to the network. And while users on device payment plans may technically still owe Verizon money for the device in Verizon's billing systems, users are arguing that Samsung has already reimbursed Verizon for these devices in the wake of the recall.

Verizon insists it needs to disable the device for public safety (though liability could still be a motivator), while Galaxy Note 7 owners apparently believe they have every right to be stupid, self-immolation be damned.

29 Comments | Leave a Comment..

Posted on Techdirt - 19 January 2017 @ 6:29am

Verizon Claims Its Millennial Ad Pivot Has Been Slowed By Its Breathless Dedication To Consumer Privacy

from the okey-dokey dept

So we've noted repeatedly how Verizon really wants to pivot from stodgy, old protectionist telco to Millennial-focused media and advertising juggernaut. The company desperately wants in on Facebook and Google advertising cash, and apparently believes this is possible by ceasing network fiber upgrades and gobbling up failed 90s internet brands like Yahoo and AOL.

Except Verizon's brand revolution so far hasn't been much to write home about.

Verizon began its pivot with a short-lived website that imploded after writers revealed they couldn't talk about net neutrality or mass surveillance. The company's acquisition of Yahoo has also been plagued with issues, from Yahoo's mammoth, undisclosed hacking scandal to revelations of the company's wholesale spying on user e-mail accounts for the government (not that this latter issue bothered Verizon much). And Verizon's Go90 streaming video service, the cornerstone of Verizon's effort, has been derided as "a dud" by Verizon's own media partners.

Needless to say, a generation of being a government-pampered telecom monopoly left Verizon ill-prepared for its marketing and media gambit, and the company's own incompetence and lack of innovative DNA have made for rough sledding early on. Verizon, for its part, has been stuck trying to explain to investors and the media why things aren't going particularly well. Kind of amusingly, Verizon Executive Vice President Marni Walden last week tried to claim the problems were because Verizon is breathlessly dedicated to consumer privacy:

"For the first year, we’ve worked on bringing Verizon data into AOL. Candidly, that’s been slower than I’d like it to be, and you’ll see us accelerate that this year. The reason for that is around privacy and transparency for our customers."

"We’ve got to make sure we don’t ever compromise that relationship with consumers, so we’ll do that in a very responsible way,” Walden continued. “But what we do know is that when you bring that kind of data, that rich set of data from Verizon into the platform, the result you get on targeted advertising is significantly better."
Just so we're clear: Verizon was caught last year actively modifying wireless user data packets to track consumers around the internet. It was tracking users and building entire profiles of customers for two years before security researchers even discovered it. The company refused to inform consumers this was happening, and refused to provide working opt out tools. And while Verizon was fined $1.35 million by the FCC for this behavior, these so-called "stealth cookies" remain in use -- and have since been expanded across the AOL empire.

This comes of course as Verizon has worked tirelessly to fight consumer privacy protections on every front, most recently in the form of the FCC's broadband privacy protections, which simply require companies be transparent about what they're collecting. Verizon has long proclaimed that privacy protections aren't necessary because public shame would keep the company honest (again though, the public was never told this data collection was even happening). AOL CEO Tim Armstrong also proudly declared that "the market" would keep the Verizon empire on its best behavior as it pertains to user privacy. Yeah, maybe.

Of course the real reason Verizon's marketing ambitions have been slow to blossom isn't Verizon's love of privacy, it's Verizon's inexperience in media -- and actual competition. In broadband, Verizon has been consistently allowed to ignore privacy (and any other consumer complaint) courtesy of a lack of last-mile broadband competition. Now Verizon's the pesky upstart in a new, unfamiliar market, where annoyed users actually have a choice in search, e-mail, streaming video and other services. It's frankly entirely unclear if the company has the competence required for the transition.

7 Comments | Leave a Comment..

Posted on Techdirt - 18 January 2017 @ 11:54am

Trump's Plan Is To Gut All FCC Consumer Protection Powers

from the utterly-Comcastic dept

Trump's telecom advisors have made it abundantly clear the incoming administration intends to gut net neutrality, roll back most consumer broadband protections, and defund and defang the FCC as a broadband consumer watchdog. While deregulation works in some sectors, history makes it abundantly clear that blindly deregulating the broken telecom market only makes the problem worse. Just ask Michael Powell, the former deregulatory-focused FCC boss turned top cable lobbyist, whose blanket deregulatory tenure at the agency helped forge the "Comcast experience" most modern consumers enjoy today.

It shouldn't be all that surprising then that leaked details on the incoming FCC's transition plan confirms that gutting of the FCC as consumer watchdog is precisely what Trump's team has in mind. Of his advisory team can't just call this spade a spade, given consumers would realize an unchecked Comcast, AT&T, Charter and Verizon spells significant trouble for their wallets... and peace of mind. As such, Trump's advisors intend to dress up what they have planned as an act of ultra-efficiency and reform:

"That approach would be to restructure FCC bureaus to better reflect the convergence of the digital age as a first step, and, eventually, move functions deemed "duplicative," like, say, competition and consumer protection, to other agencies, particularly the Federal Trade Commission.

While some have described the plan as one to eliminate the FCC, and certainly many if not most of its functions could be reapportioned, landing team members Jeff Eisenach and Rosyln Layton have argued that what remains would be "a more coherent and streamlined" agency that "would more effectively serve the goals of consumers, competitors, and Congress."
It's worth noting that it's not "some" people that are saying the goal is to neuter the FCC -- that's what Trump's own advisors and most of the GOP are saying. And sure, the FCC will be more "efficient" in the way that a car stripped and sold off for parts needs less maintenance and fewer oil changes, but the pretense that this has anything to do with helping consumers should be utterly transparent to anybody familiar with America's pay-to-play legislature and the kind of "dollar per hollar" industry-tied think tankers that currently have Trump's ear.

In telecom you'll very often see ISP lobbyists and executives urging that the FCC's consumer protection duties be offloaded entirely to the FTC. That's because they know full well the FTC is already under-staffed, under-funded, and ill-equipped to pick up this additional workload, and most consumer issues would be guaranteed to fall through the cracks. The goal isn't more efficient regulation and better, more streamlined regulators: the goal is no oversight whatsoever of some of the least competitive companies in America and one of the most loathed industries in America. All else is pretense.

Of course we could just ask real consumer advocates like Public Knowledge lawyer Harold Feld. Feld has spent the lion's share of his life defending consumers from companies like Comcast, and tells Ars Technica that Trump's plan is effectively an all out war on telecom consumer protections:
"Harold Feld, senior VP of consumer advocacy group Public Knowledge, called this plan "a declaration of war on the most basic principles of universal service, consumer protection, competition, and public safety that have been the bipartisan core of the Communications Act for the last 80+ years." Feld argued that this proposal would "poison the well for any serious effort to update the Communications Act." Feld also worries about the impact on rural areas, which are given special protections in the Communications Act, he told Ars today.

Feld said that the FCC itself has "considerable latitude" to limit its own enforcement actions "and to use rulemakings and forbearances to strip itself of authority," but it still has to meet the requirements of the federal Administrative Procedures Act. Moreover, the proposal to shift FCC competition and consumer protection authority to agencies such as the FTC would require the writing of extremely complicated legislation in Congress, he said."
But Congressional legislation is just what the GOP is planning. The GOP has made it repeatedly clear they intend to table a Communications Act rewrite this year that further erodes regulatory authority over the nation's largest cable TV and broadband providers. It's very likely this new bill will not only severely curtail the FCC, but will roll back the agency's Title II reclassification of ISPs -- as well as net neutrality and new broadband privacy rules. All under the pretense of jobs, broadband expansion, and protecting net neutrality.

Of course the way things are going, dismantling the only government agency that has dared stand up to Comcast is going to be portrayed as some kind of "populist" reform, resulting in countless millions cheering against their own best interests as their rights burn down around them. But as consumer TV and broadband bills skyrocket, net neutrality is gutted, consumer privacy concerns get thrown in the toilet, and unchecked industry duopolists truly begin to run amok -- misdirection and bullshit will only go so far in preventing consumers from realizing precisely who'll be to blame.

48 Comments | Leave a Comment..

Posted on Techdirt - 18 January 2017 @ 6:25am

Report: Verizon Considering Comcast Merger In Supernova Of Dysfunction

from the bigger-is-always-better dept

Despite Trump's criticism of the AT&T Time Warner merger (largely believed to be due to negative CNN coverage), most Wall Street and telecom sector analysts expect the next few years will see an explosion in previously-unthinkable mega-mergers. Sprint is expected to make another bid to acquire T-Mobile after the deal was blocked by regulators back in 2014. Comcast or Charter are expected to make their own bid for T-Mobile if Sprint can't come up with the cash. Other rumored acquisition targets for giant telecom companies include Dish (and its hoarded spectrum) or any number of massive media empires.

But one of the more unlikely rumored M&As that keeps popping up is a Verizon acquisition of Comcast. The idea was floated by UBS analyst John Hodulik in a recent research note to investors, with Hodulik claiming the deal provides incredible "synergies" while propping up Verizon's fifth-generation wireless (5G) ambitions:

"Densification of wireless networks required to meet the needs of video-centric subscribers increases synergies of cable-wireless combinations and provides the springboard for 5G-based services," he proclaims. "A roll-back of Title II re-classification could further increase incentives for cable," he adds, casually citing the likely dismantling of net neutrality and the FCC under Trump.

He put forth a number of models that include Dish fusing with T-Mobile or other variations. But he noted that a Comcast or Charter merger with Verizon would create "significant synergies" and "integrated products" while being "accretive to revenue and EBITDA growth."
Adding to this speculation this week is a New York Post report claiming that Verizon is looking to acquire either Comcast or Charter:
"Verizon Chief Executive Lowell McAdam may be getting ready to answer rival AT&T’s moves to buy DirecTV and Time Warner. The New York wireless giant is weighing the acquisition of a cable company to help grow demand for its wireless data products, two well placed sources told The Post. The CEO told friends at the Consumer Electronics Show in Las Vegas earlier this month that he wants to buy into cable, one source said.

"They need it for 5G,” said a second source, confirming McAdam’s interest. The most likely targets would be “Charter or Comcast,” the source noted."
The problem is the deal doesn't make a whole lot of technical sense given the companies' dramatically different networks. Verizon has no shortage of core network transit capacity to fuel its own 5G ambitions. And while the cable industry's large network of WiFi hotspots could be used to offload 5G wireless users, Verizon has actively been trying to get out of the fixed-line broadband business. The company has largely frozen its FiOS fiber expansion, and has spent the last few years actively trying to drive away DSL customers it doesn't want to upgrade. Verizon's trying (with mixed results) to pivot to media and advertising.

While Verizon may be interested in NBC, would it saddle itself with tens of millions of new residential broadband customers just as it's trying to back away from the saturated residential broadband market? A more likely effort would involve the "smaller" acquisition of a pure media company like CBS to keep pace with AT&T's $100 billion Time Warner bid and Comcast NBC Universal. Verizon's own streaming service is being called a "dud" by the company's own advertising partners, and owning a richer catalog of original content would go a long way to prop up Verizon's goal of becoming a Millennial advertising juggernaut.

Much of the chatter could simply be Wall Street cashing in on rumor-triggered telecom stock movement. That said, the competitive repercussions of fusing two of the biggest broadband providers and reducing competition further would be monumental. Whether a Verizon Comcast superunion happens or not, it's becoming incredibly clear that Wall Street believes we're entering a new era of rubber stamp regulators, where no deal is too big, and the consumer impact and employment toll of these kinds of megadeals is only a distant, fleeting afterthought.

15 Comments | Leave a Comment..

Posted on Techdirt - 17 January 2017 @ 11:55am

Microsoft Sort Of Addresses Windows 10 Privacy Complaints With New Privacy Dashboard

from the hoover-up-ALL-the-data dept

For the last few years, Microsoft has been under fire because its Windows 10 operating system is unsurprisingly chatty when it comes to communicating with the Redmond mothership. Most of the complaints center around the fact that the OS communicates with Microsoft when core new search services like Cortana have been disabled, or the lack of complete, transparent user control over what the operating system is doing at any given time. Microsoft has since penned numerous blog posts that claim to address consumer concerns on this front -- without actually addressing consumer concerns on this front.

This week, Microsoft penned a new blog post claiming that the company has been listening to annoyed customers and privacy activists, and will finally be making substantive changes to Windows 10 privacy settings to give users more control. Among them will be new operating system-level privacy controls that make consumer options more granular. But Microsoft also says it is building a new privacy dashboard the company says will be doled out to Windows Insiders in an upcoming build, and will look something like this:

Microsoft says the company will simplify the operating system's diagnostic data collection levels, so that it's clearer what telemetry data is being sent back to the company’s servers. As it stands, Windows 10 currently has three snooping levels, but in the Creators Update (expected sometime in the Spring) there will be just two: an option to switch between "basic" and "full" data collection levels, depending how much invasive snooping you like with your morning coffee. Said basic tier is the lowest the settings will go, and includes collection Microsoft claims is necessary for the functioning of the OS. Basic includes:
"Data that is vital to the operation of Windows. We use this data to help keep Windows and apps secure, up-to-date, and running properly when you let Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also includes basic error reporting back to Microsoft."
The problem is that Microsoft has often hidden behind claims that it has to collect a lot of this data or the operating system won't work, and there's still no option to eliminate the collection of telemetry data completely. "Full" data collection, in contrast, will collect everything that the basic setting covers, as well as "inking and typing data." That can include sending Microsoft the document you were working on that caused a system crash, and giving Microsoft support permission to access the OS remotely for troubleshooting.

The entire goal, Microsoft claims in the post, is to make consumer privacy easier to understand:
"When it comes to your privacy, we strive to make choices easy to understand while also providing clear visibility and control over your data. We believe finding the right balance is one of our most important tasks in delivering great personalized experiences that you love and trust."
We'll have to wait until Spring to see if these changes address concerns of the EFF, which last August criticized Microsoft's malware-esque forced upgrade tactics and its refusal to answer consumer privacy inquiries in a straightforward fashion. Microsoft's also trying to appease French regulators, who last summer demanded that Microsoft "stop collecting excessive user data" and cease tracking the web browsing of Windows 10 users without their consent. Of course if having total, granular control over how chatty your OS is over the network is your priority, not using Windows whatsoever probably remains your best option.

63 Comments | Leave a Comment..

Posted on Net Neutrality Special Edition - 17 January 2017 @ 6:16am

Outgoing FCC Boss Warns New FCC About The Perils Of Killing Net Neutrality

from the prepare-for-a-backlash dept

We've noted a few times how the incoming Trump-led FCC has made it clear that it not only wants to roll back net neutrality and new broadband privacy rules, but also defund and defang the FCC entirely. The majority of Trump telecom advisors believe that the FCC serves absolutely no role as a consumer protection agency, and should be torn down to the studs -- its only function being to help manage wireless spectrum. With the broadband market clearly broken and uncompetitive (exhibit A: Comcast and its hidden fees, usage caps, and historically awful customer service), eliminating most regulatory oversight of the sector would obviously compound most of the existing problems.

In his last speech as acting agency head (pdf) ahead of his resignation this week, FCC boss Tom Wheeler warned the new, incoming FCC that rolling back net neutrality is going to not only drive massive consumer backlash against net neutrality opponents, but it's going to be legally difficult after the FCC's court victory last year. Wheeler also noted how the justifications for quickly moving to kill net neutrality rules (such as the repeatedly debunked claim that the rules harmed network investment) are flimsy, at best:

"Yes, we must be vigilant. And the first step in such vigilance is to ask those who want to rush to take away existing protections a simple question: where’s the fire? What has happened since the Open Internet rules were adopted to justify uprooting the policy? As I said a moment ago, network investment is up, investment in innovative services is up, and ISPs revenues – and stock prices - are at record levels. So, where’s the fire Other than the desires of a few ISPs to be free of meaningful oversight, why the sudden rush to undo something that is demonstrably working?

Vigilance requires the FCC or the Congress make the case as to why the American tradition of open networks should be reversed. Fortunately, the rules under which the FCC must operate provides for just such vigilance. Contrary to what you might have heard, reversing the Open Internet rules is not a slam dunk. The effort to undo an open Internet will face the high hurdle, imposed by the Administrative Procedure Act, of a fact-based showing that so much has changed in just two short years that a reversal is justified."
Of course, the new FCC and its net neutrality opponents don't have to kill the rules procedurally -- they can initially just choose to not enforce them. From there, the most likely course of action is to push a new law through Congress that pays lots of lip service to net neutrality and broadband deployment, but is written to actively sabotage regulatory oversight. Such a law likely will contain net neutrality "restrictions" so riddled with loopholes as to effectively make violating net neutrality the law of the land (kind of like the Thune/Upton proposal we warned you about last year).

Whatever the path to deconstruction, Wheeler warned of the obvious, negative repercussions of putting the wolves in charge of the henhouse, and killing rules preventing incumbent ISPs from charging innovators and competitors a "troll toll" just to connect to their customers (aka double dipping):
"We have already seen how AT&T and Verizon have favored their own video services by zerorating their product while forcing consumers to pay data charges for competitors. Just take that behavior and look how it would affect other 21st century services.

Whether it’s Amazon Web Services, or Microsoft’s Azure, or Salesforce.com’s integrated cloudbased activities, ISPs free from open access obligations and behavioral oversight can choke growth and innovation, or, at the least, demand tribute for passing over their network."
Net neutrality has always been, at its core, about a lack of last mile broadband competition. It's about incumbent ISPs using this monopoly over the broadband last mile to charge companies and consumers -- already paying an arm and a leg for broadband -- an additional troll toll. It's what began the debate when former AT&T CEO Ed Whitacre crowed he wouldn't let "Google ride his pipes for free," and it has simply evolved in the era of "zero rating" -- which requires that competing streaming TV platforms pay up if they want to operate on the same playing field as incumbent services.

It's the lack of competition that creates and encourages net neutrality, privacy, and other ISP abuse. Eliminating rules protecting consumers from this problem -- then gutting all regulatory oversight of the nation's least-liked companies -- won't magically fix this problem, it will simply make it exponentially worse. And while the incoming FCC and its ISP allies are chomping at the bit to begin deconstructing net neutrality, broad, bipartisan consumer support for net neutrality means they can expect a techno-activist backlash that will make the response to SOPA look like a beach-side blanket picnic.

Net neutrality opponents can certainly proceed with their plan to kill net neutrality, but the effort is going to come with a price tag most of them violently underestimate.

47 Comments | Leave a Comment..

Posted on Techdirt - 13 January 2017 @ 1:14pm

FTC Sues D-Link For Pretending To Give A Damn About Hardware Security

from the cutting-edge-incompetence dept

If you've been paying attention, you've probably noticed that the so-called Internet of Things isn't particularly secure. Hardware vendors were so excited to market a universe of new internet-connected devices, they treated things like privacy, security, and end-user control as afterthoughts. As a result, we've now got smart TVs, smart tea kettles, WiFi-connected barbies and all manner of other devices that are not only leaking private customer data, but are being quickly hacked, rolled into botnets, and used in historically unprecedented new, larger DDoS attacks.

This isn't a problem exclusive to new companies breaking into the IoT space. Long-standing hardware vendors that have consistently paid lip service to security are fueling the problem. Asus, you'll recall, was dinged by the FTC last year for marketing its routers as incredibly secure, yet shipping them with easily-guessed default username/login credentials and cloud-based functionality that was easily exploitable.

The FTC is back again, this time suing D-Link for routers and video cameras that the company claimed were "easy to secure" and delivered "advanced network security," yet were about as secure as a kitten-guarded pillow fort. Like Asus, D-Link's hardware also frequently ships with easily-guessed default login credentials. This frequently allows "hackers" (that term is generous since it takes just a few keystrokes) to peruse an ocean of unsecured cameras via search engines like Shodan, allowing them to spy on families and businesses in real time.

According to the FTC, D-Link's hardware also consistently suffers from a number of other vulnerabilities the regulator says the company simply refused to seriously address, including command injection software flaws that let remote attackers take control of consumers' routers via any IP address. D-Link is also accused of mishandling the private key used to sign into D-Link software (said key was openly available on a public website for six months), and of leaving users' login credentials for the mobile D-Link app unsecured in clear, readable text directly on the mobile device.

Needless to say, the FTC thinks D-Link should have done a little more to keep its products, and by proxy the internet at large, more secure:

“Hackers are increasingly targeting consumer routers and IP cameras -- and the consequences for consumers can include device compromise and exposure of their sensitive personal information,” said Jessica Rich, director of the FTC’s Bureau of Consumer Protection. “When manufacturers tell consumers that their equipment is secure, it’s critical that they take the necessary steps to make sure that’s true.”
Unsurprisingly, D-Link didn't think much of the FTC lawsuit, quickly posting a new FAQ and a press release implying that because the FTC didn't cite specific products and document clear instances of harm, there's no problem. The statement laments the FTC's "unwarranted allegations" and "contested 2-1 decision" to hold D-Link to account:
"The FTC complaint alleges certain security hacking concerns for consumer routers and IP cameras, and we firmly believe that charges alleged in the complaint against D-Link Systems are unwarranted," said William Brown, chief information security officer, D-Link Systems, Inc. "We will vigorously defend the security and integrity of our routers and IP cameras and are fully prepared to contest the complaint. Furthermore, we are continually working to address the overall security features of D-Link Systems' products for their intended applications and to regularly inform consumers of the appropriate steps to take to secure devices."
Granted you only need to spend a few moments with IoT-specific search engines to realize how common poorly-secured webcams (from D-Link and everybody else) are. And D-Link's router hardware has been well-represented in the recent rise of DDoS attacks on companies like Dyn. So the end result of this neglect should be pretty clear, and given the agency's recent warnings (pdf), the FTC's crackdown (which may or may not persist under a new administration) shouldn't be a surprise. Companies had every opportunity to prioritize privacy and security in their products, but instead chose to pay lip service to the concept.

Read More | 26 Comments | Leave a Comment..

Posted on Net Neutrality Special Edition - 12 January 2017 @ 11:50am

FCC Report Clearly Says AT&T & Verizon Are Violating Net Neutrality -- And Nobody Is Going To Do A Damn Thing About It

from the unpopular-populist-reform! dept

When the FCC was crafting net neutrality rules, it refused to ban zero rating -- or the practice of giving an ISP's own content an unfair advantage by exempting it from usage caps. At the time we noted how this would open the door to all manner of anti-competitive shenanigans, and that's precisely what happened. Before we knew it, AT&T, Verizon and Comcast were all zero rating their own content while still penalizing streaming competitors, documenting how companies can abuse the lack of broadband competition to impose unnecessary and arbitrary caps -- then use those caps as an anti-competitive weapon.

This is not "free market competition." It's duopolists using their domination over the broadband last mile to hamstring emerging new markets and competitive threats. Caps aren't necessary. They don't actually even help manage congestion. Caps and overage fees are glorified, confusing and arbitrary price hikes that let incumbent broadband mono/duopolists extract additional revenues from captive customers, with the added bonus of hamstringing streaming market competitors.

While the FCC didn't ban zero rating (unlike India, Japan, The Netherlands, Norway and Chile), it did say it would take a "case by case look" at zero rating to see if it hurt competition. And after a clumsy, glacial, year-long review, the FCC has concluded precisely that. In a series of letters and full FCC report (pdf) released by the agency, the FCC makes it abundantly clear that AT&T and Verizon's zero rating plans are clearly anti-competitive, and clearly violate net neutrality:

AT&T’s Sponsored Data program is designed to enable third party edge providers to deliver streaming edge content on a zero-rated basis to AT&T’s mobile broadband subscribers. Unlike the two sponsored data programs discussed above, we have serious concerns that AT&T Mobility’s Sponsored Data program presents competitive problems and, to date, nothing in AT&T responses to the Bureau’s requests for information has addressed our concerns. Based on the information gathered to date, we believe there is a substantial possibility that some of AT&T’s practices may violate the General Conduct Rule.
AT&T and Verizon have breathlessly insisted that they can't possibly be acting anti-competitively, because companies can pay them a completely unnecessary troll toll to have their content placed on equal, cap-exempt footing. But the FCC clearly notes that AT&T's charging competitors notably more for this "favor" than it charges itself (DirecTV):
The limited information we have obtained to date, however, tends to support a conclusion opposite from AT&T’s contentions – namely, that AT&T offers Sponsored Data to third party content providers at terms and conditions that are effectively less favorable than those it offers to its affiliate, DIRECTV. Such arrangements likely obstruct competition for video programming services delivered over mobile Internet platforms and harm consumers by inhibiting unaffiliated edge providers’ ability to provide such service to AT&T’s wireless subscribers.
And while it's all good and lovely that the FCC finally woke up from its nap to realize that broadband caps and zero rating can be (ab)used anti-competitively, the timing of the FCC's effort is comical. Trump and his incoming telecom advisors have made it abundantly clear they intend to not only gut net neutrality, but defund and defang the FCC itself. As such the FCC's "enforcement action" here is too little, too late. Ajit Pai, on the shortlist to be the next boss of the agency, issued a statement to the FCC website (pdf) making that abundantly clear:

It is disappointing that the FCC’s current leadership has yet again chosen to spend its last days in office the same way it spent the last few years—cutting corners on process, keeping fellow Commissioners in the dark, and pursuing partisan, political agendas that only harm investment and innovation.

This time the midnight regulations come in the form of a Bureau-level report casting doubt on the legality of free data offerings—offerings that are popular among consumers precisely because they allow more access to online music, videos, and other content free of charge. This report, which I only saw after the FCC released the document, does not reflect the views of the majority of Commissioners. Fortunately, I am confident that this latest regulatory spasm will not have any impact on the Commission’s policymaking or enforcement activities following next week’s inauguration.

Pai, a former Verizon lawyer, has long had a bizarre, distorted, and inaccurate view of what net neutrality actually is. When crafted properly, net neutrality rules protect innovators from last-mile broadband monopolies. Pai and friends, in contrast, have made it abundantly clear their top priority is to gut, hinder and hamstring any regulator that would dare stand up to companies like AT&T, Verizon, Comcast or Charter. That dismantling some of the only rules protecting consumers from these behemoths in telecom market dysfunction is being passed off as populist reform is the ultimate insult and irony, the closing whimpering footnote to a zero rating saga that, moving forward, will wind up being the very least of the open internet's problems.

27 Comments | Leave a Comment..

Posted on Techdirt - 12 January 2017 @ 8:33am

After Lawsuits And Denial, Pacemaker Vendor Finally Admits Its Product Is Hackable

from the digital-wetworks dept

So we've noted how the lack of security in the Internet of Things is a bit of a problem. Initially, many of us thought that easily hacked smart tea kettles and smart refrigerators were kind of cute. Then we realized that this same, paper-mache grade security is also apparently embedded in everything from automobiles to medical gear. Then, more recently, we realized that all of these poorly-secured devices were being quickly compromised and used in botnets to help fuel massive, historically unprecedented, new DDoS attacks. The warnings were there all along, we just chose to ignore them.

For more than a decade people had been warning that the security on pacemakers simply wasn't very good. Despite these warnings, many of these devices are still vulnerable to attack. This week the FDA was forced to issue a warning, noting that security vulnerabilities in the St. Jude Medical implantable cardiac device and corresponding Merlin@home Transmitter could be a serious problem. It's notable as it's the first time we've seen the government publicly acknowledge this specific type of threat.

The St. Jude Medical Merlin@home Transmitter uses a home monitor to transmit and receive RF signals wirelessly to the pacemaker. But the FDA found that this transmitter was vulnerable to attack, with the press release politely tap dancing around the fact that said vulnerability could be used to kill:

"The FDA has reviewed information concerning potential cybersecurity vulnerabilities associated with St. Jude Medical's Merlin@home Transmitter and has confirmed that these vulnerabilities, if exploited, could allow an unauthorized user, i.e., someone other than the patient's physician, to remotely access a patient's RF-enabled implanted cardiac device by altering the Merlin@home Transmitter. The altered Merlin@home Transmitter could then be used to modify programming commands to the implanted device, which could result in rapid battery depletion and/or administration of inappropriate pacing or shocks."
According to the FDA, they have no evidence of anybody dying because of the vulnerability yet. They're also quick to note that St. Jude Medical issued a patch on January 9 that fixes this vulnerability. St. Jude Medical was quick to issue a statement patting itself on the back for patching its systems against "highly unlikely medical device cyber risks":
"There has been a great deal of attention on medical device security and it’s critical that the entire industry continually enhances and improves security while bringing advanced care to patients,” said cyber security expert Ann Barron DiCamillo, former director of U.S. CERT and advisor to St. Jude Medical’s Cyber Security Medical Advisory Board. “Today’s announcement is another demonstration that St. Jude Medical takes cyber security seriously and is continuously reassessing and updating its devices and systems, as appropriate."
Granted St. Jude Medical had previously received a bit of a nudge, and this isn't the first time the company's name has appeared in lights for the wrong reason. Security startup MedSec resorted to some creative tactics last year when it began shorting St. Jude Medical stock to try and highlight the company's abysmal security, after the traditional vulnerability reporting process failed to get the company's attention. At the time, MedSec Chief Executive Officer Justine Bone stated that the company consistently did little to nothing when vulnerabilities were reported:
"As far as we can tell, St. Jude Medical has done absolutely nothing to even meet minimum cybersecurity standards, in comparison to the other manufacturers we looked at that have made efforts," Bone said. There are steps St. Jude can take relatively quickly to protect patients, including changing the programming of implanted pacemakers and defibrillators through a method that would involve a doctor’s visit, she said."
St. Jude Medical's first response was an outright denial, followed by a lawsuit against MedSec for "trying to frighten patients and caregivers." Fast forward a few months, and St. Jude Medical is now trying to hold itself up as the poster child for proactive security and accountability. But the reality is that publicly shaming companies that can't be bothered to prioritize user security (even when human lives are at risk) appears to pay notable dividends.

12 Comments | Leave a Comment..

Posted on Techdirt - 11 January 2017 @ 6:26am

AT&T Intends To Dodge FCC Review Of Time Warner Mega-Merger, But Trump Remains A Wild Card

from the synergies-out-the-wazoo dept

AT&T continues to try and sell regulators on the company's $100 billion acquisition of Time Warner, making all kinds of promises (few actually being true). Consumer advocates are highly wary of the deal, arguing that a more powerful AT&T (with its rich history of anti-competitive behavior and outright fraud) would be in a perfect position to hinder streaming competitors from licensing the content they need to compete. That's of course when AT&T isn't busy giving its own DirecTV Now service an unfair market advantage via zero rating and usage caps.

But AT&T's path to merger completion just got a bit easier. Outlets had been noting for some time that an FCC review would only be triggered if AT&T attempted a transfer of the two dozen or so Time Warner satellite licenses or the station license for WPCH-TV in Atlanta. Avoid those, and you avoid even a possibility that the FCC could block the deal or saddle it with conditions. And that's precisely what AT&T appears intent on doing according to a new regulatory filing with the SEC:

“Time Warner has conducted a review of all licenses that it holds that are granted by the FCC,” says the company. “While subject to change, it is currently anticipated that Time Warner will not need to transfer any of its FCC licenses to AT&T in order to continue to conduct its business operations after the closing of the transaction.”

If, as AT&T contends, these licenses don’t need to be transferred — or if Time Warner divests itself of the licenses before merging — the companies seem to believe the FCC has no authority to intervene and review the merger.

The deal would still need approval from the Justice Department, but Donald Trump remains a bit of a wild card in AT&T's equation. Trump promised to block the deal in the lead up to the election, claiming "it's too much concentration of power in the hands of too few." But Trump's telecom transition team consists largely of folks interested in defunding and defanging regulators. These aren't exactly the kind of folks who'll be supporting government blockades of (or restrictive conditions attached to) telecom sector mega mergers. Neither is the most likely top FCC choice, Ajit Pai.

But there's a wrinkle. Trump may still block the deal, just for reasons other than what he claimed on the campaign trail. A recent New York Magazine column on Megyn Kelly contained an interesting tidbit, noting that Trump has turned to News Corporation boss Rupert Murdoch for tips on choosing the next FCC boss. Murdoch's also urging Trump to block the deal as a favor to Murdoch and his obvious competitive interests:

If Fox News’ politics ultimately solidify as more pro-Trump than they were during the campaign, that might be to the benefit of Murdoch’s business interests. According to a well-placed source, Trump has asked Murdoch to submit names for FCC Chairman. Murdoch, another source said, also wants conditions put on the AT&T-Time Warner merger, and he could lobby Trump to make that happen.
In other words (assuming this report is correct), Trump could block the deal, but only to benefit Murdoch's own news empire, and not because it would protect consumers, smaller competitors, or the media and streaming markets. There's another possible factor as well. Bloomberg recently reported that Trump was opposed to the deal, but mainly because he's still bitter about CNN's coverage of his campaign -- and CNN is, of course, part of Time Warner. So there are still more "personal" reasons why Trump may want to block the merger. That's going to likely cause friction among Trump's own telecom sector and tech appointees, who have made it abundantly clear they don't want regulators doing much of anything outside of nodding dumbly and looking busy.

Regardless, AT&T remains publicly optimistic, insisting there's just no way regulators would dare block its latest megamerger; it's simply too fantastic:

"In the modern history of the media and the internet, the U.S. government has always approved vertical mergers like ours, because they benefit consumers, strengthen competition, and, in our case, encourage innovation and investment," AT&T executive VP and general counsel David McAtee said of the transaction.

10 Comments | Leave a Comment..

Posted on Techdirt - 10 January 2017 @ 10:42am

Verizon Cracks Down On Unlimited Data Users, Claims Nobody Wants Unlimited Data Anyway

from the tell-us-what-we-want dept

Back in 2011, AT&T and Verizon eliminated their unlimited data plans, instead shoving users toward metered plans with limited data allotments. While the two companies did "grandfather" their existing unlimited data users at the time, they've been engaged in a quiet war to drive these users off the plans for years, ranging from AT&T's decision to block Facetime from working unless users signed up for metered plans, to throttling these users (and then in some instances lying about it). This is all of course accompanied by a constant barrage of rate hikes (AT&T imposed another $5 bump just last week).

Six years after first getting rid of the plans, Verizon shows no sign of backing off its crackdown of these unwanted users. The company this week confirmed that it was taking new aim at unlimited consumers, the company confirming that it's now telling any user that consumes more than 200 GB per month that they will be booted off the Verizon network:

"Because our network is a shared resource and we need to ensure all customers have a great mobile experience with Verizon, we are notifying a small group of customers on unlimited plans who use more than 200GB a month that they must move to a Verizon Plan by February 16, 2017," Verizon spokesperson Kelly Crummey told Ars today."
Of course, the biggest plan Verizon advertises is 30 GB for $130 per month. Users can call and get larger plans, but they'd best expect to take out a second mortgage to pay for them. While Verizon was busy tightening the noose on its dwindling and data hungry unlimited users, it was also busy bumping activation and phone upgrade fees from $20 to $30, citing "increased costs" that have actually declined as the company continues to set earnings records thanks to metered billing and the company's usage caps.

And while it's understandable that Verizon would want to crack down on users on older data plans that give them a better value, the company continues to insist that nobody wants unlimited data. Just last September, Verizon CFO Fran Shammo again proclaimed that nobody needs an unlimited data plan. The company went so far as to hire a consultant willing to pen a blog post in which he claimed the consumer desire for simpler, unlimited data plans was just a "gut feeling" detached from any reality:
"So, while unlimited data may sound attractive, there is no practical effect of data limits on the majority of users. Understanding this should bring rationality to a discussion that is often held on a “gut feeling” level. Keeping adequate speed and performance while allowing all users to share the limited commodity we call wireless data is the fair way to deal with wireless connectivity. And ultimately, that is what is beneficial for wireless consumers."
To be clear, small cells and WiFi offloading have made great inroads in helping carriers handle the video load. T-Mobile and Sprint have certainly found a way to offer users unlimited data, albeit with some net neutrality trampling caveats. Sprint, for example, now throttles all games, music and video for unlimited data users by default, then charges them a premium if they want these services to run at full speed. To try and combat these new plans Verizon briefly tried to market its metered data plans as "limitless" (as in, they don't throttle them like Sprint) but was soundly mocked for the effort.

All told, the industry still can't quite figure out that if you can't actually offer unlimited data, you shouldn't advertise unlimited data. They're still also struggling with the concept that in a truly competitive market, consumers tell you what they want (and hopefully, you provide it). In wireless, executives still apparently think it's the other way around.

42 Comments | Leave a Comment..

Posted on Techdirt - 10 January 2017 @ 8:27am

ISPs Get Right To Work Pushing For Elimination Of New FCC Broadband Privacy Rules

from the snoopvertising-supernova dept

So we've noted that killing net neutrality isn't the only goal for large ISPs in the new year. Trump's top telecom advisors have all made it abundantly clear they'd like to defang and defund the FCC as a consumer watchdog entirely, and roll back the decision to classify ISPs as common carriers under Title II. This would not only dismantle net neutrality, but it would also eliminate the relatively basic broadband privacy rules the FCC recently passed. Those rules, in short, require that ISPs not only clearly disclose what's being sold and who it's being sold to, but also require they also provide working opt-out tools.

Unsurprisingly, ISPs made quite a stink about the "draconian" nature of the rules, and sector lobbyists are getting a running head start in dismantling them. After all, informed customers with the tools to protect their own privacy could cost them billions of dollars annually. Especially since the rules require that consumers opt in to collection of more sensitive financial data.

The cable industry's largest lobbying and trade organization, the Internet & Television Association (NCTA), is urging the FCC to eliminate the rules entirely, claiming they simply weren't necessary:

"They are unnecessary, unjustified, unmoored from a cost-benefit assessment, and unlikely to advance the Commission’s stated goal of enhancing consumer privacy,” wrote the Internet & Television Association, known as NCTA."
Except if you've tracked why the rules were created, you'd know that's simply not true. The FCC acted after security researchers discovered that Verizon Wireless was modifying user data packets to track consumers around the internet, without informing them or providing working opt out tools. The FCC was also concerned that some ISPs (Comcast, AT&T) had begun exploring charging users a steep premium if they wanted to actually protect their own privacy. Similarly, the FCC acted after some ISPs claimed they'd started providing worse customer service depending on a customer's credit score.

That alone should show you two truths: one, the broadband industry's claim that it can self-regulate on privacy issues is a joke. Two, the lack of competition in the broadband space opens the door to abuses you won't see in the broader, more competitive content markets Verizon, Comcast and AT&T are interested in rushing toward. These ISPs have long tried to claim that placing additional regulatory burdens on them is unfairly "asymmetric" because Google, Facebook and friends don't face them. But Google, Facebook and friends don't operate in a competitive vacuum thanks to a generation of lobbying, dysfunction, and regulatory capture, something these ISPs would prefer we all ignore.

Like the NCTA, the industry's biggest telco lobbying organization (US Telecom), had plenty to say about the new privacy rules. In its own filing with the FCC (pdf), the group urges the FCC to "modify key elements" of the privacy rules (read: all the ones that mean anything) right after it gets done eliminating net neutrality. The organization actually tries to claim at one point that privacy protections for consumers aren't necessary because ISPs don't really know all that much about you and hey, if you really don't like it you can always encrypt your data:
"...the Order ignores the record facts when it predicates this scheme of asymmetric regulation on the premise that ISPs are nearly omniscient and have greater visibility into consumer data than any other Internet company. That premise is false, as Commissioners Pai and O’Rielly and many commenters have explained. Given the recent rise of encryption and multiple ISP connections per user, any given ISP has rapidly declining visibility into the details of consumers’ Internet usage and, in some respects, less visibility than leading social media platforms, search engines, and data brokers."
This idea that ISPs aren't actually information super vacuums has been used consistently by dollar per hollar telecom sector think tankers, and it's nonsense. As exposure of deep packet inspection and Verizon's stealthy super cookies shows, incumbent ISPs do have nearly "omniscient" awareness of everything a consumer sees, watches, hears, or does. And encryption isn't a privacy panacea; ISPs can still observe user online behavior based on overall traffic patterns and volume, unencrypted portions of communications, and the growing volume of unencrypted Internet of Things traffic. And a VPN is no guaranteed blockade to ISP snooping either, since again IoT devices won't use VPN, and ISPs can often still monitor user behavior via DNS anyway.

Large ISPs could have avoided these regulations by making sound, reasoned policy choices. Instead, they chose to hoover up every shred of data they could find and sell everything that wasn't nailed down, making consumer choice and transparency a distant afterthought. And thanks to limited competition, broadband consumers have no way of "voting with their wallet" to avoid many of these practices, which is why the FCC crafted them in the first place. You either need to fix broadband competition, or impose rules protecting consumers from the symptoms of that particular disease (net neutrality and privacy violations).

So far, there's every indication that the new, incoming FCC intends to do neither.

18 Comments | Leave a Comment..

Posted on Techdirt - 9 January 2017 @ 10:50am

Net Neutrality Hating, SOPA-Loving Marsha Blackburn Pegged To Chair Key Technology & Telecom Subcommittee

from the rise-to-the-level-of-your-incompetence dept

If you were to sit down and consciously select a politician that best represents the stranglehold giant telecom companies like AT&T, Verizon and Comcast have over the legislative process, you probably couldn't find a better candidate than Tennessee Representative Marsha Blackburn. From her endless assault on net neutrality, to her defense of awful state protectionist laws written by ISP lobbyists, there has never been a moment when Ms. Blackburn hasn't prioritized the rights of giant incumbent duopolists over the public she professes to serve.

Blackburn has been fairly awful on technology policy in general, from her breathless support of SOPA to her claim that fair use is just a "buzzword" obscuring our desperate need for tougher copyright laws. As such, there should be little surprise that Blackburn has been selected to head the House Energy and Commerce Committee's Subcommittee on Communications and Technology. The subcommittee tackles most of the pressing internet-related issues, with Blackburn replacing Oregon Representative Greg Walden.

Blackburn joins a growing chorus of GOP insiders who have made it a core mission to dismantle net neutrality protections, despite the fact that they have broad, bipartisan appeal among consumers. At least Blackburn has been consistent; she spearheaded the "Internet Freedom Act," which attempted to kill net neutrality by effectively codifying non-net neutrality into law and hamstringing any regulator that tried to protect it. According to Blackburn, this wasn't just because AT&T and Comcast are among her biggest campaign contributors, but because she really, truly adores "innovators":

"Once the federal government establishes a foothold into managing how Internet service providers run their networks they will essentially be deciding which content goes first, second, third, or not at all. My legislation will put the brakes on this FCC overreach and protect our innovators from these job-killing regulations."
Blackburn has also gone out of her way to defend AT&T and Comcast's efforts to pass state-level protectionist laws. These laws, passed in more than nineteen states, prevent towns and cities from improving local broadband infrastructure -- even in instances where incumbent ISPs have refused to upgrade. According to Blackburn, these competition-killing laws -- which serve solely to protect duopoly revenues -- are somehow necessary to protect "free market competition":
"After witnessing how some local governments wasted taxpayer dollars and accumulated millions in debt through poor decision making, the legislatures of states like North Carolina and Tennessee passed commonsense, bipartisan laws that protect hardworking taxpayers and maintain the fairness of free-market competition."
Needless to say, Blackburn's home state of Tennessee consistently ranks as one of the least connected states in the nation as a direct result of her hard work. More recently, Blackburn went so far as to suggest that ISPs should be forced to remove "fake news" from the internet:
"If anyone is putting fake news out there, the ISPs have the obligation to, in some way, get that off the web. And maybe it's time for these information systems to look to have some type of news editor doing some vetting on that. Whether it's the Russians, the Chinese, the Iranians or whomever. You do not want that out there because it's... because it's fake news!"
In other words, Blackburn doesn't believe in protecting a healthy and open internet, thinks letting incumbent ISPs write competition-killing protectionist law is somehow good for broadband competition, consistently complains about government overreach, and yet wants the government to force ISPs to dictate what is or isn't acceptable news, while dramatically expanding draconion and unnecessary copyright law. Clearly she's the perfect choice to lead tech policy toward the twenty-second century -- provided you like living in something akin to a poorly-written dystopian novel.

26 Comments | Leave a Comment..

Posted on Techdirt - 6 January 2017 @ 10:48am

Canadian Regulators Declare 50 Mbps To Be The New Broadband Standard

from the high-water-mark dept

A few years back, the FCC here in the States bumped the base definition of broadband from 4 Mbps downstream, 1 Mbps upstream, to 25 Mbps downstream, 4 Mbps upstream. This was done in large part to highlight the lack of competition (two-thirds lack access to speeds of 25 Mbps from more than one provider) at faster speeds, largely thanks to telcos that no longer really want to be in the residential broadband business and are refusing to upgrade their networks at any scale. Needless to say, neither ISPs -- nor the politicians paid to love them -- were happy with the new standard.

Recently the Canadian government took things further, announcing new rules that make 50 Mbps downstream, 10 Mbps upstream the new industry standard. In addition to declaring that this 50 Mbps option should be considered "basic telecom service" moving forward, the CRTC announced that it's requiring that Canadian ISPs at least offer users the ability to purchase an uncapped, unlimited broadband connection.

According to the CRTC, 82% of Canadians already have access to speeds of 50 Mbps -- but like in the States, availability for these faster options are incredibly scarce in more remote areas where competitive incentive is minimal and deployment costs are higher. To that end, the CRTC said it's setting aside a $750 million subsidy fund to shore up backbone connectivity. The CRTC Is claiming that the effort should result in 50 Mbps service being made available to 90% of Canadian households by the end of 2021, and to the remaining 10% of households within 10 to 15 years after that.

Of course, telecom subsidies are nothing new, and the amount of money thrown at incumbent broadband providers in North America probably could have delivered gigabit fiber connections to every home on the planet several times over. These efforts are usually well-intentioned, but things quite frequently get lost in translation thanks to telecom providers with significant influence over the regulators and legislatures tasked with making sure this money gets spent effectively.

And while the 50 Mbps high-water mark is important in a sense, it's also partially theatrical. Telecom regulators have a long, proud history of announcing initiatives that sound transformative, but can often be achieved without much government help. When the "goal" is achieved down the road with minimal calorie expenditure, government often steps in to pat itself on the back for a job well done. Doing anything more would require actually standing up to some of the most politically influential companies on the continent.

And again in this case, Canadian Law Professor Michael Geist is quick to point out that the plan isn't as revolutionary as it's being portrayed:

"It would be a stretch to describe expanding access to these target speeds to an additional 8 per cent of the population over five years as transformative. In fact, given the investments from various providers, it raises the question of whether Canada might reach that target without the CRTC’s efforts. Indeed, the real challenge remains the last 10 per cent in rural and remote areas for which there are no easy answers.

Affordability goes hand-in-hand with access, yet the CRTC largely punted this issue, noting that “a comprehensive solution to affordability issues will require a multifaceted approach, including the participation of other stakeholders.” That places much of the responsibility on the government, but the CRTC had the opportunity to push providers harder on affordability. The Commission points to innovative solutions from some companies – Rogers and Telus are obvious examples – but leaves observers to wonder why it did not go further by setting goals or targets for industry laggards."
You'll note that much like its regulators to the south, the CRTC punts when it comes to actually acknowledging the lack of broadband market competition and the high prices and poor service that results. This lack of competition also introduces the thorniest telecom issues of the day: including net neutrality violations and the slow but steady expansion of usage caps and overage fees. It's easier to focus on shoring up remaining coverage gaps, especially when the government won't have to do all that much to ensure service (albeit incredibly expensive service) arrives via 5G and other new technologies.

With a few exceptions, a good rule of thumb with government broadband announcements like this is: if the incumbent ISPs are ok with it, it either doesn't do all that much or provides them money for doing very little. And based on a review of the newswires, Canadian incumbent ISPs aren't complaining about this new, supposedly lofty plan in the slightest.

14 Comments | Leave a Comment..

Posted on Techdirt - 6 January 2017 @ 6:36am

Utterly Tone Deaf To Cord Cutting, Cable Contract Feuds And Blackouts Skyrocket

from the utterly-unsustainable dept

We've noted for years that as broadcasters and cable companies bicker over new programming contracts, already-annoyed customers are left in a lurch. Usually these feuds go something like this: a broadcaster demands a huge rate increase for the exact same content. The cable company balks, and the content is usually pulled out of the cable lineup. Customers aren't given any sort of refund for this missing content, they're just inundated with PR pitches from both sides trying to get them pissed at the other guy. Ultimately a new, confidential contract is struck, and the rate hikes are then passed on to the consumer.

In short, consumers are repeatedly punished with blackouts and petty PR bitching between companies incapable of responsibly signing new contracts, after which they get a lovely new price hike. It's no wonder that 2016 was a record year for cord cutting.

Utterly oblivious to the self-immolation that comes from pissing off an already historically unsatisfied customer base, cable providers and broadcasters are already doubling down on this dysfunction in 2017. In just the last few weeks, countless pay TV customers have lost access to content they're paying for, whether it's Bonneville International blocking Dish customer access to a local NBC affiliate in large parts of Idaho, DirecTV users temporarily losing access to 33 Hearst Stations, or Frontier customers losing access to Sinclair Broadcasting stations after the broadcaster demanded a 200% price hike.

The American Television Alliance, a coalition of mostly cable companies, was quick to point out that 2017 is on record to see more of these types of feuds than ever before, as broadcasters continue to push for rate hikes that neither consumers nor cable companies are willing to pay for. It's an utterly unsustainable business model to be sure, though the Alliance is quick to lay the lion's share of the blame, quite correctly, at the feet of broadcasters:

"Broadcasters ambushed innocent consumers on New Year’s Day with a tidal wave of television blackouts," said American Television Alliance national spokesman Trent Duffy. "Broadcast tycoons have brazenly and deliberately hijacked pay TV viewers once again, holding college football bowl games, the last weekend of the NFL’s regular season and network premiers for ransom in a naked ploy to extract more money from consumers."
Of course, cable providers aren't innocent little daisies either. While they may be a prisoner to broadcaster rates, they often impose rate hikes on service at every conceivable opportunity as well, whether it's higher fees to rent a cable box or digital signal converter, fees to pay your bill in person or via the phone, hidden obnoxious fees used to falsely advertise a lower price, or broadband usage caps and overage fees designed to seek out their pound of flesh from another area of the consumer wallet.

Again, this simply isn't sustainable. If the cable industry wants to seriously fight back against cord cutting and slimmer streaming alternatives, it needs to begin more seriously competing on channel bundle flexibility and price, something the sector as a whole appears to be incapable of realizing. As such, cord cutting and cord trimming (streamlining your cable package) are self-inflicted wounds from an industry so terrified of killing its precious legacy TV cash cow, it's actually accelerating the demise of its traditional customer base by doubling down on pissing them off.

68 Comments | Leave a Comment..

Posted on Techdirt - 5 January 2017 @ 2:39pm

Potential New FCC Boss Blames Obama For The Washington Post's Botched Russian Utility Hacking Story

from the finger-pointin' dept

We've noted how one of Trump's top telecom advisors is Jeffrey Eisenach, a long-time Verizon consultant and aggressive opponent of net neutrality. Eisenach's one of three Trump advisors who have made it clear their top priority in the new administration will be to not only gut net neutrality, but to defang and defund the FCC as a consumer watchdog on telecom issues. Eisenach isn't just an advisor, he's also on the shortlist to be the next head of an agency he doesn't believe in.

But when Eisenach isn't busy dreaming about dismantling net neutrality, he can apparently be found writing logically incoherent op-eds over at the Wall Street Journal. In a strange little tirade posted on January 3, Eisenach quite correctly ridicules the Washington Post's recent false claim that Russians were busy hacking U.S. utilities. In short, a piece of common malware was found on one PC, and because the Washington Post couldn't be bothered to even call the company in question, the paper created a bogus narrative, based entirely on anonymous sources, that casually pushed the country closer to war.

Yeah, no biggie.

Eisenach starts off well enough, quite correctly illustrating the depth of the Washington Post's failure on the story, and how the malware was arguably run of the mill, and certainly not directly tied to the government:

"The kind of malware involved in these two intrusions is neither new nor particularly sophisticated. It is run-of-the-mill spyware that has probably been implanted on thousands of networks around the world, from home computers to those inside banks, power companies and government agencies. These bugs are freely available online, and the code found at the Democratic National Committee and the power company isn’t even the latest version. The notion that such a mundane piece of software reveals a new and ominous threat to critical infrastructure is laughable."
All true. But Eisenach's piece then takes a strange turn, in that it somehow tries to blame the Washington Post's awful reporting on... the outgoing President:
"Misleading the American people to advance a political narrative has been a hallmark of President Obama’s foreign policy. The most recent example is the administration’s attempt to conflate the hacking of the Democratic Party with potential cyberattacks on critical infrastructure...Cyberthreats pose a clear danger to national security, and building an effective defense will take a concerted effort by the Trump administration. Americans are right to be concerned. But by playing on those fears, the Obama administration is putting politics ahead of the national interest."
While the Washington Post was once again happy to quote all manner of anonymous, pearl-clutching intelligence sector insiders for its story (a bipartisan disorder for sure), Obama wasn't among them. Nor is there any indication that the Obama administration actively encouraged the Washington Post to trip over its own shoelaces and perform an epic, journalistic face-plant. Obama certainly has been no saint on cybersecurity, but to blame him for the Washington Post's dysfunction is more than a little strange, especially when the entire point of your article is to lament the senseless politicization of cybersecurity.

Someone might want to notify Eisenach that as a top advisor and potential new FCC boss, he's now the one in a position of power. If your goal is to demonstrate that partisan patty cake should be nowhere near technology and cybersecurity policy, why not demonstrate that with your actions -- instead of penning editorials that completely undermine the entire point you're trying to make?

16 Comments | Leave a Comment..

Posted on Techdirt - 5 January 2017 @ 10:40am

Ad Industry Wants New FCC Broadband Privacy Rules Gutted Because, Uh, Free Speech!

from the helpless-little-daisies dept

We've noted repeatedly how Trump's incoming telecom advisors have made it very clear they not only want to gut net neutrality, but defund and defang the FCC. That means rolling back all manner of other recent FCC policies, like the agency's recently approved broadband privacy rules. While ISPs and advertisers threw a collective hissy fit about the rules, they really were relatively fundamental; simply requiring that ISPs not only make it clear what's being collected and who it's being sold to, but requiring they provide working opt-out tools to broadband subscribers.

ISPs and the advertising and marketing industry are already getting a running start on rolling back these new privacy rules. In a joint filing by all of the major advertising lobbying and trade associations, the advertising industry this week was quick to submit a petition to the FCC (pdf) claiming that the new rules aren't necessary because the marketing sector already adheres to a "self-regulatory" regime that delivers all the transparency, choice and benefits that consumers could possibly handle:

"This ecosystem has functioned well for years under an enforceable self-regulatory framework developed by the Digital Advertising Alliance (“DAA”), which is broadly supported by industry and widely recognized as a highly credible and effective privacy self-regulatory program that offers consumers transparency about online data collection and a way to control the use of their online data by DAA members while allowing data-driven innovation to flourish. The DAA has been widely successful, with hundreds of companies and thousands of brands participating in the program, over 75 million unique visitors to its digital properties, reaching 35 countries and translated into 26 languages."
And while it's certainly nice that the advertising agency has translated its entirely voluntary privacy practices into so many languages, that's not really relevant to what the FCC was trying to accomplish with the rules. The FCC imposed rules specifically thanks to the lack of competition in the broadband last mile, a lack of competition that lets ISPs and advertisers impose draconian new consumer surveillance policies the consumer can't vote to avoid with their wallet. The FCC was particularly nudged to action by the discovery that Verizon and its ad partners were covertly modifying user packets to track users around the internet.

It took two years for security researchers to even discover what Verizon and its marketing partners were up to. It took another six months of heavy public shaming before Verizon was even willing to provide working opt-out tools. At no point did industry, or any of its self-regulatory apparatuses, stop and think they'd taken things a bit too far, which is why the FCC, agree or not, felt it was necessary to lend consumers a hand. The FCC was also concerned about a growing push by some ISPs to make opting out of data collection a pricey, luxury option for consumers, "self-regulatory safeguards" be damned.

At the thrust of the ad and marketing industry's formal opposition to the FCC's rules is an old favorite; the claim that protecting consumer privacy is somehow a violation of the marketing industry's free speech rights:
"The Commission did this in a manner that unreasonably exceeds its statutory mandate by restricting a substantial amount of protected free speech counter to the First Amendment, and using a process that did not allow adequate notice and comment from interested parties."
Of course, if you tracked the FCC's privacy rules comment period, or the public debate over do not track, the idea that anyone has ever silenced the marketing and advertising industry is hysterical. Most, of course, realize that the debate over consumer broadband privacy protections has absolutely nothing to do with free speech (a claim ISPs also used to fight net neutrality), and everything to do with the billions that are lost when you have empowered, informed, and engaged consumers with the tools to protect their privacy and a few sensible privacy protections at their back.

Again though, this may all be water under the broader, privacy bridge. If Trump's top three telecom advisors do what they've long said they want to do, the new FCC will look to roll back the FCC's newfound Title II authority, and by proxy both its net neutrality and privacy rules (which rely on the new classification of ISPs as common carriers). And as we've noted previously, to minimize activist backlash this will likely come in the form of a new update to the Telecom Act -- one that breathessly professes to protect net neutrality and privacy, yet is intentionally written to do the exact opposite.

23 Comments | Leave a Comment..

More posts from Karl Bode >>