Internet Privacy 2017: What You Need to Know

By Published on .

Ajit Pai, chairman of the Federal Communications Commission, speaks during a Senate Commerce, Science and Transportation Committee hearing in Washington, D.C., in March.
Ajit Pai, chairman of the Federal Communications Commission, speaks during a Senate Commerce, Science and Transportation Committee hearing in Washington, D.C., in March. Credit: Andrew Harrer/Bloomberg

There has never been a reasonable expectation of online privacy, and there never will be. Regardless of what you may have recently heard about joint resolutions or nullifications, nothing has changed. Internet service providers have always had the right to use your data as they see fit, within a few Federal Trade Commission and Federal Communications Commission parameters. This has not changed. Nor has anything changed with respect to FANG (Facebook, Amazon, Netflix and Google). These companies have always had the right to use your data as they see fit -- with a few privacy policy exceptions and within the few aforementioned FTC and FCC parameters.

So regarding online privacy, for all practical purposes, absolutely nothing has changed.

What about the new rule?

On April 3, the president signed S.J.Res.34, a joint resolution that nullifies the FCC's "Protecting the Privacy of Customers of Broadband and Other Telecommunications Services" rule. But that FCC rule never went into effect. So net-net, nothing has changed.

One side will tell you that the FCC rule was overly burdensome for ISPs because they would have had to obtain opt-in permission from each customer to use the customers' data. The other side will tell you that the FCC rule was absolutely necessary because ISPs have access to 100% of your online activity, while FANG can only see what you do on their respective sites.

Most of the explanations from elected leaders failed to mention that you pay your ISP for access to the internet. Therefore, you would expect some privacy options, even if those options were offered at a premium price.

On the other hand, you pay for Facebook and Google with your data; so, as the cliché goes, "You are the product," and there you should not have any expectation of privacy (other than what's written in the user license agreement or privacy policy of the respective sites). As for Amazon and Netflix, you pay with a combination of cash and data. But rest easy: both Amazon and Netflix only use your data internally, and while they offer insights to certain vendors, sponsors and suppliers, the amount of actual data they make available to 2nd or 3rd parties is negligible.

Short-term impact

In the short term, all of this is meaningless. ISPs don't make money selling your data -- although they could -- and most of them do not yet have an effective way to sell advertising. They make money by charging you for internet access. FANG literally lives on your data. Without it, FANG would be severely disabled. But you already grant them the rights, so nothing has changed.

Long-term impact

In the long term, however, things will change. There are many probable futures. One of them is not passing previously proposed privacy rules by the FCC. But what has changed is the method that will be used to draft and legislate privacy policy. This is a nontrivial matter; it is, and will continue to be, a topic that inspires vigorous debate.

In a data-deregulated environment, ISPs are free to develop all kinds of new capabilities as the technologies become practical. We might see "intelligence layers" between us and the networks. Hypothetically, this type of AI would know where you are, where you are likely to be, what you like to do, when you like to do it, etc. In practice, it would be used to sell you stuff. It could also be useful for autonomous vehicles and IoT applications. But, as with all things, there's a dark side. Thinking about potential abuses of this type of data-driven AI should give one pause.

Should we have internet privacy laws?

Should we have internet privacy laws? What should we protect? Are privacy laws antithetical to a free and open internet? Or would a well-reasoned set of privacy rules provide a level playing field and fertile ground for commerce and communication? Under the Trump administration, it looks like whatever laws are in place will remain in place, but that whatever proposals can be nullified are fair game. For those who supported the previous administration's worldview, it's time for a new strategy.

Bigger topics, and what you can do

There's more at stake here than online privacy. The concepts of net neutrality, a free and open internet and a set of reasonable rules that promote investments and reward investors are not mutually exclusive. We should strive for consensus. Regardless of your personal preferences, you should contact your elected officials and let them know your thoughts.

When discussing online privacy, remember the internet not only transports your smartphone and web browser data, it also transports your banking data (from bank to bank), your health records (from doctor to hospital), autonomous vehicle data, Internet of Things data, municipal sensor data (such as water meters and weather data), and every other type of data that we create when interacting with today's digital world.

VPNs, encrypted email

Since the joint resolution passed, I've had a remarkable number of questions about Virtual Private Networks and email encryption, as if suddenly there's a new need for these services. (We'll discuss online privacy vs. online security in another article. They are not the same thing.)

If you didn't need a VPN or encrypted email yesterday, you probably don't need it today. That said, I only access the internet through VPNs, and I encrypt communication that I would not like to see on WikiLeaks.

I do not endorse any of the following products, but I pay for and use some of them. They all work as well as consumer-grade systems can work. If you feel like you will be safer using a VPN or encrypted email, here's a short list of options:


Encrypted email

What we really need

Data is a very valuable asset. How valuable? Have a look at the combined market cap of FANG. They, and most online businesses, transform the value of our data into their wealth. Which raises the question, "Should they own the data we create, or should we? If we create it, shouldn't it be ours?" I can argue both sides. Perhaps you can too. Let's start the discussion immediately!

Most Popular
In this article: