Jazz Shaw is one among many decrying the Republican repeal of the October 2016 FCC internet privacy rules covering Internet Service Providers (ISPs):
The entire idea of “adding costs and stifling innovation” is laughable on the face of it. We’re talking about a rule which doesn’t impact the amount of data which is available and collected or any of the normal processes involved in providing internet service to customers. It simply forces the provider to proactively obtain the permission of the user (“opting in”) before all of their personal data can be scooped off and auctioned off for marketing and advertising purposes. The fact that virtually no sane person who doesn’t wish to be further bombarded with spam advertising or have their private online activity shipped around with even more chance of it being hacked would ever want to opt in for that tells you all you need to know.
But is there another side to this? USA Today has a quick recap on how we got here. A key point: until recently the ISPs fell under the regulatory framework set by the FTC. The ISPs were reclassified as common carriers subject to FCC regulation, and now we are entering a world of differing rules.
The current FCC commissioner, Ajit Pai, was a humble dissenter last October:
For the last two decades, the United States has embraced a technology-neutral framework for online privacy. Administered by the Federal Trade Commission, this framework applied across all sectors of the online ecosystem. It reflected the uniform expectation of privacy that consumers have when they go online. It didn’t matter whether an edge provider or ISP obtained your data. And it certainly didn’t matter whether, as a consumer, you understood what those regulatory classifications meant—let alone the technical and legal intricacies that dictate when a single online company is operating in its capacity as an edge provider as opposed to an ISP. Regardless of all of that, the FTC’s unified approach meant that you could rest assured knowing that a single and robust regulatory approach protected your online data.1
That’s why since the beginning of this proceeding, I have pushed for the Federal Communications Commission to parallel the FTC’s framework as closely as possible.
Instead the FCC went with different rules, and now we seem to have no rules. However, the Competitive Enterprise Institute explains that, yes, there are rules even in the absence of the FCC. A flavor:
Much of the narrative surrounding this debate centers on the fear that consumers will have no privacy protection if the president signs the resolution. But these fears, simply put, are based on a myopic understanding of the numerous laws, regulations, and institutions that protect our privacy on the Internet other than the FCC’s burdensome, legally questionable privacy rule. Here’s a partial list of all the things that are stopping ISPs from misusing customer data or selling it to third parties in a way that could harm Internet users.
Federal and state wiretapping laws. Under the Wiretap Act, it’s generally illegal to intentionally intercept or divulge the contents of electronic communications—including Internet traffic—without the consent of a party to the communications. Violators of this law are subject to criminal prosecution, while any person whose communications are illegally wiretapped may sue the perpetrator for $10,000 or more (plus attorneys’ fees and costs). In other words, if an ISP intercepts the contents of a subscriber’s Web traffic, or gives such data to an advertiser, that provider had better be sure it has the subscriber’s consent.
State attorneys general. Every state has a law on the books making it illegal for companies to engage in deceptive practices. In nearly all of these states, the state attorney general (AG) may go to court to stop a company from deceiving consumers. And although some states also have enacted laws preventing regulation of Internet service providers, these laws generally do not apply to a state attorney general who wishes to bring an action against a provider that has engaged in deception. The upshot: In many states, if an ISP has represented to consumers that it protects their privacy and safeguards their data, that ISP must act in accordance with such representations—or else it may see one or more state AGs in court.
The major ISPs have announced privacy policies:
Leaving me confused. But confused or not, I am downloading 'Opera', a web browser with an embedded Virtual Private Network.