Privacy advocates and consumer groups are fighting back against the U.S. Senate’s Thursday vote to undo privacy restrictions on Internet service providers.
In a 50-48 party line vote, the Senate approved the Congressional Review Act, S.J. Res. 34. If the House of Representatives gives it the green light, it then will go to the president to be signed into law.
“We’re working actively with a coalition of other consumer groups pushing to defeat the resolution in the House,” said John Simpson, director of the Consumer Watchdog Privacy Project.
If the consumer groups don’t succeed in the House, “we will remind President Trump that he has expressed concerns about invasions of his own privacy, and call upon him to veto the resolution to protect consumers,” Simpson told the E-Commerce Times.
Meanwhile, the Electronic Frontier Foundation has put up a Web page urging consumers to call their members of Congress about the resolution.
The Center for Democracy & Technology also has pledged to fight the resolution.
“Without the FCC rule, Americans will have no real privacy protections online because of current limitations placed on the Federal Trade Commission by Congress and the courts,” said Katharina Kopp, policy director at the Center for Digital Democracy.
For example, an ISP could infer a subscriber was unemployed, based on online usage patterns, and “sell this information to predatory financial vendors, which can have unforeseen consequences,” Kopp told the E-Commerce Times.
What the Legislation Provides
The Senate resolution lifts the FCC privacy rules adopted last fall.
The rules require, among other things, that ISPs get opt-in consent from consumers before sharing such sensitive information as geolocation data; financial data; health data; children’s personal information; Social Security numbers; Web browsing and app usage history; and the content of communications.
The resolution “enables ISPs to profit by collecting and selling consumer information without prior consent or notification,” said James Scott, senior fellow at the Institute for Critical Infrastructure Technology.
Further, ISPs will “continue to operate without associated liability, culpability, and accountability for the irresponsible collection, dissemination and exposure of consumer data” the resolution will enable, Scott told the E-Commerce Times.
Redlining and other discriminatory practices in housing and loan pricing could be facilitated, noted Consumer Watchdog’s Simpson, and “drug companies could assemble extremely personal health information and use it to target consumers without running afoul of HIPAA.”
Psychographic big data algorithms are powerful enough to precision-target and leverage pretty much anyone being targeted, ICIT’s Scott warned. “Get ready for turnkey nation state perception steering and psychographically targeted propaganda unlike anything we’ve seen before.”
Can Consumers Protect Themselves?
Consumers will have to encrypt all their traffic, using either a virtual private network or Tor, advised EFF Senior Staff Technologist Jeremy Gillula.
“You can’t just install Privacy Badger or browse in incognito or private mode,” he told the E-Commerce Times.
However, “VPNs usually cost money, and you have to trust your VPN provider not to spy on you instead,” Gillula pointed out, “while Tor users frequently encounter excessive CAPTCHAs and other impediments to browsing freely since websites often treat Tor users differently.”
Forever and Ever, Oh Man!
The FCC can’t do anything if the Congressional Review Act is signed into law, because CRAs prohibit an agency from passing a new regulation in the same form or one that is substantially the same, Simpson observed.
Further, because the FCC reclassified broadband access providers as common carriers to enact Net neutrality, the U.S. Federal Trade Commission would have no jurisdiction, he noted.
“There would be no privacy rules,” said Simpson, “and nobody could enact them.”