FCC to regulate ISP data collection, but Google, Facebook off the hook
You might notice a charge ranging from $2 to $8 on your monthly cable TV bill labeled “Broadcast TV fee.” In 2016, all the major cable and satellite TV providers jacked up their rates, as the Consumerist’s Kate Cox reports in a December 21, 2015, article. Now ISPs are looking to get in on the fee-jumping act by charging an “Internet Cost Recovery Fee,” according to DSL Reports’ Karl Bode in an April 5, 2015, article.
That’s what ISP CenturyLink calls a fee the company site states is intended to “defray costs associated with building and maintaining CenturyLink's High-Speed Internet broadband network.” Bode points out these costs are part of what the standard monthly fee covers – they’re “part of doing business,” as Bode writes. Bode quotes Motherboard’s Jason Koebler, who states in an April 5, 2016, article that “[t]he price you see advertised on an ISP’s website is never, ever the price you actually end up paying.”
The FCC’s proposed regulations governing how and when ISPs can collect, share, and otherwise use their customers’ personal information received official approval on March 31, 2016. Wireless Week’s Diana Goovaerts reports that the proposal creates three categories of personal information:
One of the biggest criticisms of FCC regulations is that they apply to ISPs but not to Facebook, Microsoft, Google (for the most part), Apple, Amazon, and other big web companies that track people as much as or more than ISPs do. FCC Commissioner Michael O’Rielly’s dissent claims that uneven application of the privacy rules puts companies such as AT&T and Verizon at a disadvantage as they compete with the likes of Facebook and Google in developing markets.
Profits soar when customers are kept in the dark
The only reason the FCC can regulate ISPs is because they were reclassified as public utilities in 2015. The need for oversight is highlighted in a report issued in March 2016 by the Center for Digital Democracy that digs deeper into the tangled data-sharing relationships between ISPs, cable/satellite TV providers, big-name web services, and data brokers. TechCrunch’s Natasha Lomas reports on the study in a March 23, 2016, article.
The profile companies create for you makes a big difference. You may think you’re seeing the same web page, search results, or other browser content as everyone else as you surf, but not so. Your unique user profile dictates what information you are served up by the pages you visit and apps you use. Differential pricing dictates the cost of the merchandise you’re offered, which may be higher or lower than your neighbors or people on the other side of the world, based on what your profile indicates you’re willing and/or able to pay.
The CDD report warns that your personal dossier could be used in “unfair and discriminatory ways that can harm individuals and families.” The group calls for an outright ban on cross-device tracking, online/offline data profiling, and other “pervasive and continuous data-collection” practices. The CDD also wants the FCC to outlaw deep-packet inspection by ISPs, which allows the services to learn the content of communications passing through their networks.
The Electronic Privacy Information Center responded to the FCC’s plan to regulate data collection by ISPs by calling for the same rules to be applied to private companies that build, use, and resell dossiers on their customers’ characteristics and activities. EPIC proposes that the FCC use as a guideline the Code of Fair Information Practices established by the U.S. Health, Education, Welfare Department way back in 1973. The second of the code’s five rules states that “[t]here must be a way for a person to find out what information about the person is in a record and how it is used.”
Privacy only for those who can afford it?
Web services respond to criticisms of their data-collection practices by reassuring customers that the activity is harmless, and by insisting that anyone who wants to stay private can do so by using virtual private networks or other encryption methods. TechCrunch contributors Harold Feld and Dallas Harris point out in a March 29, 2016, article, that encrypted data still reveals when you’re home, what devices you use on your home network, even when you’re asleep and awake.
More importantly, encryption entails added costs in both time and money. As the authors point out, “consumers have the same right to privacy when visiting a website as they do when making a phone call.” That right to privacy should not come with a price tag. (Note that the late U.S. Supreme Court Justice Antonin Scalia insisted that there is no such thing as a constitutionally protected right to privacy, but that’s a subject for another time.)
Plain and simple, any organization that collects, analyzes, sells, or otherwise reuses private information about consumers should be subject to regulation in how and when the collection is done, and what the information is used for. Consumers have a right to know what personal information they are surrendering, how the information is used, and how to prevent or limit the collection. The FCC has finally come to this conclusion as it relates to ISPs. It’s time to extend the consumer protections to data collected by web services, supermarkets, and other entities.