You may have heard that Congress just voted to take away many of your online broadband privacy protections. After a little background, we will give you some tips on how to protect what’s left.
Last year, the Federal Communications Commission (FCC) voted to expand longstanding privacy protections that applied to your wireline phone calls to also include your broadband Internet connection. The new protections, slated to go into effect later this year, made sense. After all, most of us now communicate through a broadband Internet connection, even on the phone. If we were protected on the old phone, we should be protected on the computer or new mobile phone.
The new rules were a logical extension of the old rules. The phone privacy protections recognized that the pattern of your phone calls (who you call, when you call them, how often you call them, how long you speak to them) was very private in ways that affected your life both as a citizen and a consumer. Of course, when you log on the Internet, your ISP (Internet Service Provider) can collect even more detailed but similar information about you (after all, your web browsing history tells them where you shop online, where you are actually standing or moving in real life (geo-location) and where else you go online, how much you spend and where, where you obtain political information and, of course, many other details about your personal activities). They can sell this information or, because it has been collected, may be required to provide it to the government upon legal demand. But if they don’t have it, they cannot sell it or provide it. Under the cancelled rules, they would have needed your affirmative opt-in consent for most uses.
The biggest ISPs, of course, are the telephone and cable companies, Internet gatekeepers for most of us. It is very hard to find an alternative if you want to go online. They argue “What about Google, Amazon, and Facebook? It’s unfair to subject us as ISPs to stronger rules than THEM!” (These firms and others are under Federal Trade Commission (not FCC) enforcement. While FTC often sues companies that violate their own privacy policies, it has no authority to write rules, as the FCC does.)
In fact, however, you can choose to avoid joining Facebook or shopping at Amazon, and, besides, they cannot track your every click. You can make the privacy-driven DuckDuckGo, not Google, your primary search engine. But, very few of us have a local, small, consumer-friendly ISP. Your big ISP can and does track your every click, already. Now, they will be able to share or sell information about you without your consent.
WHAT CAN YOU DO TO PROTECT YOUR INTERNET PRIVACY NOW?
There’s no quick and easy solution, unfortunately. But there are options to reduce the personal information that leaks out to the ISP and others.
Easy Privacy To-Dos:
1) Use “https:” Be sure you always use a default browser setting of “https://” NOT plain old “http://” The S means secure. The non-profit Electronic Frontier Foundation has an HTTPS Everywhere extension that works on Firefox, Chrome and Opera browsers.
2) Use encrypted Signal or WhatsApp apps for texting. Experts say Signal has the strongest privacy protections but point out two potential downsides: (1) Its actual privacy protections intentionally include “no cloud backup,” meaning all your chats could disappear if your machine crashes and you don’t have some other backup. (2) While WhatsApp has a user base of over 1 billion worldwide; you’ll need to convince your friends to join the much smaller Signal. They may already be WhatsApp users, especially if they have friends overseas. Finally, Signal is owned by a non-profit; WhatsApp is now owned by Facebook.
3) Review your app settings: Why do your apps need to access your contact list? While you might want the convenience of geo-location for some apps, such as maps, why do games need your location?
4) Block trackers: More than one million people now use Privacy Badger from the non-profit Electronic Frontier Foundation to block third-party web trackers.
These steps are not for everyone, as they require a bit more work, although many of you may already be required to use a VPN to log into your office remotely. While private browser modes, such as Chrome Incognito, keep your browser from saving your cookies and browser history and other information, your ISP still knows where you’ve been. How can you take the next step to hide from them?
1) Use a VPN (Virtual Private Network). A VPN uses end-to-end encryption, which blocks all your content. While security experts recommend against most free VPNs, one browser, Opera, includes a VPN extension. Otherwise, expect to pay between $3-10/month.
2) Use TOR, a non-profit relay service that bounces your communications, from browsing to texting, all around the world to make it very hard to track you.
For More Information:
Here is a recent article with more details on online privacy from the non-profit Consumer Reports Magazine’s Consumerist blog. Here is another from LifeHacker on the pros-and-cons of VPNs. This is all just consumer advice; please do your own vetting of sites and apps.
Senior Director, Federal Consumer Program, U.S. PIRG Education Fund
Ed oversees U.S. PIRG’s federal consumer program, helping to lead national efforts to improve consumer credit reporting laws, identity theft protections, product safety regulations and more. Ed is co-founder and continuing leader of the coalition, Americans For Financial Reform, which fought for the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010, including as its centerpiece the Consumer Financial Protection Bureau. He was awarded the Consumer Federation of America's Esther Peterson Consumer Service Award in 2006, Privacy International's Brandeis Award in 2003, and numerous annual "Top Lobbyist" awards from The Hill and other outlets. Ed lives in Virginia, and on weekends he enjoys biking with friends on the many local bicycle trails.