The nation’s biggest internet service providers are responding to inflammatory headlines and protest campaigns over Congress’s repeal of internet privacy rules, saying they never have or will sell the browser history of individual users.
“No one is buying anyone’s individual browser history and putting it online,” said Jonathan Spalter, CEO of the trade group USTelecom, whose members include AT&T, Verizon, CenturyLink, and other major internet service providers. “Step away from the Kickstarter campaigns. Such activity remains patently illegal.”
That last bit is a reference to the rallying cry by celebrities and activists to crowdsource funds to buy and publish the browser history of lawmakers who voted for the Congressional Review Act (CRA) resolution, a proposal even staunch opponents of the repeal say isn’t possible.
“Advertisers aren’t buying your browsing data, and ISPs and other internet companies aren’t selling your data in a neat little package. It doesn’t help anyone to blatantly misrepresent what’s going on,” reads a post from Techdirt, a technology blog that frequently supports liberal policy agendas like privacy and net neutrality, while opposing more conservative ones like surveillance and data monetization.
“When ISPs or online services have your data and ‘sell’ it, it doesn’t mean that you can go to, say, AT&T and offer to buy ‘all of Louis Gohmert’s browsing history,’” it goes on. “Instead, what happens is that these companies collect that data for themselves and then sell targeting. That is, when Gohmert goes to visit his favorite publication, that website will cast out to various marketplaces for bids on what ads to show. Thanks to information tracking, it may throw up some demographic and interest data to the marketplace.”
Major ISPs including AT&T and Comcast sought to correct the record themselves.
“First and foremost, all of the rhetoric that asserts – without any factual support – that the CRA vote suddenly eliminated consumer privacy protections is just plain wrong,” AT&T Legislative Affairs Vice President Bob Quinn said. “The reality is that the FCC’s new broadband privacy rules had not yet even taken effect. And no one is saying there shouldn’t be any rules.”
Rules passed by the then-Democrat-controlled Federal Communications Commission in October would have forced ISPs to get permission from subscribers before collecting their data, including browsing history and app usage, and selling it to third party marketers for targeted advertising.
The House of Representatives, led by Republicans, voted 215-205, largely along party lines, to repeal the rules last week. The Senate voted 50-48 along similar party lines the week before, and the White House has already signaled President Donald Trump’s intention to sign the resolution into law.
Response from mainstream media has come in the form of numerous headlines with some variation of The Washington Post’s “What to expect now that Internet providers can collect and sell your Web browser history,” which incorrectly implies providers haven’t already been doing this.
“Your browser history is already being aggregated and sold to advertising networks—by virtually every site you visit on the internet,” Spalter explained. “Consumers’ browsing history is bought and sold across massive online advertising networks every day. This is the reason so many popular online destinations and services are ‘free.’ And, it’s why the ads you see on your favorite sites—large and small—always seem so relevant to what you’ve recently been shopping for online. Of note, internet service providers are relative bit players in the $83 billion digital ad market, which made singling them out for heavier regulations so suspect.”
Opponents of the rules argued like many of the Obama administration’s policies, they favored Silicon Valley, since edge providers like Google and Facebook — the dominant forces in online advertising — would have been unaffected. The result, they said, would have unfairly disadvantaged ISPs.
Spalter added sensitive data like health, financial and gathered from children still requires advance permission from subscribers before it can be collected and monetized.
“We do not sell our broadband customers’ individual web browsing history,” Comcast Deputy General Counsel and Chief Privacy Officer Gerard Lewis said. “We did not do it before the FCC’s rules were adopted, and we have no plans to do so.”
Since the passage of the repeal some opponents argue it could embolden ISP use of user data. While ISPs had incentive to curtail their use of data for fear of regulation, the CRA — which prevents similar rules from being passed in the future — could act as a permission slip from Congress to take data monetization to a deeper level, while giving law enforcement agencies like the FBI troves of Americans’ data to pursue.