SoylentNews is people
SoylentNews
from the I'll-determine-what's-sensitive dept.
ISPs that want the federal government to eliminate broadband privacy rules say that your Web browsing and app usage data should not be classified as "sensitive" information.
"Web browsing and app usage history are not 'sensitive information,'" CTIA said in a filing with the Federal Communications Commission yesterday. CTIA is the main lobbyist group representing mobile broadband providers such as AT&T, Verizon Wireless, T-Mobile USA, and Sprint.
The FCC rules passed during the Obama administration require ISPs to get opt-in consent from consumers before sharing sensitive customer information with advertisers and other third parties. The FCC defined Web browsing history and app usage history as sensitive information, along with other categories such as geo-location data, financial and health information, and the content of communications. If the rules are overturned, ISPs would be able to sell this kind of customer information to advertisers.
The opt-in rules are scheduled to take effect on or after December 4, 2017, but ISPs have petitioned the FCC to eliminate the rules before that happens. The latest CTIA filing was a reply to groups that opposed the petition to overturn the rules.
In making its argument that Web browsing and app usage history are not sensitive information, CTIA said that the Federal Trade Commission has taken a different stance than the FCC.
"To justify diverging from the FTC's framework and defining Web browsing history as 'sensitive,' the commission and the [privacy rule supporters] both cherry-picked evidence in an attempt to show that ISPs have unique and comprehensive access to consumers' online information," CTIA wrote. "As the full record shows, however, this is simply not true. Indeed, even a prominent privacy advocacy organization asserted that it is 'obvious that the more substantial threats for consumers are not ISPs,' but rather other large edge providers."
Source: ArsTechnica
(Score: 2) by VLM on Tuesday March 21 2017, @01:42PM (30 children)
Its semi-important to frame the situation truthfully.
Its fake news to imply there's secret or private data that will remain private if only the ISPs are prevented from making a profit off it. The reality is everyone except the ISPs are already trading this stuff in a wide open marketplace. So everyone is selling your health and financial information but the ISPs, and ISPs alone, aren't making a profit off it, because, well, it was a good photo op to lie to people during the obummer administration.
That kinda changes the argument from "The evil ISPs want to wikileaks your privates" to a somewhat more realistic "The ISPs are frozen out of a wide open data market for no real obvious reason other than grandstanding politics and fake news"
I guess what I'm saying is if the ISPs start selling your financial data, for example, whats "NEW" is not that your financial data is being sold; thats fake news to imply it. Whats "NEW" is your ISP gets a cut of the profit and maybe the credit union or whatever makes one penny less off its sales due to competition.
So its kinda a referendum on your ISP (most people admittedly hate their monopoly ISP) mixed with a referendum on your politics WRT free markets (most people are kinda iffy on this). The fake news is pretty much against it with some inflammatory, ridiculous language. So the net result, either based on reality or not, is pretty predictable opposition.
There are secondary effects in that due to ad injection we're all going to need "https everywhere" and "adblocking to hell and back" to avoid getting powned by advertising inserted by our ISPs into our downloads. I'm sure the ISPs will find a way to F up stuff like apt-get upgrades by trying to insert jpg advertisements into the middle of the /bin/ls executable downloads as a distant secondary effect also. Or they'll just ban traffic they can't monetize, perhaps.
(Score: 5, Insightful) by Arik on Tuesday March 21 2017, @02:00PM (15 children)
I don't think that's completely accurate. It's one thing for a credit agency to use freely available information to compile a credit report and sell it - it's quite another for an ISP to spy on their customers in order to generate saleable information. Not that I'm against stronger privacy laws that affect all these companies and not just ISPs.
'Or they'll just ban traffic they can't monetize, perhaps.'
All my traffic has already been monetized, that's called I paid the bill.
An honest politician is said to be one that stays bought. Why should we not demand honest ISPs?
If laughter is the best medicine, who are the best doctors?
(Score: 1, Funny) by Anonymous Coward on Tuesday March 21 2017, @03:08PM (9 children)
Today we find out who the shills are!! Hooray! DannyB and VLM!!! Go fuck yourselves for trying to nomaluze this shitstorm. Privacy violations are wrong, and just because quite a few companies deal in user data doesn't make it alright for anyone anywhere to do. We need more laws to protect privacy, then there will be incentive to protect user's connections.
(Score: 2) by DannyB on Tuesday March 21 2017, @03:36PM (4 children)
You got it! The privacy problem is much bigger than ISPs collecting, let alone "sharing" your data. ("Sharing" is so wrong of a word to use for that.)
The lower I set my standards the more accomplishments I have.
(Score: 2) by bzipitidoo on Tuesday March 21 2017, @07:23PM (3 children)
Well, definitions are a key facet of this story. They're trying to define the meaning of "sensitive data" in a way they find more convenient for themselves.
When they spread your info around, that's called "sharing". When you spread art around, that's called "piracy".
We call neighbors who try to pry into others' private business "nosy Parkers", and the ones who spread rumors around (often the same people) are "neighborhood gossips". At least they don't do it for the money.
Seems most of capitalism is driven by marketing tactics of which redefinition is one of their chief weapons. Redefine something that isn't a problem to make it sound like it is, then sell expensive solutions. Bonus points if you can get lawmakers to outlaw the "problem". I figure that's the major issue with getting copyright and patent law repealed and replaced. If redefinition isn't enough, they can always fall back on the old double standard, you know, laws are only for little people.
(Score: 2) by DannyB on Tuesday March 21 2017, @08:30PM (2 children)
Getting lawmakers to outlaw a problem costs money, and removes the market for the expensive solution to the problem. Seems more profitable to get lawmakers to mandate problems rather than outlaw them.
The lower I set my standards the more accomplishments I have.
(Score: 2) by bzipitidoo on Tuesday March 21 2017, @08:39PM (1 child)
I was thinking of the law being used to force people to buy "solutions", not get rid of the problem. Not buying a solution is not only unAmerican and a drag on the economy, it's illegal.
(Score: 2) by DannyB on Tuesday March 21 2017, @09:05PM
It really sounds like we're thinking the same way. The problem must exist. An expensive solution must exist. The problem must not be outlawed. Rather the problem must be mandated. Even the solution must be mandated -- for a price.
The lower I set my standards the more accomplishments I have.
(Score: 0) by Anonymous Coward on Tuesday March 21 2017, @03:47PM (1 child)
I wouldn't call VLM a shill. That makes us actual shills look bad. ;)
He's just had his head increasingly up the alt-right's ass since last summer. I'll at least give him a nod for popularizing alt-right viewpoints here before "alt-right" was a lamestream buzzword (before it was detached from any actual positions within the movement and just simply another insult to hurl). So I guess he would be an alt-hipster, then.
You can pinpoint when the alt-right started really gaining traction as an insult instead of a semi-cohesive movement when alt-righters began replying to comments mentioning the alt-right with, "There is no such thing as the alt-right!"
Maybe there is no such thing, and it's just the Republican Party gone full retard. I could accept that. 20 years ago I liked the Republican Party. :(
(Score: 0) by Anonymous Coward on Tuesday March 21 2017, @04:38PM
Normalizing the normalizers by normalizing against the normalizer. My head is spinning!
(Score: 2) by VLM on Tuesday March 21 2017, @05:06PM
trying to nomaluze this shitstorm. Privacy violations are wrong
I think the best analogy to trying to discuss privacy issues on SN is its like reading "Lost Cause of the Confederacy" literature.
https://en.wikipedia.org/wiki/Lost_Cause_of_the_Confederacy [wikipedia.org]
Realist: "So in light of Atlanta having been burned, I suggest we upgrade the buried infrastructure and realign the new street grid with "
Drunken Col Saunders interjects: "Damn those Yankees damn them all to hell the South will Rise Again!"
Realist: "OK nice I agree, but as I was saying WRT the rebuilding plan, realign the street grid with the main east-west travel corridor and"
Drunken Col Saunders drunkenly bellows: "The yankees was wrong to tell us how to live our lives on our land!"
Realist: "Goddamnit Col Saunders go home and sleep it off, like it or not the fights over and we lost and Atlanta was burned and the ashes are cold and its time to talk about what is, and what we should do, the time for saying burning Atlanta would be immoral is over and frankly my dear I don't give a damn"
Drunken Col Saunders: "grumble heard what you said grumble damn yankees grumble"
Drunken Col Saunders gets his footing again and blasts out one last roar: "Damn those yankees to hell the South will Rise Again!"
Realist throws his hands up in the air: "I give up, what do we do with these dinosaurs other than wait for extinction? Free mint juleps until they pass out?"
There's just no point in discussing how to move forward in 2017 if the only discussion we'll get is "gosh I hope when 2001 arrives we don't do anything dumb" especially when we know we did in fact do something dumb 16 years ago and the whole point is it would be nice to move on. So from a position of 2017 the logical next step is ...
(Score: 2) by DeathMonkey on Tuesday March 21 2017, @06:04PM
It's the magic R.
If this was happening under Obama you'd actually be able to hear the shrieking through the screen.
(Score: 3, Insightful) by shipofgold on Tuesday March 21 2017, @03:41PM (2 children)
It's one thing for a credit agency to use freely available information to compile a credit report and sell it
What kind of information in my credit report is freely available????
The only thing that might be public is the amount of my mortgage, but even my payment history should be private.
If anything my banks are selling all my private information to the credit agencies in the same fashion that the ISPs want to sell information to others.
Are my banks spying on me by monitoring my credit card usage?
(Score: 2) by Kromagv0 on Tuesday March 21 2017, @07:46PM
If I as an individual compiled as much information on you as a credit reporting agency had I would likely be behind bars for stalking. Those reporting agencies glean as much info as they can from as many public data sets as they can get their hands on. Property tax records, DMV records, court records, shit they buy from other database operators, shit that banks, businesses and other give them, etc. Personally I have wondered if it is possible to get a restraining order against them like one could for a regular stalker and force them to remove any and all records they have on me. I believe we have cyber stalking laws.
T-Shirts and bumper stickers [zazzle.com] to offend someone
(Score: 2) by NewNic on Tuesday March 21 2017, @08:14PM
I think that you are confusing "free as in beer" with something else.
lib·er·tar·i·an·ism ˌlibərˈterēənizəm/ noun: Magical thinking that useful idiots mistake for serious political theory
(Score: 2) by Gaaark on Tuesday March 21 2017, @07:39PM (1 child)
I want to read what you have to say, but "I GETS HEADACHE!!!"
I'll have the font, font, eggs and font, and there's not too much font in it.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Tuesday March 21 2017, @07:49PM
Sounds like an issue with your browser settings.
(Score: 2) by EvilSS on Tuesday March 21 2017, @02:58PM (4 children)
(Score: 2) by VLM on Tuesday March 21 2017, @04:47PM (3 children)
So you would be cool with
You're confusing the question. I'm talking about whats already been done and now we (well, big brother) decides who profits off the decision already made. You're talking about if the original action was right or wrong which is too little too late. I don't even disagree with you, I just find it pointless or distracting to be stuck in the past.
selling your browsing history to a company that compiles it and makes it available to employers HR departments
Already done called LinkedIN and Facebook and twitter. Normies call those three sites "the internet" comically. Nobody cares about SN traffic.
Or your spouse's divorce lawyer?
You almost seem to be implying that discovery of electronic records in a divorce is not possible or unheard of? It comes up in corporate e-discovery too, not just divorce. Also criminal not just civil law.
The police?
Dude, seriously... they already have all that. Look up this guy named "Snowden" and "National Security Letters" and things like that. Are you trying to argue they don't LOL or they shouldn't which I kinda agree with but doesn't matter because they do have it today. You can split some hairs about definition of Police such that the parking ticket officer doesn't know which posts I read on 4chan /DIY/ last night, as if they would under the new ISP regs anyway, but some FBI/NSA guy certainly can if he wants.
(Score: 3, Insightful) by JoeMerchant on Tuesday March 21 2017, @05:46PM (1 child)
So, when I go to interview a potential new hire, I do a quick search on Google and LinkedIn to see what they intend to share with the world. I've found stuff like a guy who submitted a resume with certain skills on it, basically bragging on his LinkedIn feed that "he's got a guy who does that stuff for him." We weren't looking to hire for sub-contracting. So, no hire.
What I don't do is ask candidates to unlock their cellphones and share their browsing history, social streams marked "private," or other things that are not readily findable by anyone with access to a search engine. Some people do "overshare," but many do not, and that's O.K. - having an extensive public internet profile isn't a requirement for employment with me - but, if you do have one, it will be reviewed.
Oh, funnier story still, candidate included link to his personal website on his resume, I pull it up and right on the front page is a link to his MkUltra experiences blog - where he tells how the secret government program has been tormenting him and anyone he has been associated with for the last 20 years. Nothing in the quite extensive blog in any way indicates that the information is fictional, satire, or anything but his personal account of events. So, we are left with 2 paths forward from this point: A) candidate is a delusional kook, not a good fit for rational daily interactions, or B) he's perfectly lucid and accurate in his accounts, in which case you would be an idiot to get anywhere close to him. Why do you put a link like this on a resume attached to a job application?
The proposal by the ISPs is to expose information that people consider private, stuff that you don't find through ordinary channels (e.g. I don't think I've ever used the "Wayback Machine" for candidate research) - I consider this over the line. The ISPs are in a somewhat sensitive spot, like the phone company who we would wish is requiring warrants before allowing law enforcement to tap our lines, I don't recall ever proposing that AT&T could run Eschelon style voice recognition on our private phone calls so they might share our interests with advertisers? Why would we start now?
🌻🌻 [google.com]
(Score: 2) by VLM on Tuesday March 21 2017, @06:02PM
Nothing in the quite extensive blog in any way indicates that the information is fictional, satire, or anything but his personal account of events.
LOL note to self, make sure my DnD/Pathfinder logs and "my great plot ideas for a hard sci fi or alt-hist novel" are very carefully marked as such.
(Score: 2) by EvilSS on Tuesday March 21 2017, @11:07PM
(Score: 4, Interesting) by AthanasiusKircher on Tuesday March 21 2017, @03:14PM (4 children)
So everyone is selling your health and financial information but the ISPs, and ISPs alone, aren't making a profit off it, because, well, it was a good photo op to lie to people during the obummer administration.
Sorry, but THIS is fake news.
The Health Insurance Portability and Accountability Act of 1996 [wikipedia.org] (HIPAA) sets regulations on exchange of health records. Protected Health Information (PHI) cannot be disclosed to third parties unless it falls under certain exemptions (mostly law enforcement or conducting of normal medical business).
As for financial information, the Gramm-Leach-Bliley Act of 1999 [wikipedia.org] set up requirements for all financial institutions to disclose precisely how they manage your privacy. (Have you never received all those "privacy policy" notices in the mail from your bank?) Under the Act, you have the ability to opt-out of most sharing of financial information again with a few exceptions. (Law enforcement with appropriate warrant, normal banking business, etc. There's also an exception for "joint marketing agreements" with 3rd parties -- that's NOT just selling your info to anyone: the bank has to explicitly agree to endorse and market the 3rd party's products, etc., like a bank teaming up with an insurance company to jointly offer products or whatever.) The Fair Credit Reporting Act broadened those exemptions a bit, but (1) you still have the option to opt-out of a lot of sharing of your info, and (2) the bank is required to disclose how it is sharing your financial information.
So, no, it's not at all accurate to say that ISPs are the only ones prevented from selling your private data to the highest bidder -- in fact, you names two specific types of data that are highly regulated. Sure, we can debate whether those protections are strong enough (and I'd argue they aren't -- financial info sharing should be "opt-out" by default, for example), and a lot of businesses find ways to skirt the regulations.
But just because the regulations aren't as effective as they might be isn't an argument in favor of just deregulating everything. Are you seriously feeling sorry for ISPs being left out of "free market" sharing of private information?
The fake news is pretty much against it with some inflammatory, ridiculous language.
It's not inflammatory or ridiculous. Most consumers may not realize how much private information is "leaking" out of their normal internet use in cookies, other trackers, etc., but informed people can at least try to put some safeguards in place to disable a lot of that tracking by 3rd parties. But it's a lot harder to prevent your ISP from knowing where you go on the internet. So allowing them to directly market your information is indeed a significant escalation and further invasion of privacy.
Privacy may be a losing battle these days. And ignorant consumer choices often unwittingly facilitate their own loss of privacy. But (1) it's disingenuous to imply that lots of sensitive personal data isn't already covered by federal privacy laws (it can't arbitrarily be sold to the highest bidder), and (2) even if it were true that other info can be sold, that's NOT an argument for further invasion of privacy.
(Score: 2) by VLM on Tuesday March 21 2017, @04:37PM (2 children)
Under the Act, you have the ability to opt-out of most sharing of financial information again with a few exceptions.
Hmm if I were a betting man I'd put the over under for that percentage at 0.1% I figure about 50/50 odds its higher or lower than 0.1%.
Its a very small rounding error that doesn't matter.
but informed people can at least try to put some safeguards in place
Again, roughly nobody. We need a solution or discussion for the other 99% of the population.
HIPPA is a good example of hair splitting. Yes my dental xrays are not in my credit record, but my payment information is, for example. So if my wife pays (or doesn't pay) an OBGYN enough money to birth a baby, technically all thats released in the credit report is pure financial data, but everyone in the system knows exactly what it means, as a simplified example.
What an individual can or should do is a different discussion from what happens to entire cultures or what a government regulator should do that applies to all.
I don't disagree with any of your facts about what individuals can or should do, but seeing as that fraction of the population rounds down to zero I just figure its more important to talk about "almost everyone" even if the outcome is diametrically opposed to the individual advice.
(2) even if it were true that other info can be sold, that's NOT an argument for further invasion of privacy.
Yeah OK fine good point. However again, its not really a discussion about privacy or secrecy but a discussion about the government picking the winners and losers.
(Score: 2) by JoeMerchant on Tuesday March 21 2017, @05:51PM (1 child)
Let's not forget Target ratting out the pregnant teen to her Father based on her CC activity.
The data is there, whether or not we should allow commercial or other interests to use it is a question for how we want to shape the future of society. Transparency of personal affairs can be taken too far.
🌻🌻 [google.com]
(Score: 2) by Kromagv0 on Tuesday March 21 2017, @08:09PM
Here it wasn't target deliberately ratting her out [businessinsider.com] it was target doing some pretty good market basket analysis [wikipedia.org] at an ideal time to target an existing customer with things they are likely to need. From my AI class close to 20 years ago there was an anecdote about using market basket analysis where there was a strong correlation between buying beer on Thursdays at a grocery store and in the same purchase buying diapers. What target did here is just an extension of that where you have an individual who is buying things a pregnant woman will typically buy so you cross promote. I believe it was purchasing something like unscented lotion and a few other items which then caused coupons for things like car seats, diapers, cribs and such to be sent. It may have been based off of a single purchase or a series of purchases tied together by a data read off of a credit card and the coupons were the ones printed off at the register.
T-Shirts and bumper stickers [zazzle.com] to offend someone
(Score: 2) by DeathMonkey on Tuesday March 21 2017, @06:07PM
HIPPAA protects your MEDICAL records.
The records that you visit the Blue Cross Blue Shield website once a month. That you access Dr. Smith's website once a month. And your online Pharmacy is PharmCo are not medical records. They are health information, though.
(Score: 0) by Anonymous Coward on Tuesday March 21 2017, @03:16PM
Actually it is secret and private. Each site may track your IP but they aren't all tied together. Technically your backyard isn't private, a plane could spy on you. However that doesn't mean you should have zero expectation of privacy and let your neighbor takes pictures if your wife to sell online.
This article is framed very correctly so stop with your alternative facts / interpretation.
(Score: 2) by Scruffy Beard 2 on Tuesday March 21 2017, @03:50PM
Ad injection by my ISP is why I suddenly became interested in cryptographically authenticating everything about 10 years ago. I never actually caught them doing it, but they had changed their Terms of Service to allow it. That told me that they had probably installed equipment capable of doing it.
Yes, I am one of those rare unicorns that try to read "agreements". I often get push-back when I have questions about them. It is not uncommon to see ones made by copy&pasting similar "agreements" (those are easy to spot by terms inconsistent with the nature of the service).
(Score: 2) by JoeMerchant on Tuesday March 21 2017, @05:32PM
HIPPA and other privacy laws are in-place to specifically prevent the profiting from the trading of protected (health, and other) information.
Not saying it's not done, but it's much less prevalent than it would be without these laws.
I don't know if I would characterize German information privacy laws as "over the top" or not, but it is a more conservative approach that should preserve some of the traditions of society a little longer until we end up in Black Mirror season 3, episode 1.
🌻🌻 [google.com]
(Score: 2) by bob_super on Tuesday March 21 2017, @09:25PM
Yup, you framed it incorrectly.
I'll go for the real-life analogy: The current data markets are people who saw you waling around a store, and may have recorded what you put in your bag, or which shelves you stopped in front of. Some people check that you went to see the doctor. Others will sit at the street corner and log your trips there.
It's fragments, which you can keep disconnected with careful browsing.
Meanwhile, your ISP is more like your watch or your car is recording every single place you, your spouse, your kids ever go to, everyone anyone ever talks to and what they talk about, anything they look at (legal, commercial, embarrasing, or not) and anything they ever buy. When, where, how ...
If the current markets are like selling CCTV tapes and GPS logs, the ISP (or cell company) version is the camera/microphone-equipped tracking collar version. That is way more coherent and comprehensive personal information than anyone wants to see traded around.
People will get hurt.