The US Senate has voted to kill privacy rules that would have prevented ISPs from selling your browser history, under the fantastic logic that mobile operators aren't under the same restriction.
The vote on Thursday broke along party lines, of course, and a decision to invoke the obscure Congressional Review Act of 1996 in agreeing to a "congressional disapproval" of the rules was passed 50 votes to 48.
The rules had previously been approved by US broadband watchdog the FCC and were due to take effect at the start of March, but new FCC chair Ajit Pai – who originally voted against them – killed them off with a 2-1 vote just days before.
The arguments for doing so have been mind-boggling. The senator who introduced the resolution, Jeff Flake of Arizona, argued that his proposal would "protect consumers from overreaching internet regulation."
But, objectively, the rules were specifically designed to protect consumers by giving them the ability to decide how their private data – including what websites they visit and when – can be used.
Flake argued that the rules were preventing consumers from receiving "innovative and cost-saving product offerings" – in other words ads from companies that have paid your ISP for your personal information.
The rules would be costly and burdensome, Republicans have claimed, and according to Senator Mitch McConnell (R-KY), would "make the internet an uneven playing field."
Both Flake and Pai have also made the argument that the rules don't provide "a level playing field" because mobile operators and internet companies like Facebook are under different privacy rules devised by US trade watchdog the FTC that are less stringent.
The argument of consumer groups and the previous FCC chair, Tom Wheeler, to that has been that privacy rules should be tightened at the FTC, rather than scrapped at the FCC.
The same "level field" argument could easily be used at the FTC to argue that the rules on mobile operators should also be scrapped, as ISPs now have an "unfair advantage" in that they can sell consumers' data with few if any restrictions.
The argument also roundly ignores the fact that the FCC rules were developed from existing FCC rules that apply to telecom companies.
Ahead of the vote, Democratic senator Richard Blumenthal (D-CT) complained that the resolution was "a direct attack on consumer rights, on privacy, and on rules that afford basic protection against intrusive and illegal interference with consumers' use of social media sites and websites that often they take for granted."
The vote has also been attacked by Democratic commissioners at both the FCC and FTC. Mignon Clyburn and Terrell McSweeney said in a joint statement: "This legislation creates a massive gap in consumer protection law as broadband and cable companies now have no discernible privacy requirements. This is the antithesis of putting consumers first."
The issue has also pulled in other organizations.
The white cliffs of Grover
American Cable Association chief Matthew Polka is, obviously, over the moon that ISPs can now sell your browser histories to marketers: "ACA is very pleased the Senate voted to use the Congressional Review Act (CRA) to nullify the FCC's broadband privacy regulations ... The FCC's regulations were not only onerous, but also singled out ISPs with overly restrictive privacy responsibilities. Meanwhile, the Internet's giant edge providers were exempt despite having access to similar, if not more, consumer data for their commercial use.
"Notwithstanding today's vote, ACA members are committed to maintaining their excellent record of protecting subscriber privacy. They remain subject to a variety of state and federal unfair and deceptive trade practices, data security and data breach laws. Moreover, they have released a voluntary set of ISP Privacy Principles that cover transparency, consumer choice, data security and data breach notification and are consistent with the FTC's long-standing framework."
Americans for Tax Reform – best known for creating a "pledge" nearly 30 years ago about not creating any new taxes, which all Republican Congressmen are pressured into signing – approved of the vote, too.
Its president, Grover Norquist, argued that while "Americans value their privacy," the FCC rules "use our highly valued privacy as a tool to empower agency regulatory expansion at the expense of consumers."
On the other side, executive director of the Center for Digital Democracy Jeff Chester said the vote would "kill the only privacy protections Americans can have when they use the Internet or their mobile phones," and warned that "Americans will become victims of massive ongoing surveillance from their ISPs."
It's worth noting that a recent Pew Research Center report found that 91 percent of American adults feel that consumers have lost control over how their personal information is collected and used by companies.
With ISPs now given carte blanche to use their customers' data pretty much however they want, the Electronic Frontier Foundation (EFF) put together some highly likely and deeply worrying uses that will now be made of your data.
- Selling your location and personal information to marketers: this is something that some ISPs do now but are loathe to admit because they fear a consumer backlash. With this vote, companies no longer have to fear that. Everyone will do it.
- Hijacking searches: You may find that a search for a particular object sees you automatically redirected to a company offering that product – a company that paid your ISP for that traffic and which is most likely not offering the best deal.
- Inserting ads: we've all experienced the creepy situation where ads for something you were looking at a few days ago keep popping up on other websites like Facebook. Well, that may become the norm as ISPs sell your information to eager businesses looking for customers.
- Installing apps on your phone that track you: when researchers discovered an app called Carrier IQ on phones, which sent data on what apps you use and what websites you visit, people were justifiably upset. It was put there by many people's mobile phone provider. And it won't be the last of it.
- Undetectable tracking code: wherever you go, whatever you do, your ISP will be watching you. And you can't turn it off – even if you go to the trouble of using some browsers' "incognito" mode, your ISPs will still know where you are going online and when. And will then sell that data to anyone willing to pay what they charge.
If all that sounds like a dystopian nightmare, tell the 50 Republican senators that voted for it, and the hundreds of Republican representatives that will most likely approve the resolution in the House soon, allowing it to become law. They will tell you it's about freedom.
Freedom, that is, for people-corporations, not human-people. ®