Standing outside in the chill of what passes for “spring” these days, with a cold breeze numbing the end of my uncovered ears (it’s SPRING for God’s sake), I listened to my fellow soccer parents discussing the merits of the Senate’s recent vote to rescind the FCC’s as-yet unimplemented rules on privacy for ISPs. Overall, I think most of the parents were pretty ok with the loss of some privacy in exchange for the perceived benefits of data sharing. Most of that had to do with the cool things technology can do when provided with access to data, like make sure your latté is ready before you actually arrive at Starbucks in the morning.
Listening, I was trying to think of why I’m not on board with that logic (other than the fact that I’m not a huge latté fan). Aside from the many concerning ways in which ISPs can and have used data, the bigger problem would seem to be that there’s no real guarantee that the data will remain with the ISP or their marketing partners.
First of all, big companies of all stripes are pretty terrible at keeping data secure. That means that, in addition to that cool relocation feature which allows you to pre-order a late on the drive to that early-morning soccer tournament, you may be letting hackers from the Ukraine into details about your life which may (or may not) allow them to hack into your bank accounts or determine the content of that highly sensitive e-mail you received.
Secondly, as lawyers well know, data of all types is discoverable in litigation, so those “innocent” late night visits to Ashley Madison may not be as private as you think they are. While much of that data is already available and discoverable from your e-mail provider or home computer, giving ISPs an incentive to keep and distribute that data certainly won’t improve matters any. Increasing the amount of data available also means more data available to the government, and while it’s nice to believe that only matters if you’ve done something wrong, that’s not always true. In Europe, the public and the courts have been fighting against mandatory data retention rules, even as the US arguably incentivizes the private collection of data.
For or against, there’s not much you can do to protect yourself against data collection – most Americans have limited choice in ISPs, and some have no choice at all. Short of running everything through a VPN, or simply not using the internet, it looks as though consumers have to get used to the idea that their traffic will be collected and shared by ISPs, the government, and pretty much everyone else who has access to it.