In case you haven’t heard, Congress voted to repeal the pending Obama-era privacy rules to affect Internet service providers (ISPs) last week. Prior to repealing, ISPs were to be limited to a set of rules that governed and limited what they could do with your browser history data. Specifically, ISPs were to be required to inform you, the consumer or business, what data they were collecting about you and how it would be used or shared and, in some cases, get expressed permission from you before selling your data.
Congress voted to dissolve these pending privacy protection rules, now awaiting final presidential signature. This makes one wonder as European Commission is amplifying internet privacy controls in 2017 in an effort to help protect their citizens and businesses.
I’ll admit that I’ve struggled with how to write a blog about this topic without getting political, It certainly feels like telecom lobbyists’ interests won out over citizen and business privacy rights. As someone who spent almost their entire career in the data industry, and spent a large part of my career actively working to protect peoples’ privacy, this latest move by Congress is especially scary. It makes me beyond frustrated as a privacy advocate and as a consumer whose private information is now for sale to the highest bidder.
Ostensibly, the lifting of the privacy rules for ISPs was to even the playing field between organizations like Google and Facebook (both currently collect and use your data) and ISPs. The rules were inconsistent, deemed unfair. On the surface, that seems pretty reasonable. But you only need to scratch just under the surface to realize the repeal’s trade-off also put the privacy “ball” way out of bounds.
Internet Service Providers Forced to Open Privacy Blinds
Google and Facebook do collect information about your use patterns, your likes, your dislikes, but do so in a very limited capacity. If I “Like” an article on Facebook, Facebook will know that I’ve liked that article and adjust my feed to include more relative articles. But Facebook is also pretty candid about what it does with your data, limited to what happens on Facebook. Today, if I like an article on Twitter – Facebook isn’t going to know. But my Internet service provider will. This is the key difference. Facebook and Google have a very limited scope of knowledge about who I am, what I’m doing, and what my habits are. I have a certain level of control over that. They’ve also enabled consumers to have some level of control about opting in or out of having their data sold.
My ISP, on the other hand, knows everything. My ISP not only has all of my personally identifiable information in their billing department, but they also connect me to all of my Internet activities. They know what I buy, what I say, with whom I am I socializing and wherever I surf – personally and professionally. Now, ALL of this insight will be for sale. And, whatever can be sold can be re-sold – and re-sold. Hackers have new doors opening. Where are the limits?
Email Encryption Demands to Amplify – What to look for?
Most consumers use commercial webmail email providers, with Gmail, Hotmail, and Yahoo being most popular. As these email services are ISP dependent, the repealing of the privacy rules push email protection needs to a top priority. Exploring further, I have great concern about the recent business technology trend (Gartner press release) towards using browser-accessible webmail services such as Outlook 365.
How you protect your email exchanges becomes a priority. As most of us are well-seated with our preferred email provider, an easy selective email encryption is the optimal approach for both consumers and businesses. What does “easy” mean? Look for:
- Two-factor authentication (ideally you only have to perform once)
- Integration with your own email provider as a seamless platform layover
- Multiple/mobile device access and use
- Individual through enterprise level integration
- Consumer and business-friendly services
- Easy implementation
- Flexible pricing options (consider privacy risk costs versus value)
One could take the position Congress has just legitimized data theft, let alone the selling of your data by the highest bidder. By lifting the restrictions that were to be imposed on ISPs, they’ve opened the door for data thieves to simply and legitimately buy your information and use it for anything — including taking your identity.
How do you feel about the lifting this privacy rules?