Friday, 31 March 2017

Comcast, AT&T: We Totally Respect Your Privacy Even Though We Helped Kill The Law Protecting It

The FCC rule that would have prohibited your ISP from collecting and selling your personal data without your permission is pretty much dead, leaving consumers to fend for themselves. Members of the House and Senate didn’t all spontaneously come up with the same talking points about why the FCC rule was unfair, though; they had help from lobbyists and telecom corporations along the way. And now some of the biggest of those corporations are pinky-swearing that just because they can abuse the heck out of your data now doesn’t mean they will.

That’s the gist of a post on Comcast’s corporate blog today from the company’s chief privacy officer, Gerard Lewis.

Comcast is committed to privacy principles that are “in line with the FTC’s regime,” Lewis writes. “We have committed not to share our customers’ sensitive information unless we first obtain their affirmative, opt-in consent.”

“We want to make sure that our customers understand how strong our privacy protections really are,” Lewis concludes, writing that Comcast is about to revise its privacy policy “to make more clear and prominent that we do not sell our customers’ individual web browsing information to third parties and that we do not share sensitive information unless our customers have affirmatively opted in to allow that to occur.”

Lewis links to a press release [PDF] from January, co-signed by all the big telecom companies and trade (lobbying) groups, including Comcast, to prove his point.

“For over twenty years, ISPs have protected their consumers’ data with the strongest pro-consumer policies in the internet ecosystem,” the release reads, appearing not to take into account that time AT&T charged extra for privacy, or that time Verizon tracked everyone with supercookies, or that other time a whole bunch of ISPs got caught redirecting users’ searches.

AT&T exec Bob Quinn echoed the sentiment in a post on AT&T’s Public Policy blog.

Because the FCC’s rule had not yet gone into effect, Quinn writes, consumers didn’t actually lose anything. After spending several paragraphs explaining why former FCC chair Tom Wheeler and the rules he approved were awful, Quinn continues by explaining why you should totally trust AT&T with your data.

“AT&T was one of the first companies to move away from a privacy policy that looked like a legal document and towards a policy that communicated our practices to our customers in words that the consumer didn’t need a lawyer to help decipher,” Quinn writes. Which would be useful, except that privacy policies don’t mean your data is private, and also not even 2% of users read them ever.

Quinn also challenges what of your data can actually count as “sensitive.” AT&T doesn’t include location data in that bucket, but the FCC did.

If the government believes that location data is sensitive and requires more explicit consumer disclosures and permissions, then those protections should apply to all players that have access to location data, whether an ISP or edge player or search engine,” Quinn writes, which is a pretty solid sentiment.

“If the government bans the ISP from that data but allows, for example, OS providers, app developers and everyone else who has software running on your phone to collect your location and internet data, use it, share or sell it,” Quinn continues, “that does not protect but rather confuses the consumer.”

Which again, is in one sense, true: if your data is sensitive, it should be treated as such no matter who holds it. That would be really nice! But that’s not the way any of our laws work.

Every existing privacy law we have depends on two key things: what data is being collected, and who is collecting it. Your health data may be covered by the law if your doctor gathers it, but it is not if your Fitbit does. Is that confusing? It sure as heck is! But that’s the way our entire regulatory system has shaken out.

Moreover, The FCC cannot regulate edge providers like Google and Facebook; that falls to the FTC. But the FTC likewise cannot regulate Title II common carriers, which all broadband providers now legally are. That means falling back on the FTC as the regulator of choice for your ISP is a disingenuous move at best.

As we’ve observed before, meanwhile, the industry spent a great deal of money making sure that the resolution to overturn the FCC’s rule would have friends in Congress.

The Verge compiled a full list of how much each of the member of the House and Senate who voted for the CRA received in donations from the telecommunications industry in 2016 (or, for Senators, their most recent previous election).

The one and only listed member — out of a total 265 who voted to overturn the rule — for who the number was $0 is the one appointed in Feb. 2017 to fill the seat former Sen. Jeff Sessions vacated when he became Attorney General. The other 264 Senators and Representatives who voted to roll back privacy for consumers all received some kind of donation from the industry.

At the high end of donations we have Sen. Mitch McConnell (KY), the Senate Majority Leader, whose campaign received $251,110 from the industry. He’s followed by Sen. John Thune (SD), chairman of the Senate Commerce Committee; his campaign netted $215,000 from these sources.

Another 10 Senators who received more than $100,000 from the telecom industry — Roy Blunt (MO), Thad Cochran (MS), John Cornyn (TX), Chuck Grassley (IA), Orrin Hatch (UT), Ron Johnson (WI), Jerry Moran (KS), Pat Roberts (KS), Pat Toomey (PA), and Roger Wicker (MS) — also all voted to overturn the FCC rules.

In the House, the numbers are a little smaller — but there are also hundreds more Representatives than Senators. Rep. Greg Walden (OR), chair of the House Energy and Commerce committee, tops out the list with a cool $155,100 in telecom donations. Re. Steve Scalise, the House Majority Whip, clocks in second with $121,750.

They were followed by another 35 Representatives whose campaigns received between $40,000 and $120,000 from the telecom industry, including: Reps. Gus Bilirakis (FL), Marsha Blackburn (TN), Susan Brooks (IN), Doug Collins (GA), Barbara Comstock (VA), Kevin Cramer (ND), Carlos Curbelo (FL), Rodney Davis (IL), Bill Flores (TX), Rodney Frelinghuysen (NJ), Bob Goodlatte (VA), Steven Guthrie (NY), Richard Hudson (NC), William Hurd (TX), Darrell Issa (CA), Bill Johnson (OH), Adam Kinzinger (IL), Bob Latta (OH), Billy Long (MO), Kevin McCarthy (CA), Martha McSally (AZ), Patrick Meehan (PA), Cathy McMorris-Rogers (WA), Markwayne Mullin (OK), Pete Olson (TX), Erik Paulsen (MN), Bruce Poliquin (ME), Jim Renacci (OH), Pete Sessions (TX), John Shimkus (IL), Jason Smith (MO), Lamar Smith (TX), Fred Upton (MI), Ann Wagner (MO), and Mimi Walters (CA).

Usually if a company spends a lot of money getting a law passed or repealed, it’s because they see a way to make more money out of the action they support. But just because internet service providers have literally been caught doing those things before in the absence of rules preventing it doesn’t mean they’ll try again, right? Surely we can simply trust our oligopolistic providers to do what’s right, even though we don’t have the option to leave them for another carrier if they don’t?


by Kate Cox via Consumerist

No comments:

Post a Comment