The Phony WSJ Take on Privacy

An opinion piece in the Wall Street Journal tried to portray the concern over elimination of the FCC broadband privacy rule as “phony .. panic.” Aside from the fact that no sources were provided to back claims by the author, the claims just don’t make sense. I guess that’s why the author of this opinion piece didn’t put their name on the article. Let’s take a closer look.

“The House voted this week to rescind an Obama Administration regulation requiring that cable customers “opt in” to allow data mining of their preferences, which allows companies to feature targeted ads or improve service. The rule passed in a partisan FCC vote last year but never took effect. This belies the idea that Comcast and other invented villains will have some “new freedom” to auction off your data.”

Semantics. While ISPs have always had the freedom, had the rule taken effect, they would have not been able to collect and sell your data without your knowledge. The author makes it sound like there was never a problem. Maybe no data was being collected yet, that’s not a reason to revoke the rule. Should we not criminalize murder if no one had yet been murdered?

“The FCC didn’t roll out these rules in response to gross privacy invasions.”

Really? How about when Verizon, AT&T started tracking their users with ‘supercookies’?

“The FTC had punished bad actors in privacy and data security for years, with more than 150 enforcement actions.”

The FTC has punished bad actors who violated FTC regulations governing privacy, but those regulations cover false and misleading information. The regulations do not address ISPs selling your data without telling you. The ISPs would only be violating FTC regulations if they said they did not collect and sell your data but did it any way. From the FTC web site“When companies tell consumers they will safeguard their personal information, the FTC can and does take law enforcement action to make sure that companies live up these promises. The FTC has brought legal actions against organizations that have violated consumers’ privacy rights, or misled them by failing to maintain security for sensitive consumer information. In many of these cases, the FTC has charged the defendants with violating Section 5 of the FTC Act, which bars unfair and deceptive acts and practices in or affecting commerce. In addition to the FTC Act, the agency also enforces other federal laws relating to consumers’ privacy and security.”

“One best privacy practice is offering customers the choice to ‘opt out’”

Um … well … that’s one of the components of the FCC rule – allow consumers the ability to opt-out of data collection.

“The FCC ditched this approach and promulgated a rule that, curiously, did not apply to companies like Google or Amazon, whose business model includes monetizing massive data collection—what panda videos you watch or which gardening tools you buy. The rule was designed to give an edge to Twitter and friends in online advertising, a field already dominated by Silicon Valley.”

Lots to discuss here. First, companies like Google and Amazon have privacy policies that describe what data they collect, what they use it for and how to opt out. If these companies fail to adhere to these policies, they face punishment from the FTC. In fact, Google paid a $22.5 million penalty for “misrepresenting privacy assurances.” However, I fully agree that privacy restrictions should be applied to these companies as well as to ISPs. If they did not have their own privacy policies, they could avoid possible enforcement actions by the FTC. But, why throw out the rule because it only addressed ISPs? Why not create a rule that includes Google, Amazon, etc. Lastly, if “the rule was designed to give an edge to Twitter and friends…”, the author would have a more solid argument if he included a source for this claim.

“The crew pushing the rule say cable companies deserve scrutiny because it is easy to change websites but hard to change internet-service providers. The reality is the reverse: The average internet user connects through six devices, according to a paper last year from Georgia Tech, and moves across locations and networks. But which search engine do you use, whether on your home laptop or iPhone at work? Probably Google.”

Huh? This makes no sense. It is very easy for a user to change web sites and search engines. Changing web sites? Well, isn’t that what browsers are designed to do? As for search providers, the settings are available in every browser and on every device I know of.  (For example: instructions on changing your search provider.) Also, users can opt out of data collection for many web sites and services. Plus, it’s very easy to block data collection and tracking on every browser, tablet, and smartphone using any one of hundreds of ad blocking tools – many of which are free. How can the author claim it’s easy to change ISPs? How many of you have access to more than one provider? According to the FCC Internet Access Services report, only 22% of US households have access to more than one broadband service provider. Seems like it would be pretty hard for 88% of internet users to switch providers. 

“Plus: Encryption and other technology will soon shield some 70% of the internet from service providers.”

Encryption will hide the information you exchange with websites, but your ISP will still see every website you visit. Your device has to tell your ISP what website you’re going to so it can get you there. You simply can’t encrypt that part. 

“What this week’s tumult means for your privacy online is nothing. FCC Chairman Ajit Pai and FTC Chairwoman Maureen Ohlhausen issued a joint statement saying they’d work together to build a “comprehensive and consistent framework” for privacy that doesn’t favor some tech companies over others. The interim is governed by FCC guidelines that have been in place for years.”

Guidelines that have been in place for years clearly are not enough, considering how many how concerned people are with privacy, how many data breaches and other hacks occur daily, and how the FCC created a rule to address concerns that had not been addressed. I can’t wait to see what Ajit Pai (former Associate General Counsel at Verizon Communications) comes up with. I’m also still waiting to here how selling customer data without customer consent helps innovation. Maybe they’ll be some innovative ads or creative malvertising.