![A Look at 30 Key Cyber Crime Statistics [2023 Data Update]](https://www.thesslstore.com/blog/wp-content/uploads/2022/02/cyber-crime-statistics-feature2-75x94.jpg)
(No Ratings Yet)
Loading...Senate Votes To Let ISPs Sell Your Data Without Consent
Lettings ISPs Sell Your Data, Seriously Weakens Existing Consumer Protections.
Yesterday, the US Senate voted to undo privacy protections passed during Obama’s administration. The target was an FCC privacy policy that would have required a request for customer permission before letting ISPs sell your data.
With the newly passed Senate resolution, that protection is gone, leaving ISPs free to share and sell “data, including online browsing activity, mobile app data, and emails and online chats” to third-party companies. The vote was 50-48 in favor, exclusively supported by Republican senators.
This will likely kill the FCC privacy policy before it ever truly existed – while it was approved last year it had not even come into effect yet (that wouldn’t have happened until December of this year) – reflecting our new Congress’ eagerness to hurt digital privacy. The House of Representatives (which is also majority Republican) or President could still act to ensure the privacy policy goes into effect, but that is unlikely to happen barring a massive public outcry.
Now you know who to thank when your Social Security Number is spread all over the place (that may seem dramatic, but SSID is one of the pieces of information that your ISP can now share without permission).
This is an absolutely atrocious invasion of privacy – one that provides no benefits to consumers and only gives ISP more means for making a profit off a service they already charge users for. During the resolution’s debate, Senator Ed Markey (D) said “the acronym ‘ISP’ now stands for ‘information sold for profit,’ and ‘invading subscriber privacy,’ rather than ‘Internet service providers.’”
This outcome demonstrates the importance of sensible policies on digital privacy – something that the US government has a bad track record with. While we often like to champion the capabilities of technology, that alone cannot solve all of our problems.
For instance, even with these new regulations, SSL/TLS can still provide some privacy from your ISP’s prying eyes. When using HTTPS, a network observer cannot see the specific page you have visited on a website, but they can still see the hostname.
This means that HTTPS prevents your ISP from seeing what you have searched for on Google. But they will be able to see that you navigated from Google to WebMD.com, and then to Diabetes.org. This demonstrates the trivial ease with which a network-level observer with aggregate data can identify what you are doing, even with some protections. (By the way, this is another good reason for you to adopt HTTPS for your site. Give your users the ability to value and prioritize their privacy instead of taking that decision away from them by only offering HTTP).
Users could go further and bolster their protections by also using a VPN – which would encrypt all traffic from their local computer and effectively blind their ISP. But in the digital realm, privacy and safety are usually unrelated. So unless your VPN provider isn’t rubbish – which is a big assumption to make – you may be sacrificing one protection for another.
By using a VPN you are really just shifting your exposure instead of limiting it. After all, instead of your ISP seeing everything you’re doing, now your VPN provider will. Given that there is less oversight over VPN providers, they may not provide any privacy improvement at all.
So that is another technology solution which fails to really work…
This does not even get into the topic of usability or the fact that keeping a shred of privacy online will take money, know-how, and the inevitable troubleshooting and inconveniences of such a complicated method just to do some simple web browsing.
So, what’s more reasonable – to play a cat and mouse game with various protocols, services, and software to keep your basic privacy rights intact? Or would it be better for our government to start taking our digital rights seriously, and start passing sensible legislation?
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown