Internet Providers selling your browsing history

[AKM]

At the risk of posting something too politically oriented, this is something that affects us all here, and I think it is important enough to risk stepping on some toes.

 

It's in the works.  Today, the U.S. congress just voted on it, allowing IPs to sell your browsing history (and other private user data(?) to advertisers.  This is a major blow to privacy.  Needless to say, there's been some serious backlash, even arguments by members of congress.

 

Keep in mind that in order to become law, it must also pass the senate, after going over the president's desk.

 

https://techcrunch.com/2017/03/28/house-vote-sj-34-isp-regulations-fcc/

 

There have been counters already, like private citizens raising money to buy (and assumedly publish) U.S. Senators' browsing history:

 

http://www.dailykos.com/story/2017/3/29/1648419/-This-activist-is-collecting-money-to-buy-senators-browsing-histories-and-everyone-is-donating

[aMonke]

Hello, please excuse me if I may seem uninformed on the matter or such, as I'm not American myself, but this could actually be something else than it seems entirely, allow me to explain. For example, google already uses the data it can gather on you and your browsing habits to show relevant ads (what you search trough their engine, etc), for example if you spend a lot of time on a car lovers forum, you may see car-related ads much more often than others, sales on parts, test drive offers, etc. So, it is possible for it to refer to this exactly, google and such MAJOR and TRUSTWORTHY ad companies can buy your browsing history, preferably not with the times and dates, just the names of the websites for let's say this year/month and then display proper ads. Though I'd still say it's preferabe that only google can buy it, not the other ad companies, like the ones showing those clickbait "wonder fruit to lose weight, 5 tons in 5 days" or "doctors hate her, find out why" type of ads. This could also potentialy make for some bad parts though, imagine you for example went on known sites that have material "for academic purposes" quite often, and then your 7 year old cousin (or nephew, whatever) comes to visit, opens up the browser to go on a site with memes, jokes, whatever and based on your history(, the one they have, you presumably deleted yours or used incognito), the ad he sees is a penis enlargement ad, or a sale for brazzers accounts, now that's gonna be a story to remember. Ofc, this won't happen with google, they have some kind of policy for no 18+ ads if memory serves.
Now, of course I'm not saying this is what it actually is, because I don't know, I haven't read the text of the to-be-law to know, and it hasn't even made it to the evening news here, not even the 5 o'clock ones actually, because it doesn't really affect us, but what I am trying to say is that the media tends to exagerate, so to be able to formulate a correct and accurate conclusion or opinion on this, more details are needed, like the exact effects of the law, it's text and it's legal meaning and interpretation. Either way, if they can, it doesn't mean they will, so this might bring out the greediest of ISPs and actually bring them down, along with their monopoly on certain areas, people switching away to those that do not sell the data and so forth. All in all, these are just assumptions and posibilities, I guess time will tell what it will be like. 

[PsychoMachina]

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

 

 

[aMonke]

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

[PsychoMachina]

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

 

 

Seriously, the concern is that anyone can get a hold of the data.  Are you concerned when hackers gain access to your online accounts and activities and sell them in the darknet?  How are you not concerned when anyone can now do this legally sans hacking.

 

Would you prefer to have some control over what you want to keep to yourself and what you are willing to share with strangers. 

 

Of course, I don't know if there are any safe-guards that would prevent all but legitimate advertising companies from accessing what amounts to be your personal life.

[aim4it]

The difference is that Google would collect such information when you use a google service, or a 3rd party that uses google services.  IPs can collect information from your point of existence on the network, which means they get everything, the contents of your Instant message, Skype voice traffic, Xbox traffic, including your social security number, and pin if your file taxes online, AKA a Russian hacker's wet dream.  And no SSL is not safe, because IPs already do SSL injection to replace parts of web sites, so I wouldn't do online banking either.

[zzz72w3r]

ISP has been complaining, and has a valid point, in that Android i.e. Google and Apple via iPhone, in practicality are doing no different than what the law forbidden ISP to do.  How is an ISP modem different than a handset?  The law does need to change.

 

The bullshit is that originally the proposal was to repeal AND REPLACE the obsolete law with a more comprehensive one to cover Internet services and not just ISP.  Instead we got sold out by the politicians, as always.  This is no different than the DMCA, aka Mickey Mouse Protection Act in the 90s.  The original intent was to clarify digital rights within the realm of free speech, but instead it became the biggest ever transfer of public rights into corporate balance sheets.

[Darkening Demise]

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

 

Oh lord! *Pukes Guts Out* Thank you for bringing up horrifying memories of my teen years by being shown 2 Guys 1 Horse, 2 Girls 1 Cup, Pain Olympics, Lemon Party 1 , Lemon Party 2, Meatspin, Blue Waffle, Cheesy Taco. Oh the horrors!

 

Also at this point it doesn't matter what the government does. They already take your phone calls, texts, and dick pics from your phone and sell it to ads. Now its just your browser history too. Welcome to capitalism. Dollar > Integrity.

[aMonke]

 

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

 

 

Seriously, the concern is that anyone can get a hold of the data.  Are you concerned when hackers gain access to your online accounts and activities and sell them in the darknet?  How are you not concerned when anyone can now do this legally sans hacking.

 

Would you prefer to have some control over what you want to keep to yourself and what you are willing to share with strangers. 

 

Of course, I don't know if there are any safe-guards that would prevent all but legitimate advertising companies from accessing what amounts to be your personal life.

 

Access to online accounts? Now that's a bit far fetched, I doubt they'll be selling anything more than the names of the sites, there is absolutely no reason to sell the data exchanged, and even so, I doubt anyone would be willing to browse trough entire GBs of internet data, of packets, unwrap them all and analyze the content of each, just to sell an ad. Besides, major websites have encryption, https and other protocols so what you send and what you receive should look like giberish without the decription key which is, as far as I know (and I'm by no means an expert, pelase do correct me if you know better) different for each browsing session.

We already do have that control, using the basic common sense, a decent anti-virus and not downloading every 3rd file on the internet usually leads to no viruses or very few on your PC so there's no leak there, therefore all that remains is what you post online on accounts identifiable with you directly (facebook, twitter, the likes). Not everything that passes trough your connection is directly linked to you though, there can be multiple people on your PC or WiFi (provided you give them the password, while having preferably WPA/WPA2 not that weak-ass WEP protocol, and a hard to guess password) so accounts where nothing but a username exists, like here on LL, could be anyone's regardless of IP adress.

Again, all we do here, all that has been said or discussed, is, at the end of the day, based on assumptions, we don't properly know all the facts yet. Ow and to answer your question, I am not exactly worried about it, but for far less concerning reasons than not knowing anything about it or being ignorant, simply put, I'm not from the USA so I'm not affected by this, I do however agree that if implemented badly this could turn out to be another step in the wrong direction for everyone.

Edit: By the way, just because I'm cracking a joke, that doesn't mean I'm not concerned, different people respond in various ways to situations, and I thought I'd lighten the mood a bit on such a dispiriting piece of news.

[PsychoMachina]

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

 

Oh lord! *Pukes Guts Out* Thank you for bringing up horrifying memories of my teen years by being shown 2 Guys 1 Horse, 2 Girls 1 Cup, Pain Olympics, Lemon Party 1 , Lemon Party 2, Meatspin, Blue Waffle, Cheesy Taco. Oh the horrors!

 

Also at this point it doesn't matter what the government does. They already take your phone calls, texts, and dick pics from your phone and sell it to ads. Now its just your browser history too. Welcome to capitalism. Dollar > Integrity.

 

 

Don't forget ( ) Goatse, 1 Guy 1 Cup, and Octopus Girl.

 

[ToJKa]

Wait, wait, wait! There is advertising on the internet?

 

(https://addons.mozilla.org/en/firefox/addon/ublock-origin/)

[Darkening Demise]

Oh my.

[Quillon]

Can't wait, when they'll publish everything.

Justice.

Justice and justice.

They make calls for such laws, but think it's okey for them.

[D_ManXX2]

well as long as the politician that come with these stupid things aren't safe either it is fine be, they create these so they will aslo fall by them. i am sure there are many reporters wanting too see any politician fall flat on there feet.

[pinky6225]

 

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

 

 

Seriously, the concern is that anyone can get a hold of the data.  Are you concerned when hackers gain access to your online accounts and activities and sell them in the darknet?  How are you not concerned when anyone can now do this legally sans hacking.

 

Would you prefer to have some control over what you want to keep to yourself and what you are willing to share with strangers. 

 

Of course, I don't know if there are any safe-guards that would prevent all but legitimate advertising companies from accessing what amounts to be your personal life.

 

 

What activites are you referring to? log into online banking and its encrypted so not really much useful data their

 

Google already track your searches (i.e. after searching for details on graphics cards, google ad's likes showing me graphics cards) so what is new here?

 

The sort of data they are referring to i would also think would have to be anonymised to comply with data protection laws so other than a ISP selling that so many IP's went to X site what are we concerned about?

 

 

[PsychoMachina]

 

 

 

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

 

 

Seriously, the concern is that anyone can get a hold of the data.  Are you concerned when hackers gain access to your online accounts and activities and sell them in the darknet?  How are you not concerned when anyone can now do this legally sans hacking.

 

Would you prefer to have some control over what you want to keep to yourself and what you are willing to share with strangers. 

 

Of course, I don't know if there are any safe-guards that would prevent all but legitimate advertising companies from accessing what amounts to be your personal life.

 

 

 

What activites are you referring to? log into online banking and its encrypted so not really much useful data their

 

Google already track your searches (i.e. after searching for details on graphics cards, google ad's likes showing me graphics cards) so what is new here?

 

The sort of data they are referring to i would also think would have to be anonymised to comply with data protection laws so other than a ISP selling that so many IP's went to X site what are we concerned about?

 

 

True, ISPs can see what banking site you visited, but not any activities because they use encryption.  However, not all websites uses encryption.

 

You still use Google for your searches?  I use DuckDuckgo.

 

https://arstechnica.com/tech-policy/2017/03/for-sale-your-private-browsing-history/

 

"According to the record, only three companies (Google, Facebook, and Twitter) have third party tracking capabilities across more than 10 percent of the top one million websites, and none of those have access to more than approximately 25 percent of web pages," the FCC said in its privacy rulemaking last year. "In contrast, a BIAS [broadband Internet access service] provider sees 100 percent of a customer’s unencrypted Internet traffic."

 

I have to admit, I'm not exactly sure how the data collected would be handled.  Will the ISP anonymize the data?  Will they assign a unique ID for each user or will the data be clearly associated with the users actual identity, but if the person that is trying to raise money to purchase the browsing history of certain congressional lawmakers comes to fruitions then one can conclude the latter is the case.

[Ernest Lemmingway]

For those of us with a strong cynical streak, this isn't news. It's also not limited to your ISP. Many apps on our smartphones already collect usage data and send of packets to advertising agencies unless we use anti-spyware programs or encryption routines. The only good thing is that even one data packet is so full it takes another computer to sort through it all. If something isn't tagged with keywords of interest to a given agency, it's not bothered with. ISP providers do nominally encrypt their subscribers' broadcasts, but since they have the keys and there are clauses in every contract that allows third parties to seize that data (thank you, PATRIOT Act) it's easy for them to get at it.

 

Want to stop this? Get your computer and smart devices an encryption program--the longer the encryption key, the better. Even that is not a 100% guarantee, but it's better than nothing. It also won't stop mass advertisements for drugs, porn, financial scams, etc. Those are handled by your mail's spam filters.

[pinky6225]

 

 

 

 

 

So if I do internet searches for 'Blue Waffle', will I get inundated with ads for drug prescriptions or Mrs. Butterworth pancake syrup. 

I have no idea since I never tried, but if you do try, please let me know. Though my guess is, you'll probably get an evenly split amount of ads for those 2 and for the nearest therapist, just to make sure they don't exclude any posibility. (Kidding of course, whatever your kink or fetish, I don't judge, well at least I try not to)

 

 

Seriously, the concern is that anyone can get a hold of the data.  Are you concerned when hackers gain access to your online accounts and activities and sell them in the darknet?  How are you not concerned when anyone can now do this legally sans hacking.

 

Would you prefer to have some control over what you want to keep to yourself and what you are willing to share with strangers. 

 

Of course, I don't know if there are any safe-guards that would prevent all but legitimate advertising companies from accessing what amounts to be your personal life.

 

 

 

What activites are you referring to? log into online banking and its encrypted so not really much useful data their

 

Google already track your searches (i.e. after searching for details on graphics cards, google ad's likes showing me graphics cards) so what is new here?

 

The sort of data they are referring to i would also think would have to be anonymised to comply with data protection laws so other than a ISP selling that so many IP's went to X site what are we concerned about?

 

 

True, ISPs can see what banking site you visited, but not any activities because they use encryption.  However, not all websites uses encryption.

 

You still use Google for your searches?  I use DuckDuckgo.

 

https://arstechnica.com/tech-policy/2017/03/for-sale-your-private-browsing-history/

 

"According to the record, only three companies (Google, Facebook, and Twitter) have third party tracking capabilities across more than 10 percent of the top one million websites, and none of those have access to more than approximately 25 percent of web pages," the FCC said in its privacy rulemaking last year. "In contrast, a BIAS [broadband Internet access service] provider sees 100 percent of a customer’s unencrypted Internet traffic."

 

I have to admit, I'm not exactly sure how the data collected would be handled.  Will the ISP anonymize the data?  Will they assign a unique ID for each user or will the data be clearly associated with the users actual identity, but if the person that is trying to raise money to purchase the browsing history of certain congressional lawmakers comes to fruitions then one can conclude the latter is the case.

 

 

Not all sites need to use encryption though which is my point, if your doing something that is in the interest of all parties to keep private (like banking, a bank doesn't want your details stolen anymore than you do as its work for them and potentially paying compensation to you) then there are methods of keeping that private which can be used and if you want to take it to the next level you could always use a VPN (digressing here but my corporate VPN was really useful when i was in Germany for fooling UK websites into letting me watch TV )

 

The changes being mentioned are to the US law so even if its okay in the US the companies with multi-national presense still have to comply with local law so i think they would have to anonymise the data for compliance and also to protect themselves, when Sony got hacked and millions of users were affected it was a PR nightmare and thats in a market where the choice is either playstation or xbox

 

With ISP's (atleast in the UK) there is more choice so we would all desert a ISP in our masses if news stories started appearing about ISP's losing/selling data that is harmful to the user, the one thing i would be wary of is when they say broadband internet access service are they referring to the ISP that sells to the customer or (and this might be unique to the UK market) the wholesaler that owns the actual network and sells to the ISP to be sold to a customer

[zzz72w3r]

The just repealed law has been circumvented and neutered by the dot-coms for years.  With more and more sites encrypted and contents consumed outside of their original creators, as far as data analytic is concerned ISP are becoming mere toll collectors.  The potential and real evils are Google, Facebook, Baidu and Tencent. 

 

I read an article that years ago when Disney was involved in property development it worked with ISP (I think it's AT&T) to offer free connectivity to its project in exchange for access to user traffics and ads.  The thinking was the partnership would address the weakness of prior free Internet services in that the Disney brand would sooth fear of spying, ensure an affluent and theoretically more valuable demographic (the median property price of the Disney project was about 3x of neighboring counties).  The program was a total failure the same because knowing what IP visited by whom was already not very attractive to marketers in that era of search engines and email services who have far more meta-data to analyze than just IP traffics.  Fast forward to today IP visit data are pretty worthless commercially now that Google and Facebook not only can track individual behaviors in real time but are developing behavior influencing capabilities.  Facebook has 2.1 billion users, the biggest fixed line ISP in the US has less than 20 million customers, less than 1% of Facebook.  The biggest ISP in the world China Telecom has 60+ million fixed line Internet customers but only 10% of Tencent's 600+ million Chinese users.  Nowadays Chinese government probably rely far more on Tencent than it's national phone companies in spying its own citizens.  Next step, already ongoing by Tencent commercially is to manipulate users.