What creepy stuff will your ISP do once the FCC allows them to spy on your internet usage?

Senate Republicans have introduced a bill to ensure that the FCC won't be able to prevent your ISP from spying on your internet usage and selling your private information. What does that mean in practice?

We don't need to guess: we just need to look at what America's ISPs did before they were banned from spying on their customers and selling their data, namely: selling data to marketers; hijacking search-results; snooping through your web-traffic and inserting ads; pre-installing spyware on your phone and spying on every click you make; and injecting undetectable, undeletable tracking cookies in all of your HTTP traffic.

If this sounds like a bad idea to you write to Congress using EFF's action center and tell 'em so.

1. Injecting undetectable, undeletable tracking cookies in all of your HTTP traffic

Which ISPs did it before? AT&T, Verizon

The number one creepiest thing on our list of privacy-invasive practices comes courtesy of Verizon (and AT&T, which quickly killed a similar program after Verizon started getting blowback).

Back in 2014 Verizon Wireless decided that it was a good idea to insert supercookies into all of its mobile customers’ traffic. Yes, you read that right—it’s as if some Verizon exec thought “inserting tracking headers into all our customers’ traffic can’t have a down side, can it?” Oh, and, for far too long, they didn’t bother to explicitly tell their customers ahead of time.

But it gets worse. Initially, there was no way for customers to turn this “feature” off. It didn’t matter if you were browsing in Incognito or Private Browsing mode, using a tracker-blocker, or had enabled Do-Not-Track: Verizon ignored all this and inserted a unique identifier into all your unencrypted outbound traffic anyway. According to the FCC, it wasn’t until “two years after Verizon Wireless first began inserting UIDH, that the company updated its privacy policy to disclose its use of UIDH and began to offer consumers the opportunity to opt-out of the insertion of unique identifier headers into their Internet traffic.”

As a result, anyone—not just advertisers—could track you as you browsed the web. Even if you cleared your cookies, advertisers could use Verizon’s tracking header to resurrect them, which led to something called “zombie cookies.” If that doesn’t sound creepy, we don’t know what does.

As you can see, there’s a lot at stake in this fight. The FCC privacy rules congress is trying to kill would limit all of these creepy practices (and even ban some of them outright). So don’t forget to call your senators and representative right now—because if we don’t stop Congress from killing the FCC’s ISP privacy rules now, we may end up with a lot more than five creepy ISP practices in the future.

Five Creepy Things Your ISP Could Do if Congress Repeals the FCC’s Privacy Protections [Jeremy Gillula/EFF]

Notable Replies

  1. ProXPN... Ridiculously easy to use VPN software that blocks your ISP from spying on you.

  2. What're they going to see?

    An hour every week spent searching for "ISP that respects my privacy"

  3. This is the safe for work version:

  4. pde says:

    "People can use a VPN" has been one of the standard talking points that the telco lobbyists have used in trying to justify this betrayal of privacy they're hoping to get from Congress. This is of course a red herring: only a small fraction of humans have VPN accounts and know how to use them. And even if you know how to use one, it isn't always practical to use them.

    For random ironic example, I tried to log in to post this reply via a VPN, but Disqus / bbs.boingboing.net told me "you can't log in as (username) from that IP address".

    Users will be much better off if these privacy protections are universal and automatic. So please call your Senator this week and we can keep ISPs from spying on and messing with our traffic!

  5. Given how many topics on the BBS have been referencing male genitalia in the last few days, I can only imagine what my ISP is gonna think of me... :stuck_out_tongue_closed_eyes:

Continue the discussion bbs.boingboing.net

33 more replies