US Senate votes 50-48 to do away with broadband privacy rules; let ISPs and telecoms to sell your internet history
Despite widespread disapproval from constituents, S.J.Res 34 has passed the United States Senate with a vote of 50-48, with two absent votes. Earlier today, at 12:25 Eastern March 23, 2017, the US Senate voted on S.J.Res 34, and will use the Congressional Review Act to strip away broadband privacy protections that kept Internet Service Providers (ISPs) and telecoms from selling your internet history and app data usage to third parties. S.J.Res 34 was first introduced by 23 Republican Senators earlier this month and its blitz approval is a giant blow to privacy rights in the United States.
The resolution, which is now effectively half passed, will hand responsibility of broadband privacy regulation from the Federal Communications Commission (FCC) to the Federal Trade Commission (FTC) and disallow the FCC from making any rules protecting Internet privacy ever again.
The 50 Senators that voted for S.J.Res 34 are (thanks to happyxpenguin):
Senator Roberts (R-KS)
Senator Lee (R-UT)
Senator Boozman (R-AR)
Senator Blunt (R-MO)
Senator Crapo (R-ID)
Senator Scott (R-SC)
Senator Cotton (R-AR)
Senator Hatch (R-UT)
Senator Capito (R-WV)
Senator Alexander (R-TN)
Senator Toomey (R-PA)
Senator Perdue (R-GA)
Senator Cochran (R-MS)
Senator Inhofe (R-OK)
Senator Ernst (R-IA)
Senator Lankford (R-OK)
Senator Collins (R-ME)
Senator Sullivan (R-AK)
Senator Thune (R-SD)
Senator McCain (R-AZ)
Senator Graham (R-SC)
Senator Wicker (R-MS)
Senator Grassley (R-IA)
Senator Burr (R-NC)
Senator Hoeven (R-ND)
Senator Tillis (R-NC)
Senator McConnell (R-KY)
Senator Heller (R-NV)
Senator Cruz (R-TX)
Senator Daines (R-MT)
Senator Portman (R-OH)
Senator Murkowsky (R-AK)
Senator Cassidy (R-LA)
Senator Flake (R-AZ)
Senator Johnson (R-WI)
Senator Rubio (R-FL)
Senator Corker (R-TN)
Senator Risch (R-ID)
Senator Gardner (R-CO)
Senator Young (R-IN)
Senator Barasso (R-WY)
Senator Moran (R-KS)
Senator Cornyn (R-TX)
Senator Enzi (R-WY)
Senator Kennedy (R-LA)
Senator Shelby (R-AL)
Senator Rounds (R-SD)
Absent:
Senator Paul (R-KY)
Senator Isakson (R-GA)
The FCC broadband privacy rules are closer to ending – allowing your private internet history to be sold
The Senators that voted for this have been lobbied by the telecoms and ISPs. Those in support of this stripping of privacy rights have even filed with the FCC attempting to claim that web history and app data usage information is not sensitive information. The EFF put it concisely: Senate Puts ISP Profits Over Your Privacy. Now, the only chance to maintain the hard earned FCC broadband privacy rules lies in defeating H.J.Res 86, the House version of this resolution, which will likely be voted on in the House of Representatives within the next month. It’s up to us to Save Broadband Privacy and make sure that we Don’t Let Congress Undermine Our Privacy.
Comments are closed.
89 Comments
How did the Nebraska senators vote? Update the list.
Pay to play! Some things never change. How can congress serve the public in good conscious, when they are selling our rights to the highest bidder.
Clearly the public does not want their every move tracked. If we don’t like how an app or website tracks our efforts, then we at least can assimilate and boycott. With this new millstone, the public is trapped and sold out for the almighty dollar.
2018 is gonna be fun Trumpcare no one wants ISPs selling things no one wants sold A Corrupt president & admin that needs impeaching.
Where are you getting your information?
https://www.congress.gov/bill/114th-congress/senate-joint-resolution/34/text
Above is a link to S.J. Res 34. The text of which states that its sole purpose is to codify into law that the rule created by the Department of labor, “81 Fed. Reg. 32391”, shall have no effect, essentially negating it.
Curious, I decided to actually -read- the rule in question, to see why the Department of Labor would make a law protecting internet privacy, and not the FCC (which is an independent agency).
The rule in question can be found here:
https://www.federalregister.gov/documents/2016/05/23/2016-11754/defining-and-delimiting-the-exemptions-for-executive-administrative-professional-outside-sales-and
Now like I said, I read the damned thing. In it the word “internet” appears only 36 times, all in section headers. “Browse” doesn’t appear at all, “History” only appears 17 times.
In fact, the entire rule has to do with pay rates and overtime and which employees are exempt from receiving overtime pay for overtime hours.
I see absolutely nothing in any of the previously mentioned locations regarding anything to do with the internet, browsing history, personal information, or the selling of data.
Either you, or I, are very confused here. Perhaps you could clarify?
You’re linking to an old bill from a previous Congress.
That’s not it, this is: https://www.congress.gov/bill/115th-congress/senate-joint-resolution/34
AHA. Thank you Kovah88 and Curtis Weyant. Now to read into all of those…(damn you google for displaying old crap first)
they are talking about the SJ34 from the 115th congress happening this year (2017-2018 – see link) you posted the link to the 114th congress’s SJ34 from last year
https://www.congress.gov/bill/115th-congress/senate-joint-resolution/34?q=%7B%22search%22%3A%5B%22S.J.Res.34%22%5D%7D&r=1
This already happens…this bill doesn’t change anything.
Your phone, computer, tablet, etc. ALL track EVERYTHING you do and companies sell that info.
Don’t believe me?
If you have the FB app…even if you have ALL the permissions turned off. They will still listen and track what you say.
Try it, talk about switching insurance providers and watch the next ad that pops up on your news feed.
Facebook isn’t an ISP nor is it governed under the same rules as they are
That was the isp’s argument. Everyone else is doing this so why cant we?
Doesn’t mean they still don’t do the same thing….
Why is it ok for one company but not another?
Because an ISP is a utility company… And utility companies shouldn’t be allowed to collect this vast amount of data and sell it (they have access to more data than any other company on the planet. They have more data on you than the government does. The government goes to the isps for most of their data collection purposes…). This is very bad.
Internet service is basically a necessity to modern Life. You can live without Facebook, but it’s nearly impossible to live in modern society without internet. Going without internet is like going without power. Most jobs require you to have internet access. I don’t think a single job requires you to use Facebook.
I don’t use Facebook, google or any of those services. I use Linux. Very little of my data is collected and sold and I want to keep it that way.
Time to start using a vpn again…
I can see your side
We have WOW ! ( wide Open West) which isn’t a well known cable company..
are they selling the billing info to other companies?
Linux is not a ISP service. Linux is technically not even a full operating system either. Linux is the kernel in which linux “distributions” use. When you login and see your desktop, thats not linux. Thats your desktop environment such as XFCE, Gnome, KDE, etc…
But you are right ISP’s get all the data that pass’s thru them where as if you don’t like Facebook you can simply not use it. But heres the kicker. Your data is on the internet whether you use the internet or not. You Social Security number is stored on a computer that is connected to the internet on the government level. Your name, address and phonebook are on the internet even if you do not use the internet. So is your living history. All of this is even if you NEVER have used the internet. So like my grandma who’s never owned a computer yet alone had an internet.. All of that information is already on the internet.
So thinking your data is not collected, would be wrong. Tho you at least did say “very little”. My guess is you would shit your pants if you realized just how much data is on the internet.
VPN will give you “some” protection. But then again it didn’t work well for some hackers. Apparently not all VPN’s are created equal. And then the final nail in the VPN coffin is that if the FBI kick the door down and yank the power plugs on those computers then do forensic recovery on the hard drives guess what, some of that data will still be there. Problem is when you delete data your not really overwriting it you are just telling the computer hey w/e i don’t wanna use this chunk of memory someone else can. This is why when programming you must null out the bytes or assign a value to it before reading the value otherwise you get pure garbage (unless using debug mode which automatically sets your data to 0x00 for example).
This would be like Chevy tracking where you go with onstar versus the Department of transportation tracking where you go no matter what car you use. One kinda makes sense and you can opt out (cancel onstar) the other is terrifying and of zero benefit to you.
Yeah but it still happens….so, your point?
But now instead of cheating, and if caught, slapped on the wrist with a fine (that is but a fraction of what they made selling stolen information) it is now legal to do so.
We need to make senators wear NASCAR type suits with their official sponsor embroidered boldly.
Ha I would be for that…a bunch of Ricky Bobbies walking around Legislation arguing
not yet. has to pass the House.
Which will happen easily. Just a matter of time, and not that much time
I feel like you just false advertised and wasted my time. I just repeatedly infant of ALL my devices which I never turn a single primary feature on. And not 1 damn add popped up for what I was talking about. Also 90% of the ad’s I do see are from amazon/ebay. Where if you make a purchase Facebook gets a commission. And they don’t even have to “sell” your data.. your data is all stored conveniently in your cookies… know whats better then buying your information and having to pay a half a trillion dollars for a server farm big enough to actually house that volume of data? Tricking everyones computers into hosting this information instead.. wait, this does exist called cookies.. and you have wasted my time. x_x
-Former Web Developer and current Computer Programmer
It’ll happen…
Don’t blame someone else for your decisions…if your time was wasted that was your choice
Former Web Developer or not, you don’t seem to understand how cookies work at all.
Cookies are not used to store ‘all your data’ and never have been.
They basically store an identifier into Facebooks database. So yes, Facebook absolutely need a server farm to link that cookie id to ‘all your data’
Go and update your tech knowledge because its horribly inadequate
Paul, it might be you who doesn’t understand cookies completely. I think Matthew is right. I had created my resume in MSWord and stored it in my documents folder. I did NOT upload it to the internet or attach it to an email because, as I was still working on it. A few days later I found it in a temporary internet folder filled with cookies, ready to be uploaded the next time I connected to the internet. So, I know cookies can contain code, (a proc, an instruction), who’s purpose is toseek & grab data from your computer, then upload at next connect.
I’m a web developer. It’s not true. Cookies are not programs. They are tiny text files that are used to store your ID and your preferences for a particular website (such as the “remember me” on login forms). They cannot “do” anything by themselves, and no website can look at cookies that were created by another website.
Your temporary internet folder does not hold cookies. The cookies are held in another folder (type “shell:cookies” into your windows-r run box to see where they’re stored).
I don’t know what’s going on with your resume, but if you viewed it with IE at any point, it would easily end up in your temporary internet folder. But NOTHING in your temporary folder is uploaded. Ever. That’s now this works. That’s not how any of this works.
I promise you, I understand cookies completely :-)
> I found it in a temporary internet folder filled with cookies, ready to be uploaded the next time I connected to the internet
This is not accurate. It doesn’t upload all your cookies en-masse. They can only be sent to the actual website domain which set the cookie in the first place.
> I know cookies can contain code, who’s purpose is toseek & grab data from your computer, then upload at next connect.
No, there’s no code or instructions whatsoever. Nothing ‘runs’ cookies.
Its just a bit of text (usually cryptic looking), but the site has encoded whatever information it wanted to store in there, and its sent to that site next time you access it.
Yeah, this is just not true.
Your ISP has no ability to routinely view your Facebook communications, since it uses https and is encrypted end to end. It may be that your ISP is logging the encrypted packets for some users, AND it may be that the FBI or security services are able to decrypt these, in cases where they need to, and with enough time and effort.
But to suggest your ISP is routinely scanning your Facebook messages as plain text and then mining it for marketing data, is just utter nonsense and shows a basic misunderstanding of the technology being used.
really then how do they know when people download torrents and shut off the internet?
Because the bittorrent protocol does not use http or https.
Now you may access a torrent download site via https which is encrypted, but this does not automatically mean the *.torrent download is
In these cases your ISP *CAN* see that you have directly accessed a .torrent file and the site is was downloaded from.
There are improvements to bittorrent in recent years which mean its possible to download torrents using an encrypted protocol, (in which case your ISP *CAN* still see which site or download host you have requested, from DNS requests, but cannot see which file or torrent you have requested).
See https://en.wikipedia.org/wiki/BitTorrent_protocol_encryption
Thanks, I’m learning lots from ya’ll today
In addition to what Paul said, those who own the copyright will oftentimes download the torrent themselves as a “peer” and will be able to see which IPs are violating their copyright. And with admissible proof that this IP was sending packets of data violating their copyright, they’ll then request the contact info of those IPs to the ISP (internet service provider) to send you a letter.
Oh ok, so it’s not the ISP tracking but the other companies
Torrenting and other p2p services use the same network port for their connections. ISPs may not be able to see the encrypted information that is being sent/received but they damn well can see what port is being used for the information. They can also see what IP addresses you’re connecting to. There are public trackers that are known for distributing pirated software. If you qualify for a few of these criteria, they can infer that you are using p2p services to download pirated software.
Interesting, so theoretically if you get warnings/service ended by them for that specific issue. They currently don’t have proof and breached their contract?
Well I wouldn’t jump to that conclusion so quickly. Every ISP is a but different but I’m sure that there’s a clause somewhere in all their Terms of Service saying that you shouldn’t torrent pirated software, receiving or distributing. Torrenting isn’t bad, it’s just a better way of hosting certain files. Ubuntu distros have an option of being downloaded via p2p. Is this bad? No. But since ISPs aren’t looking at what you’re downloading sometimes it’s easier just blanketing any p2p connection as potential wrongdoing so any action on p2p ports can flag you as a potential criminal.
No, the copywriter holder (Let’s say NBC for example) downloads the same torrent, makes note of all the peer addresses and then contacts your ISP to IP address w.x.y.z downloaded The Office illegally from your network.
Then your ISP sends you a warning letter saying, NBC contacted us referencing your IP address saying you downloaded The Office illegally. Stop now or we will terminate your account, hand your contact info to NBC, and they will sue you.
The ISP is the messenger in this case, not the accuser.
Paul
Have you ever heard of DPI (Deep Packet Inspection) Don’t think that for one minute your traffic can’t be inspected. It being legal at the moment for an ISP to do that is another story.
One acronym. DNS. Look it up. Most people use their ISPs DNS servers. They already have all your DNS requests logged. Even if you use 3rd party DNS, that DNS provider could sell your usage. Finally, the primary ISP can easily keep logs of all your browsers GET traffic (Source + Destination IP Address).
The article never said anything about tracking exactly what is typed within https connections.
And even if you’re using a 3rd party DNS provider (like OpenDNS), your ISP can still see the IP addresses of any traffic they route, and an easy reverse DNS lookup will easily reveal what sites you’re visiting.
Yeah, that’s what I was getting at :-)
You do realize this is a different thing, right? If you write something in the Facebook app, of course facebook listens and tracks it. You’re literally handing it to them.
This bill is about allowing your internet provider to share and resell information about what you do on your computer. Whether it’s facebook, or gmail, or a web search, or opening a web page in incognito mode, running any program that accesses the internet (they all do now). Unless you unplug your computer from a wall, this makes it legal for a company (that in all likelihood already has a monopoly on providing broadband to your area so has zero incentive to do anything to keep you happy) to package your entire online behavior and make it available to the highest bidder.
Congress is getting paid for it.
By using those apps you have given permission to use your info. Now permission is not needed. This is tyranny.
What can we do today? How much can our calls influence our representatives? Do they even hold our interests anymore?
Everyone that is fucking sick and tired of dealing with rhinos. Need to rally the people in your state and recall these bastards and force special elections. Forget re-election time time for all these people to go.
The resolution, which is now effectively half passed, will hand responsibility of broadband privacy regulation from the Federal Communications Commission (FCC) to the Federal Trade Commission (FTC) and disallow the FCC from making any rules protecting Internet privacy ever again.