ISPs should need permission to sell to sell subscriber privacy

by Steve Blum • , , , ,

Your choice to make.

Mystery continues to swirl around privacy regulations for Internet service providers. The Federal Communications Commission is set to vote on new rules at its meeting tomorrow, but with only a vague summary released to the public, no one outside of chairman Tom Wheeler’s circle of trust knows the details. One particular issue – the ability of ISPs to share your web browsing history – bears watching.

The FCC’s summary pegs web browsing history as the sort of sensitive information that ISPs will have to keep private, unless subscribers give positive permission – opt in – to share it. That’s drawn fire because websites and other online service providers have a lower standard to meet. Google, for one, believes ISPs should be able to treat routine browsing information – online shopping, for example – differently than really private information like medical records, telling the FCC that its “framework should allow such differentiation based on the nature of web browsing information, regardless of the company collecting the data”.

The problem with Google’s position – keep in mind it’s an ISP as well as an online service provider and advertising platform – is that consumers choose to go to particular websites and, up to a point, reveal information about themselves. A website might share that information with, say, advertisers, but that’s how you pay for otherwise free stuff on the Internet. Except for your current IP address, which is necessary to make two-way communication work, you don’t have to tell them anything about yourself.

Your ISP, which is not giving you free stuff, knows everything about what you do online. All your traffic passes through its servers and that information is saved, at least for a time. It’s one thing for an ISP to offer you an opt-in discount for the privilege of sharing information about your surfing habits with advertisers, but quite another for it to throw it open to public view whether you want it to or not.

The FCC’s summary implies that web browsing history will be treated the same way as other sensitive information like health or financial information or social security numbers. Sticking to that course would be the right call for FCC commissioners to make tomorrow.