Broadband ISPs’ Big Data Privacy Grab

Congress and President Donald Trump are poised to kill the first real protections for commercial privacy that Americans have online. On March 23, phone and cable giants allied with the GOP Senate majority to overturn the historic consumer-data safeguards adopted last fall by the Federal Communications Commission.

AT&T, Comcast and Verizon Communications — the country’s dominant providers of high-speed broadband — along with industry and its congressional GOP allies, intensely oppose the new FCC rule. Why? Merely because it gives Americans some say in whether their sensitive information, such as web browsing activity and geo-location, can be used for digital marketing purposes.

That’s right. The new FCC safeguard about to tossed into the legislative waste bin merely says that ISPs must first ask for permission before they can take this personal data in order to target us. Such an “opt-in” approach, requiring prior informed consent, is heretical to digital marketers, whose profits depend on using all of our information without ever really having to ask to do so.

Until the FCC stepped in, it was the Federal Trade Commission that served as the primary federal agency handling Internet privacy. But unlike the FCC, which can readily issue regulations to protect the public, the FTC is constrained from doing so. More than three decades ago, the advertising industry successfully lobbied Congress to curb that agency’s rulemaking authority (during a fight over another media issue — whether there should be limits on children’s advertising).

Primarily, the FTC can only punish companies that engage in “unfair” or “deceptive” acts — such as lying to customers about how they use or protect our information. But if a company writes a privacy policy that basically provides them with unlimited access to all our data — which is what they do — the FTC is basically powerless to do anything at all. Which is why the phone and cable giants, along with Google and Facebook, prefer the FTC. It provides the illusion of having actual oversight and limits, when really nothing much is possible.

Under the FTC’s watch, Americans have just experienced an unprecedented loss of their privacy. In the last few years, for example, digital marketers have aggressively pushed the boundaries of what information they gather from us and how it can be used.

Our offline and online data is now routinely merged, generating “profiles” that connect our street address to the “cookies” and other online identifiers provided by our digital devices. Our precise geolocation is also regularly captured by mobile phones and “apps” that stealthily send our whereabouts to online companies and retail stores. Massive one-stop data broker “clouds” have emerged that provide reams of information, including about our finances, health, political interests, ethnicity — sold to marketers large and small.

Our data “profiles,” or digital dossiers, have become invaluable corporate assets that are bought and sold in milliseconds by powerful computers scattered across the globe, our identities traded for profit, as if they are just another commodity. Ongoing advances in how data is analyzed and used —  “big data” — is ushering in even more ways companies can more precisely determine who we are, what we do, where we go, and how we should be treated.  

The leading phone and cable broadband ISPs have made major investments in tapping into the latest “big data” techniques. For example, Verizon recently introduced “Smartplay,” which helps deliver “smarter advertising” by creating what it calls “individual viewer personas that capture viewing history, account profile details and other valuable data.”

Comcast Labs employs “big data research teams” that have expertise in “machine learning algorithms, forecasting models, intelligent image and video search, automated scene analysis, voice biometrics, recommender systems, personalization, and deep metadata.” AT&T is relying on its “Consumer Insights Platform” team to turn “big data into big insights.”

ISPs also partner with leading data providers, such as Acxiom and Oracle, to enhance the robust details they already have about their broadband and video service subscribers. The big ISPs have also been on a shopping spree, acquiring companies that further their digital data advertising clout. Verizon acquired AOL and is now in the process of buying Yahoo; AT&T bought the leading satellite TV company, DirecTV, in part because of its digital ad capabilities; it now wants to fold Time Warner into its empire. Comcast has swallowed up ad-tech companies such as Visible World, FreeWheel, and StickyAds (and its NBCUniversal subsidiary has also embarked on its own formidable data-driven ad initiative).

It is precisely because ISPs provide us access to residential broadband or wireless networks that they have a unique window into our lives. While Google and Facebook have their own far-reaching capabilities, they are primarily ad-supported marketing companies. When we pay a (hefty) monthly subscriber fee for Internet access, we should not also be exposed to having our Internet provider capture every bit of information it can, let alone tie that data together with what we do when we use our mobile and gaming devices or watch TV.

The FCC’s new privacy rule builds on the agency’s network neutrality policy requiring that companies providing access to the Internet must operate in a fair and nondiscriminatory manner. Longstanding safeguards for protecting the privacy of our voice conversations over the telephone network have been brought into the 21st century — and now it’s also our broadband communications that must be respected. (Network neutrality is also under threat of elimination by the Trump FCC.)

The ISPs and ad-industry lobbyists disingenuously claim that having the FTC protect consumer privacy for all Internet companies, including ISPs and data giants like Google, is the most effective approach. It would be so, perhaps, if the FTC had any real clout. Many of the companies and trade groups urging that the FTC replace the FCC as a privacy regulator have lobbied against giving the trade commission actual authority to do so. They cynically know that turning over our broadband privacy to the FTC will mean business as usual — more of our offline and online data endlessly flowing into sophisticated databases that provide advertisers and other commercial entities (and perhaps government) detailed actionable blueprints of our lives. It will also mean that the only real potential privacy protection Americans have had to make their own mind up about whom to share data with and for what purpose will be lost.

The ISPs, data-marketing companies and their supporters are also fighting against the privacy rule because they know we are also on the eve of a new era — the Internet of Things — that will generate even more personal information about us. In today’s digital era, data is power. That’s why we shouldn’t let Congress and the broadband companies overturn the first real protections we can have. This will be an opportunity to challenge Donald Trump’s vision of the United States as principally a corporatist society where the welfare of commercial special interests is more important than the needs of the average American.



Jeff Chester is executive director of the Center for Digital Democracy, a Washington, D.C.-based consumer digital-rights group.