More bait for Bert
http://www.infoworld.com/article/3045298/privacy/fcc-privacy-rules-cant-stop-gold-rush-in-personal-data.html?token=%23tk.IFWNLE_nlt_infoworld_daily_2016-03-18&idg_eid=593b93817ad0a9726f889c7044a6e9d3&utm_source=Sailthru&utm_medium=email&utm_campaign=InfoWorld%20Daily:%20Morning%20Edition%202016-03-18&utm_term=infoworld_daily#tk.IFW_nlt_infoworld_daily_2016-03-18
<http://www.infoworld.com/article/3045298/privacy/fcc-privacy-rules-cant-stop-gold-rush-in-personal-data.html?token=%23tk.IFWNLE_nlt_infoworld_daily_2016-03-18&idg_eid=593b93817ad0a9726f889c7044a6e9d3&utm_source=Sailthru&utm_medium=email&utm_campaign=InfoWorld%20Daily:%20Morning%20Edition%202016-03-18&utm_term=infoworld_daily#tk.IFW_nlt_infoworld_daily_2016-03-18>
FCC privacy rules can't stop ‘gold rush’ in personal data
Recent events involving the FBI and FCC read like a tale of two governments:
one fighting doggedly to strip away the encryption
<http://www.infoworld.com/article/3034924/encryption/apple-takes-on-the-fbi-whats-really-at-stake.html>
protecting your phone's privacy, and the other advancing rules to safeguard
your online personal info
<http://www.wired.com/2016/03/fcc-preparing-strongest-privacy-rules-ever/>.
It's an appealing story in contrasts. Unfortunately, the privacy advocates
heralding the FCC's "strict new privacy rules" and its role as "privacy cop"
have been too quick to celebrate. Ultimately, these changes will do little to
defend consumers' privacy from the increasingly ubiquitous surveillance of
the digital age.
The proposed rules
<https://www.fcc.gov/document/broadband-consumer-privacy-proposal-fact-sheet>
prohibit ISPs from selling users' data, such as customer name, address,
location and Internet activity, to third parties without users giving opt-in
consent to share that information. This is the same kind of privacy
protection that already applies to telephone customers' data, and it barely
scratches the surface of the motherlode of data generated through online
activity.
Internet providers will also not be allowed to track customers without
consent by using a unique number tied to a user's Internet activity or phone
location. This month, Verizon paid $1.35 million to settle zombie cookie
privacy charges
<https://www.propublica.org/article/verizon-to-pay-1.35-million-to-settle-zombie-cookie-privacy-charges>
and agreed that any future use of hidden undeletable numbers
<https://www.propublica.org/article/zombie-cookie-the-tracking-cookie-that-you-cant-kill>
to track mobile users would be by consent only.
That decree didn't apply to tracking done by AOL, which Verizon acquired
<http://www.infoworld.com/article/2921091/technology-business/verizon-bids-44-billion-for-aol.html>
last year for $4.4 billion. But under the FCC proposal, subsidiaries would
only be allowed to use an Internet provider's customer data to market
"communications related services." Thus, AOL's use of online advertising
technology
<http://adage.com/article/media/verizon-aol-google-facebook/300553/> would
also need to be opt-in.
The rules don't ban programs like the one AT&T rolled out last year that
charges customers a premium for the privilege of not being tracked
<http://blogs.wsj.com/digits/2015/02/18/att-offers-data-privacy-for-a-price/>.
Even FCC Chairman Tom Wheeler admitted he was concerned about privacy
becoming a luxury service. But "at this point in the debate, we have to deal
with what we can deal with today," he said.
What we seemingly can deal with today is a determined emphasis on "opt-in."
Despite all the predictable hand-wringing from cable industry groups about
"burdensome privacy regulations
<http://www.forbes.com/sites/haroldfurchtgottroth/2016/03/14/why-the-fccs-proposed-privacy-rules-would-hurt-consumers/#7e4f73c34c49>,"
the proposed rules say nothing about prohibition. They're simply about
getting permission to do what ISPs have been quietly doing all along:
collecting and selling customers' personal info. How burdensome for them.
It's unclear what that opt-in process will look like, but if it takes the
form of terms-of-service contracts that users routinely agree to without
reading, it's hard to see this as anything more than business as usual for
surveillance capitalism.
"Surveillance is the business model of the Internet," security expert Bruce
Schneier
<http://www.securityweek.com/surveillance-business-model-internet-bruce-schneier>
has said. "We build systems that spy on people in exchange for services.
Corporations call it marketing." Data is currency online, and consumers are
willing to hand it over in exchange for "free or convenience," Schneier said.
"At a most fundamental model, we are tenant farming for companies like
Google. We are on their land producing data," he said.
To date, Internet users have been very productive creating -- and giving away
for free -- what Goldman Sachs calls a "gold rush" of personal data.
Theoretically, if every user decided not to opt-in, it would threaten the
flow of information on which the burgeoning telecom-data-as-a-service
<http://adage.com/article/datadriven-marketing/24-billion-data-business-telcos-discuss/301058/%20>
market relies -- a field currently worth $24 billion per year and on its way
to $79 billion in 2020, according to estimates by 451 Research.
Companies like SAP, IBM, HP, and others are hoping users remain complacent
and do nothing to upset the under-the-radar partnerships with carriers that
give them access to consumers' data, according to an Ad Age investigative
report
<http://adage.com/article/datadriven-marketing/24-billion-data-business-telcos-discuss/301058/>.
Insiders say carriers exploring these kinds of data-sharing businesses are
tight-lipped because "fear of consumer complaints is always lurking in the
background."
"The practices that carriers have gotten into, the sheer volume of data and
the promiscuity with which they're revealing their customers' data creates
enormous risk for their businesses," said Peter Eckersley, chief computer
scientist at privacy watchdog Electronic Frontier Foundation.
"While the world is riveted by the showdown between Apple and the FBI, the
real truth is that the surveillance capabilities being developed by
surveillance capitalists are the envy of every state security agency," says
Shoshana Zuboff
<http://www.faz.net/aktuell/feuilleton/debatten/the-digital-debate/shoshana-zuboff-secrets-of-surveillance-capitalism-14103616-p2.html?printPagedArticle=true>,
professor emirita at Harvard Business School and author of the forthcoming
book "Master or Slave: The Fight for the Soul of Our Information
Civilization."
Indeed, Gartner security analyst Avivah Litan believes the FBI's focus on
encryption backdoors is misplaced. "There is a ton of rich data at ISPs that
can be used to identify and track terrorists and criminals. In fact, this
data is more fertile than what is on a personal smartphone because it reveals
networks and connections that involve crime or terrorist rings," Litan told
Computerworld
<http://www.computerworld.com/article/3044497/data-privacy/privacy-issues-hit-all-branches-of-government-at-once.html>.
Now the FCC wants to give consumers the option to keep some of their data
secret. "Privacy rights confer decision rights, but these decision rights are
merely the lid on the Pandora's Box," Zuboff says.
The FCC's actions are a welcome baby step toward privacy rights, but hardly
in the same category as tough data protection rules
<http://www.nytimes.com/2015/12/16/technology/eu-data-privacy.html?_r=0>
passed in December by the European Commission. "Europe's approach to privacy
is much stronger than in the United States," Peter Church, a technology
lawyer in London, told the New York Times. "There's a fundamental difference
in culture when it comes to privacy."