2017 ISP Privacy Regulations in the United States: All You Need to Know

(Image credit: VyprVPN)

This feature has been brought to you by VyprVPN

There’s been a lot of buzz about the US Congress' recent vote to block FCC (Federal Communications Commission) regulations protecting consumer privacy over broadband Internet access – and on Monday, April 4th, President Trump officially signed the bill into law.

This move disapproves the FCC privacy rules, and has implications for both consumer privacy and open Internet principles. Below we take a look at what happened, what you can do to protect your privacy, and where we go from here.

What exactly happened?

The FCC passed new privacy regulations applicable to broadband providers (ISPs) in 2016 which required ISPs to obtain explicit “opt-in” consent from consumers before they could share and sell their personal information (i.e. browser history, location, communications) to third parties. The FCC rules were slated to go into effect in early 2017, but the FCC stayed the rules on March 3 -- meaning they didn't take effect.

Congress separately considered whether to reject the privacy rules under a statute called the Congressional Review Act, and both Senate and the House voted to disapprove them on March 23 and 28 respectively. On April 3, President Trump signed the bill into law - which killed the regulations and permanently precludes the FCC from adopting “substantially similar” rules in the future.

This was a "win" for broadband providers, who stridently opposed the overall net neutrality rules and specific broadband privacy rules, arguing that different and fewer rules govern large web-based companies that also collect and sell user information (for example Facebook, Google). Opponents also claim the rules are an unfair burden to ISPs that could confuse consumers and stifle innovation.

Implications for privacy and providers

The repeal means ISPs will continue to face less regulation, and they can continue to sell and profit from user information. It also preserves the existing duopoly situation that exists among ISPs, wherein US consumers generally only have one or two Internet providers to choose from (Time Warner Cable and Comcast provide Internet to nearly ¾ of new subscribers).

The repeal of the ISP rules maintains this provider control over the market. As a result, consumers are still subject to the same (albeit invasive) ISP data selling and sharing practices that were already occurring. Despite what some outlets are reporting, because the rules never actually went into place no consumer protections were actually "lost."

If the FCC wishes to protect consumer privacy down the road, they will have to devise an entirely new framework governing ISPs. It's likely any new rules will be general and not include a requirement for to opt-in, but will enable sharing by default. It's also likely privacy protections AT LARGE will be rewritten following this outcome. Press reports certainly indicate the FCC plans to start the process of repealing the underlying 2015 “net neutrality” rule in the near future.

Protect your privacy with a VPN

Without stronger privacy rules governing ISPs, your personal information will continue to be shared and sold to third parties, potentially without your knowledge or consent. This leaves you with little control over your personal information including revealing information like location, sites visited, communications content, financial details and much more. Luckily, there is something you can do to protect yourself and your privacy - use a VPN.

The best thing you can do is use a VPN every time you connect to the Internet and on all your devices. A VPN encrypts your Internet connection preventing anyone – including your ISP – from viewing your online activity or personal details. VyprVPN is an effective tool to protect your privacy and prohibits your ISP from viewing browsing history, location and other personal details. If they cannot view your information, they cannot sell it, so a VPN is a great way to protect your privacy online despite invasive ISP snooping practices.

It's time to change the conversation

While privacy protections are important, there's also a larger issue at play here - Open Internet (or what some refer to as net neutrality). At Golden Frog, we believe it's time for the conversation to change. We need to stop zeroing-in on the FCC privacy regulations and instead look at everything regarding Internet access and consumer privacy. To start, let's take a quick look back at net neutrality...

The Open Internet Order took effect in 2015, but it was in fact a compromise – and ultimately an admission of failure. It’s true that the recent FCC privacy regulations would have been beneficial, but they were only necessary because of the existing net neutrality framework. They wouldn't have been needed if the FCC had retained the prior rules in place (since the 1970s!) that required open, interoperable networks and open access to local monopolies’ basic bottleneck infrastructure. 

These rules gave us the Internet to begin with, but the FCC started repealing them in the early 2000s causing thousands of independent ISPs (many of whom had privacy protective policies) to go out of business. Today the big companies are still in control, and continue to further expand their control by surveilling users and selling user information.

At Golden Frog, we have always valued choice, transparency and fully competitive markets. And now, given the current atmosphere, it' time to reassess whether the failed “net neutrality” rules were the right answer. In a way, they represented final acceptance of monopoly markets as they didn't provide adequate regulatory protection. Golden Frog supported the FCC privacy regulations (along with many others who value privacy and choice) at the time, because they granted consumers some additional control under the existing framework. But we've always contended the net neutrality framework was misguided because it all depends on regulators to constrain powerful interests. At this point, we need to reevaluate what we are fighting for.

A renewed call for open access

The right answer is a return to fully open, interoperable basic networks, and consumer choice in Internet access - or Open Access. In the current market most consumers have little or no choice in their provider, and even where two providers exist they have basically the same policies. 

Open Access would allow for lots of Internet providers, rather than the duopoly-type situation that exists today. This would prevent broadband providers from controlling consumer privacy and data because consumers could choose providers that are more privacy-friendly and decide how they want their information to be handled.

As we are revisiting the debate at large, we believe it’s time to move past the context of the ISP privacy regulations, and revisit our approach to Internet privacy and access as a whole. It's time for us to revisit open access.