The Federal Communications Commission this month proposed a new set of privacy rules for Internet service providers that would limit how companies like AT&T, Comcast or Verizon could share customer data with third parties. Though privacy advocates are sympathetic to the principles underlying the proposal, some point out that the rules could come as a gift for other tech giants who deal in the collection of personal data but would be exempted.
“The plan could play a meaningful role in cementing monopoly market power for companies like Google, Facebook or Twitter in secret-selling by regulating potential competitors out of business altogether,” said Fred Campbell, the director of Tech Knowledge and a professor of telecommunications law.
Now that the rules have been proposed, the FCC will vote on whether to move forward with them on March 31. If that happens, they will undergo a period of public comment before final passage.
Related Story: http://www.washingtonexaminer.com/article/2576203
Google and Facebook in particular derive a gigantic share of their revenue from directing personalized ads at users using data they collect. Filings with the Securities and Exchange Commission indicate that Google generated $55.5 billion through online advertising in 2013, while Facebook earned a “substantial majority,” or $12.4 billion, on ads in 2014.
That data can include a range of factors, known and unknown, derived both from what users tell companies about themselves and from what the tech sites can learn by tracking users. Facebook acknowledges that the information it attempts to harvest includes “age, gender, location and interests,” though experts note that description doesn’t quite do justice to what tech companies really track.
“They can and do collect just about everything you do there,” said Roger Entner, the founder of Recon Analytics. “Google is pretty open about what it collects from you at History.Google.Com. It collects everything you have ever searched, the websites you have visited, the smartphones you have used, where you have been with those devices, everything you have searched or watched on YouTube and every picture you have ever taken with an Android phone or uploaded,” Entner says. That’s just a partial list.
“Microsoft collects pretty much the same,” he adds. “The nefarious thing is they do not have to disclose to you what they record, they just need to get your permission once. It’s very often part of the condition to use one of their devices or services, and then they can do whatever they want with it.”
As an example, Entner points out, many diabetes applications that allow users to monitor the condition at home ask for permission to access the camera on their device. (Facebook’s mobile messaging application, for that matter, does the same.)
“On the other hand, Internet service providers can increasingly only see the top level domain name of websites consumers visit, rather than the exact page as companies like Google are encouraging consumers to use the secure https connections,” Entner said.
Part of the reason the FCC isn’t moving to regulate so-called “edge providers,” or companies like Google that provide online services, is that it has not granted itself the authority to do so, as it did with Internet service providers last year by voting to classify them as telecommunication providers.
An initial draft of those rules did group service and edge providers together, Entner notes, “but after Google saw a pre-release version, the FCC took edge providers out.” Edge providers were too insignificant to regulate, the company argued, because they provide only a few services. Providers, on the other hand, connect users to the Internet itself.
Related Story: http://www.washingtonexaminer.com/article/2580779
“This power distinguishes broadband providers from other participants in the Internet marketplace … who have no similar control [over] access to the Internet for their subscribers and for anyone wishing to reach those subscribers,” argued the Internet Association, a trade group comprising Facebook, Google, Twitter and other tech companies, in a legal brief supporting the rules.
The commission has stuck to that position over the past year, shooting down a November petition asking that edge providers be included in any new rules on privacy, stating in its opinion that the FCC is not “regulating the Internet, per se, or any Internet applications or content,” the commission maintained in its opinion.
If the rules pass in light of that exemption, it seems likely that they will increase the value of personal information for companies that continue harvesting it.
Related Story: http://www.washingtonexaminer.com/article/2577390
“It’s the equivalent of adopting a nuclear weapons ban that applies to everyone except the United States and Russia — the world’s biggest nuclear powers — and claiming the ban will keep the world safe from nuclear attack,” Campbell added.
