Succumbing to the pressure of heavy lobbying, the proposed California Broadband Internet Privacy Act was shelved early this morning by the California Senate:
If enacted, the law would have beginning in 2019 barred ISPs from monetizing consumer browsing data without first obtaining consumer consent. In essence, large ISPs such as AT&T and Verizon would have been barred from refusing to provide service or limiting service if customers did not waive their privacy rights. It would have also barred them from charging customers a penalty or offering discounts in exchange for waiving privacy rights.
By way of background, the FCC earlier this year pulled back on those Obama-era regulations that impacted ISPs – regulations that completely ignored the data collection practices of companies such as Google and Facebook given they were not subject to FCC regulation. The “Net Neutrality” Red Herring previously used by lobbyists to protect those tech companies alleged ISPs deserve different treatment because they curtail broadband usage for certain segments of society – alleging that ISPs closed out the Internet for many in poorer rural communities.
Current FCC policy, however, maintains rules that protect the “openness” of the Internet. And, the stated intent on the FCC’s May 2017 pullback was a desire to implement a “light-touch regulatory framework” that immediately leveled the field, allow the FTC to continue enforcing privacy infractions, and ultimately defer for a later date the exact parameters of any federal consumer privacy consent law.
Currently, the privacy infractions of companies like Google and Facebook are policed by the FTC and not the FCC so having the FTC also focus on ISPs is perfectly natural within our current regulatory scheme. After all, the only reason large ISP’s such as AT&T, Cox and Verizon even came under the FCC’s purview was because they are also telecom and cable operators. To use this FCC front door to regulate the backdoor Internet businesses of telecom and cable operators was always forced and unnatural. Indeed, this very public dispute between ISPs and website owners was itself s a subterfuge. Not surprisingly, AB 375 was also opposed by Google and Facebook because “expanded privacy regulations could indirectly affect the websites’ own ability to gather and monetize user data.”
As accurately stated by a libertarian blog: “By framing this as a dispute between ISPs and websites — instead of accurately presenting it as a struggle between Internet users and anyone who would mine and sell their data, the powers that be (including lawmakers, bureaucrats, corporations, and the media) have muddied the waters to conceal a simple fact: This is actually a struggle between those who value their privacy and those who would profit by violating it.”
Perhaps fearing the demise of AB 375, a California ballot initiative proposed on September 1, 2017 would allow California consumers to know what personal information businesses are collecting from them as well as how that information is used. As it stands, consumers obviously have no clue who ultimately processes, uses or outright purchases their data. The California Consumer Privacy Act of 2018 will be placed on the November 2018 statewide ballot if it obtains 365,880 valid voter signatures. This ballot initiative goes further than AB 375 given it would apply to any business that collects and deals in data for commercial purposes and not just ISPs.
The apparent premise behind this ballot initiative is that there is no longer any such thing as anonymous data – it only takes about 10 visited URLs in total to uniquely identify someone, and there certainly is no difference between what a Google or an AT&T ultimately do with consumer data. As it stands, relatively few use a Firefox browser set to its highest privacy setting or a Privacy Badger extension to keep Google scripts from running Google Analytics. Even fewer users forgo Google in favor of the donation-funded DuckDuckGo search tool that allows users to browse the web without storing search results.
As suggested years ago: “It may one day be determined, however, that an even more effective means to satisfy all constituent needs of the [online behavioral advertising] ecosystem (consumer, merchant, publisher, agency, etc.) will be to find a means to directly correlate between privacy rights, consumer data, and a merchant’s revenue.”
Until such direct financial correlation takes place – with the ensuing compensation to consumers, the true value of consumer data will never be known. Very likely, companies who continue pilfering something consumers do not properly value will never do as well as companies that actually pay for what they want.
Given any present mass consumer education necessary to prod these issues forward will rely on online tools provided by companies with the most to gain or lose, the only immediately viable solution necessarily requires agreement from the likes of Google and Facebook. Unfortunately, given current circumstances, there simply is no financial incentive for these companies to rock a very lucrative boat.