Pacific Internet - Ukiah, California

ISP Snooping & Sales

2017-03-30

Pacific Internet & ISP Privacy

You may have heard about a law requiring ISPs to protect their customer's privacy being removed. We wanted to make one thing very clear—Pacific Internet never has, and never will, sell your personal information.

How do recent changes affect my privacy?

You may be surprised to learn that the recent vote to allow ISPs to sell information about your health, finances, children, and physical location throughout the day – among other things – does not mean ISPs were not able to before. In fact, they have been able to this entire time, and will simply be able to continue to do so.

On October 27, 2016, the FCC adopted rules to protect broadband consumers' privacy. An impressive text, with reasonable statements, like:

We find that because broadband providers are able to view vast swathes of customer data, customers must be empowered to decide how broadband providers may use and share their data.

However, the rules did not take immediate effect, there being more due process in their implementation. What happened on Wednesday, March 29, 2017, was a negation of the to-be-implemented rules for protecting consumer privacy; thus, in effect, nothing has changed.

How can I protect myself?

Given that nothing has changed, and your security and privacy are subject to the same threats and lack of protection as they ever were, you may be wondering what you can do to begin protecting yourself.

Your security and privacy are in your hands. If you choose to use services from edge providers like google and the face book, you should have a reasonable expectation that your privacy will be invaded. Their business model is based on using your data, whether you like it or not, whether you know it or not. You might also ask yourself whether using free services even makes you a customer that can be protected.

Contrast that with, for example, your pacific.net email account. You pay us for email services, we provide you with email services. We don't know or generally care what's in your email, and we certainly don't go combing through it. Our staff does not have access to your mailbox, and cannot peruse your mail at their leisure. Do note that administrators have full control over your account, and your use of our email service is subject to our usage policies, which are intended to create a secure and reliable mail system that operates respectfully on today's Internet.

While we strive to preserve your privacy, as already mentioned, your privacy and security on the Internet are largely dependent on you. We cannot protect you from yourself when you do unsafe things, like giving your credit card information or name, (email) address, and phone number to a website that doesn't use HTTPS, or coughing up your username and password to a phishing site, or transmitting usernames and passwords unencrypted across the Internet, or worse – and more to the problem at hand (ISPs selling your browsing data) – even simply visiting your favourite sites.

To reiterate: Pacific Internet does not sell your information.

Security and privacy are intertwined, and it is difficult to talk about one without the other. If you want to protect as much of your privacy as you can, you can't rely on somebody else to handle your security—especially when that somebody has a financial incentive to sell your personal information to anyone that might ask for it. This means we all need to learn a little about how to act safely and responsibly on the Internet.

In summary.

Here are a couple bullet points, that certainly don't cover everything you need, but are hopefully a good-enough start (kind of like learning to count your calories, but not actually going on a diet):

  • Use TLS. This used to be known as SSL, but those earlier versions of the protocol are considered insecure today. You can know you are using TLS while browsing the web when the address looks like https://, and not the insecure http:// (often not shown). Many services other than websites can take advantage of TLS, by the way. For example, we've been trying to encourage our email customers for several years now to use TLS when sending and receiving their mail (and we will be requiring it soon).
  • Find an ISP you trust. Pacific Internet does not directly manage the hardware used for your Internet access. There are several more players involved in the chain, going all the way up to AT&T, who owns the copper wire our signals run over. Since the issue of selling browsing data isn't actually in our hands, please read the following statement from our upstream provider.
  • Boycott offensive providers. Again, this may be difficult due to monopolization, but exercising your right to a choice is a powerful tool, even if that means choosing none, when all the choices are bad. Don't forget the issue here is consumer privacy, so if you stop consuming the products of worthless service providers who don't respect your privacy the way you think they should, you help make the world a better place for us all.

References

The following are some references to more information about the recent legistlative act you may find interesting.