Comcast Thinks Having Basic Broadband Privacy Protections 'Irrational'
from the we're-angels dept
Last week the FCC announced that it would be imposing some relatively new basic privacy protections on broadband. While the full rules will be hashed out after extensive public and company input (meaning if anything they’ll get weaker), FCC boss Tom Wheeler’s proposal (pdf) is fairly basic: ISPs should alert customers when their data is stolen, ISPs should be totally transparent about what they’re collecting, and ISPs should provide users with working opt-out tools for any data collection service the ISP employs. None of these requirements are particularly onerous, and most ISPs will find that they’re already adhering to them.
Given that an informed and empowered customer that opts out of snoopvertsing means less money earned, it’s no mystery that ISPs have been whining about the FCC’s proposal. After all, as wireline and wireless subscriber growth has become saturated, companies like Comcast and Verizon have turned to advertising as their next great growth market (thus Verizon’s $4.4 billion AOL buy).
Obviously Comcast can’t just come right out and say it’s solely worried about losing money, so top company lobbyist David Cohen (apparently the company hates it when I call him that) has coughed up a new company blog post in which Comcast tries to argue that having some basic, new broadband privacy rules is an “irrational” move that creates an “unjustified set of regulatory shackles.” Shackles that would, apparently, prevent consumers from enjoying all of the marketing Comcast intends to throw at them:
“Beyond blocking ISPs from competing in the online advertising marketplace, the FCC proposal will have other spillover effects. One example of the extreme nature of the FCC?s proposal and how it would negatively impact competition and consumers relates to cross-marketing of our competitive products and services to existing ISP customers. Under the FCC proposal, Xfinity Internet customers could miss out on learning about lower prices for taking bundles of services like Xfinity Home Security. Today, consumers are benefitting from competition in these new and expanded services, and they expect to receive these offerings from their broadband provider. The proposed FCC?s rules would unjustifiably make that much more difficult.”
That’s really just an overlong, alternative way of saying that Comcast is worried they won’t be able to upsell you as much unnecessary shit as they otherwise would. But again, with transparency and opt-out consent the cornerstones of the FCC’s plan, the FCC has made it clear that there’s really nothing that will prevent ISPs from upselling their own, or anybody else’s services. Despite hysteria in the telecom sector there’s no indication the FCC’s panning anything more elaborate or “difficult,” with the primary focus being letting consumers opt out — with no hard focus on requiring consumers opt in (much preferred by many privacy advocates).
ISPs have been pushing funded studies for months stating privacy rules aren’t necessary because ISPs don’t really collect much about you (just flatly incorrect) and VPNs and encryption means consumers have tools to protect themselves already making further action unnecessary. But as studies like this one from Team Upturn have noted, ISPs collect an ocean of data on users via multiple technologies. Most Internet of Things and other household traffic isn’t encrypted, and ISPs still track and monetize user behavior by studying DNS records and other network footprints.
Still, Cohen tries to pretend that there’s no reason for the FCC to get involved in privacy because nothing bad has ever happened on the broadband privacy front:
“There is no evidence of any problem with ISP privacy and security practices: research published by the Harvard Business Review and the Pew Research Center shows that consumers trust their ISPs just as much, if not more, than other providers in the Internet ecosystem. And there have been very few ISP-related privacy or data security issues under the FTC regime, even while the FTC has taken numerous enforcement actions against others in the Internet ecosystem. “
Cohen has a short memory. You’ll recall that one of the key reasons the FCC is even pursuing new broadband privacy rules was Verizon’s abuse of so-called “stealth cookies,” which involved embedding wireless user packets with unique header identifiers that let Verizon track consumers and build detailed online profiles. Verizon was using this tracking technology for three years before security analysts even noticed. Consumers were never informed. It took another six months of public pressure and an FCC investigation before Verizon allowed customers to opt out. The FTC never raised a finger, which is why you’ll generally see ISPs argue for leaving some telecom enforcement in the hands of said agency.
Again, ISPs had spent the last decade arguing that a “self-regulatory regime” was all that was needed to protect consumer privacy — but when push came to shove it simply couldn’t do it. Between Verizon’s stealth cookies and AT&T’s decision to make opting out of snoopvertising a steep monthly premium, the lack of broadband competition has meant ISPs could consistently ignore customer privacy rights without repercussion. In an ideal, competitive market you might not need net neutrality or privacy rules, but as anybody held hostage by the nation’s dynamic duopoly knows, that’s just not the reality most broadband consumers live in.
Filed Under: broadband, david cohen, fcc, isp, privacy
Companies: comcast
Comments on “Comcast Thinks Having Basic Broadband Privacy Protections 'Irrational'”
I actually might agree with Comcast this time. If there are strong shackles on ISPs, it might drive Google out of the ISP business.
Re: Re:
You’re correct, that likely would drive Google out of the ISP marketplace… precisely because Google is not in the ISP business. They’re in the big data/advertisement business.
Re: Re: Re:
Why, when as as an ISP Google will be happy not collecting again the data they get as the search engine/gateway to the web, along with their analytic business. Besides, as an ISP, they will let their customers consume all the YouTube that they want, along with any other service that they can use for advertising to people.
Re: Re:
So we should just let it slide as long as Google wants to continue violating user privacy?
No he doesn’t. Verizon is a wireless service, not an ISP, duh.
/don’t really believe this
//Not sure he doesn’t
Anyone they’re fooling with that bullshit isn’t interested enough to get involved with the process anyway.
Re: Re:
or is paid in someway to believe it
Opt out, isn't informed consent.
And given that Comcasts customers are, by and large, living in monopoly markets, neither could it be said that any of their other questionable practices involve informed consent.
Many of their users, and particularly the ones most exposed to abusive and psychologically-invasive media practices are under 18. So even IF the end user fully understood their service contract, (which is unlikely even for well educated consumers) it wouldn’t be informed consent.
The ONLY way to fix this is to break them up. You are either in the carrier business, or in the content business. Allowing a monopoly carrier to be in both will ALWAYS be an invasion of civil rights. They will just find a new corner of the 1st amendment to diddle, no matter how much the FCC regulates.
It is like Glass Steagall. Banks are predisposed to commit insurance fraud, so Glass Steagall separated banks and insurance in 1933. Clinton repealed it, (probably in a deal to avoid impeachment) and the market promptly boomed and crashed, because… banks committed insurance fraud.(AIG was a securities insurance scam)
In the same way, telecoms corrupt free trade by constraining speech. The only way to fix that, is to insure that they cannot constrain speech AT ALL. Which means separating responsibilities for content management, and transmission. Period.
Overturn Citizens United. Reinstate Glass Steagall. Bust the Trusts.
Re: Opt out, isn't informed consent.
Wouldn’t Opt In be even better informed consent?
Re: Re: Opt out, isn't informed consent.
Who would willingly choose to be monitored and receive more advertising? Other than lunatics that is.
Re: Re: Re: Opt out, isn't informed consent.
Before somebody crucifies me I’m not talking about stuff like Google that offers a plethora of services in exchange of giving you advertising (which you can block since they don’t control your very connection to the internet).
Re: Re: Re: Opt out, isn't informed consent.
The particular company escapes me at the moment, but wasn’t/isn’t one of the major ISP’s offering you a ‘discount’ if you allow deep-packet inspection of your connection for advertising reasons?
Re: Re: Re:2 Opt out, isn't informed consent.
I think it was AT&T. And it was he opposite direction. They offered you a higher price if you didn’t want advertising. The deep packet inspection was the default, not the ‘discount’. It was the prices you had originally agreed to before they ever heard of deep packet inspection.
If I wanted to get my packets deeply inspected, I wouldn’t be encrypting everything. Or I would be getting into the TSA line.
Re: Re: Re:2 Opt out, isn't informed consent.
I remember hearing something like this and this is why I clarified. We agree to some extent of monitoring but in exchange of something. And even then Google cannot monitor everything, they don’t own the pipe (except, of course, Google Fiber which could be doing the same as Comcast/Verizon and we don’t know).
But if it’s informed in the strict sense, no sane person would opt into a system that thoroughly monitors their traffic. Not if they really understand what deep packet inspection is.
Re: Re: Re:2 Opt out, isn't informed consent.
“but wasn’t/isn’t one of the major ISP’s offering you a ‘discount’ if you allow deep-packet inspection of your connection for advertising reasons?”
That’s the same thing as charging you more for not wanting it …
Re: Opt out, isn't informed consent.
This is the best Anonymous comment I have ever read on Techdirt.
Re: Opt out, isn't informed consent.
They will just find a new corner of the 1st amendment to diddle, no matter how much the FCC regulates.
Unless I’m missing something, Comcast, AT&T, Verizon et al cannot possibly violate the 1st Amendment.
Re: Re: Opt out, isn't informed consent.
“Unless I’m missing something, Comcast, AT&T, Verizon et al cannot possibly violate the 1st Amendment”
Agency of state. If a party excercises authority in a fashion that deprives others of their liberties, and does so in a way that is sanctioned, formally or informally by the government, they are acting as an agent of state. In which case they are obliged to operate within the applicable constraints of Constitutional law.
Ubiquitous surveillance does constrain liberty. The state is aware of it, and has defended it in court. It then follows that the telecom, in this capacity is functioning as an agent of state, even though the right to conduct these invasive practices has never been granted in any formal way.
If a Sherriff looks on as a lynching progresses and does nothing, the parties committing the lynching are operating as agents of the Sherriff, because he is compelled to act in service of the law. He has given consent by neglect.
In such a case the Sherriff can be charged with conspiracy and is liable. The same logic applies to Telecoms.
TL;DR Version:
Companies that made a business out of doing shady shit are upset that they can’t get away with doing shady shit in the darkness.
well..
It’s difficult to keep up with the MPAA/RIAA DMCA notices and comply, without invading privacy; Besides, privacy and piracy look the simalar. They must be stamped out.
New premiums.
Congrats ISP consumers. We are proud to unveil our new tier selection to improve your satisfaction.. Tier 1 is what we call the Superstar. For a mere $30 monthly fee, your info will spread like the next viral cat video to people around the internet. Just like a celebrity. Tier 2 is what we call the Colonial. Using our 1990s technology. We created a way to share limited information with everyone on the planet. Sorta like the ancient times of the early 90’s. This tier is limited addition and only $50 monthly. Do not worry the $200 setup will be waived with a 5 year contract.
wolves
How does one keep the wolves at bay when they have co opted the Sheppard?
You get Foghorn Leghorn on the case, that’s how. No, that won’t work, Wiley Coyote? That sheep dog with the hair in his eyes? Damn, we’re screwed ain’t we?
Governments should NOT be in the business of regulating!
Comcast is in good company here. And with good reason.
Imposing regulations upon Comcast to protect consumer privacy would be like regulating big chemical plants to prevent water pollution. Or the silly idea of regulating plants to prevent air polution! This would impose unwarranted burdensome requirements upon business that would diminish profits from huge to merely large.
Comcast shouldn’t be regulated any more than other poor struggling ISPs. Imagine if Verizon had to actually build out the landline infrastructure they promised? Or if AT&T had to let customers use all the bandwidth they actually paid for? This could destroy the global economy!
Shouldn’t TechDirt be a ‘pro business’ site?
This message brought to you by Big Lobbyist from Big Mega Corp which personally approved this message.
Re: Governments should NOT be in the business of regulating!
Main reason because free market in it’s full sense cannot exist. Once one player dominates and gets financial power it’s only a matter of time till it becomes the painful real version of Buy n Large. This and inherent human greed.
Capitalism has given us plenty evidence it does not work if left alone.
Re: Governments should NOT be in the business of regulating!
It’s not quite that black and white. Regulation, by definition, is a burden on businesses. As such, the optimal amount of regulation is the minimum “required”. Unfortunately, there’s a world of complications in that one word.
Regulations generally hurt overall economic growth, (though in certain cases, regulations can protect long-term growth by mitigating profitable but dangerous short-term practices, i.e., preventing bubbles) but the reason they exist is that the public values certain things over economic growth. Such as the health and safety of its citizens. No one wants to live in an anarcho-capitalist society.
So, when certain public values, such as the right to privacy, conflict with the bottom line in a market with little reactivity (e.g., monopolies), the public exercises its will through external controls, such as regulatory agencies.
The fact remains, however, that regulation has a cost, often a substantial one. Often that cost is necessary, or worth paying. Sometimes it’s not. That’s why serious consideration is necessary before implementing any regulation.
And, after serious consideration, the FCC, myself, and just about every consumer in the country have determined that ISPs require additional regulation in order to maintain fair and ethical behavior in their gatekeeper positions.
Re: Re: Governments should NOT be in the business of regulating!
On the topic of the right amount of regulation, I agree that it should always be the minimum that is necessary.
However much there is, typically is the result of regulation introduced to curb some kind of abuse. If they didn’t want regulation, they shouldn’t have brought it on.
If the business people could somehow manage to put themselves into other people’s shoes and emphasize, regulation might never be a thing.
Re: Re: Re: Actually, governments need to be the adult in the room.
It’s certainly not the American inclination to “regulate first”. Regulations are a lot like traffic signals. You are not going to see traffic signals in an intersection until someone dies. It’s the same with regulations. Regulations tend to arise in reaction to some harm or possibly even a massive cataclysm (financial regulations).
Sometimes “having some skin in the game” will help. Although that will ultimately be engineered out of equation (countrywide + fannie mae).
When bankers cease to be “the adult in the room”, government has to step up.
Still should be the least bit that you can get away with.
Re: Re: Re: Governments should NOT be in the business of regulating!
empathize
Re: Re: Governments should NOT be in the business of regulating!
Re:
“Regulations generally hurt overall economic growth”
This point is arguable in this day and age. Classical economists would typically agree with you. More modern views that account for natural capital would move the cluster quite a bit, and may eventually challenge that premise. If anything the difference becomes more marginal as legislative transparency increases.
Economic growth is something measured over very long time periods. For example, you can repeal Glass Steagall and watch record breaking growth. Of course if you account for the whole following decade, that would include the 2008 stock market crash. So the numbers for “deregulation” get decidedly less plush over the long term.
I understand what your saying. But I think that premise needs to be challenged these days. It isn’t regulation per se’ that constrains growth, but economic capture. And that is a much smaller problem.
GAAP needs to get fixed to allow for aggregating numbers on costs which are externalized at the public expense. This being broken means that the Fed doesn’t properly account for expenses, and that results in inflated GDP figures. Which is great for international pissing matches, but terrible for actually doing work.
Nobody really knows what is broken because the numbers are bogus. What we DO know is that the numbers are bogus intentionally. Fixing that requires an accountable legislature. And that is achieved by:
Overturn Citizens United. Reinstate Glass Steagall. Bust the Trusts.
Re: Re: Re: Governments should NOT be in the business of regulating!
Sorry for stumbling into your hot-button issue, but if you’ll note the parenthetical, I explicitly mentioned that in some cases regulations can provide better economic growth long-term by curbing dangerous behavior. Glass Steagall is an excellent example of such a case, and definitely needs reinstating.
Still, kinda proves my point that this shit is complicated and actions or inactions can have ripple effects that are felt decades down the line. We often legislate reactively, usually when something goes wrong, and we have a tendency to over-legislate in those responses. I’m in favor of incremental regulation, small steady changes until the problem is under control.
All I’m really saying, though, is think before you legislate.
Re: Re: Governments should NOT be in the business of regulating!
the reason they exist is that the public values certain things over economic growth. Such as the health and safety of its citizens.
Usually protecting health and safety is a net economic benefit. Taking care of sick and injured people is expensive. The reason we need those regulations is not so much because we consider it’s worth taking an economic hit in order to protect health, it’s because without them companies will save money by allowing workers and others to get sick or injured, and let the individuals or the government pay the costs. The regulations are (at least in part) to prevent negative externalities.
There are some other areas where we need to prevent negative externalities too, such as carbon emissions. If you think curbing carbon is expensive, wait till you see how expensive the alternative is.
Re: Re: Re: Governments should NOT be in the business of regulating!
Yes, yes, gross oversimplification, I know. There are a lot of cases where regulations are in place to try to bring back an external cost (such as health care) back into an actor’s cost/benefit analysis. It’s a goodly portion of the civil suits. However, privacy isn’t one of those things that has a sizable economic impact. I can’t really see a purely economic argument for privacy protections.
It seems likely that others are like myself in having a different definition of “basic broadband privacy protections” or think they’re unnecessary altogether.
I think it’s incorrectly simplistic to apply the word “basic” to one opinion making it seemingly unquestionably correct.
There is no protection
I note that Comcast itself was found to be performing Man In The Middle attacks against their own customers, as recently as late November, 2015.
http://www.neowin.net/news/comcast-begin-man-in-the-middle-attacks-to-show-copyright-notices-on-websites
A suggestion
Obviously Comcast can’t just come right out and say it’s solely worried about losing money, so top company lobbyist David Cohen (apparently the company hates it when I call him that)
Maybe they feel it’s demeaning calling ‘just’ a lobbyist, perhaps if you called him, ‘David Cohen: Super Lobbyist’ they’d be mollified.
David Cohen
David Cohen is not a lobbyist in the same way withdrawing $9,999.99 from a bank is not withdrawing $10,000.
The difference is banking reporting laws have SAR lobbying laws do not.
Re: David Cohen
That and David Cohen does not like “duck rules”.
David Cohen is a comcast lobbyist, got it.
should?
I hope that when the rules are finalized they don’t say what you have reported: “ISPs should alert customers when their data is stolen, ISPs should be totally transparent about what they’re collecting, and ISPs should…etc.”
Lawyers look at “should” and laugh…
You could have just stopped at “Comcast Thinks” and it would have been a very surprising news story …