
Anger as US internet privacy law scrapped - clouddrover
http://www.bbc.com/news/technology-39427026
======
bbarn
I remember being so excited as a kid when I started getting drawn into the
computing age. I remember when the internet seemed like mankind's next step
forward. I remember being excited about so many new trends, social media, the
age of everything being free on the internet.

Then, everyone else caught up. Now it's just like watching television. A bunch
of companies vying to get you to buy something at any cost, and taking that
strategy further than they ever did before the internet.

Now, I just want to leave my phone at home and go ride my bike. I rarely feel
like developing anything anymore, haven't done a side project in over a year.
Whenever I get motivated to do things like that I see shit like this and it
just feels hopeless. There's no way to defeat these companies, because they
are full of people struggling to get ahead and doing their cog's part in the
machine that ultimately does this to us all.

~~~
mch82
> There's no way to defeat these companies

What about working to elect representatives who will pass privacy legislation?

~~~
Lev1a
Problem with that being:

If they're not corrupt(-ed) before entering office, they most certainly will
be through lobbying (aka "generous donations") once they enter office.
Exceptions to this rule are certainly rare and seem to only surface ahead of
elections and vanish -again- as soon as they are elected.

~~~
kazagistar
Correct. Everything can be solved with more layers of abstaction though. Elect
people who will reform lobbying and campaign finance (even if it takes an
amendment), eliminate gerrymandering, and fix the other beyond broken parts of
the political process. Then maybe we can consider policy.

If even that proves impossible, well, then I guess it would have to come down
to violent revolution.

~~~
polotics
Nope, violent revolution produces worse regimes than what they replace.
Emigrate instead.

------
dguido
Before anyone races in with a suggestion to use a VPN service, I STRONGLY
suggest that you consider running your own self-hosted server instead. There
is a great set of Ansible scripts to do just that right here:

[https://github.com/trailofbits/algo](https://github.com/trailofbits/algo)

~~~
cocochanel
So now it's at the point where we need to be running our own self-hosted
servers? As a European I find it weird that America land of Silicon Valley
does not fight for important issues like this. Can anyone explain?

~~~
TylerH
The companies doing this are not Silicon Valley companies. They're old phone
companies, more or less, that became internet companies because they owned all
the cable that was already laid.

And of course the politicians passing this don't give a shit about the Silicon
Valley culture or ideals; Republicans care about profits for corporations
because that means more fat donations to them.

~~~
CaptainZapp
Silicon Valley culture of _ideals_ ?

No offense, but that's the most ludicrous statement I read in a long time.

Silicon Valley is about money and power. Ideals, apart from "ideals" packed
into cheesy marketing slogans, just don't play into that.

------
jsz0
Maybe we should all start running a script that browses random websites at
random times. Seems to me that would go a long ways towards making the data
collected about as valuable as a magic 8 ball. It would be even better if such
a script could actually look at my real browsing history and try to generate
the most confusing anti-traffic. If I search for cats it searches for dogs and
birds. If I check the weather for zip code X it checks it for zip code Y and
Z.

~~~
ransom1538
Similarly, why not have an open wifi guest network? My neighbors can use it,
my friends can use it, my mail man could use it. Having a secure connection
just proves YOU are the one responsible for the browsing at hand. I agree,
adding random browsing completely screws the game for people that snoop.

~~~
johncolanduoni
If people use it for illegal things, your ISP can solve the problem by denying
you service even if you're not held legally responsible.

------
srtjstjsj
Ajit Pai's career is the canonical example of revolving door crony capitalism
and regulatory capture. His career is dedicated to using the US government to
transfer wealth from the public to Verizon.

[https://en.wikipedia.org/wiki/Ajit_Varadaraj_Pai](https://en.wikipedia.org/wiki/Ajit_Varadaraj_Pai)

------
tucaz
I hope this is the beginning of a process that will improve this situation in
the future.

Not a long time ago people were completely ignorant about this subject. As
companies started to take advantage and abuse the lack of awareness of general
people they started to do it more broadly and publicly.

Now the idea of lack of privacy is starting to get out on the streets and make
people more aware of the problem.

At some point we will be able to turn the table and a strict legislation
around privacy will be put in place.

Things are going to improve, but they still need to get worse, before.

------
acomjean
I am assuming with all the money made selling all this private data, ISPs are
going to be slashing consumer broadband rates across the US and building
better infrastructure!

Cheaper faster internet for all in the USA!

Wait, they don't have to lower rates, I'll go to the one of the other many ISP
options I have...

Oh wait..

------
iliketosleep
I do not understand. I thought that in the current climate, where people are
becoming increasingly aware and concerned about privacy, that such laws would
be expanded in scope. But here, the law is being repealed.

Additionally, I find the implications of this kind of admission to be
astonishing: _Last year, the Federal Communications Commission pushed through,
on a party-line vote, privacy regulations designed to benefit one group of
favoured companies over another group of disfavoured companies_. That's a
pretty huge statement, made in a business-as-usual kind of way, that calls
into question the overall integrity of the FCC.

~~~
tlb
The FCC is full of sincere people who want to do the right thing for the
public interest. This move comes from above the FCC.

~~~
eridius
Ajit Pai, the chairman of the FCC, is not doing anything for the public
interest.

------
confounded
Worth making a shout-out to the independent ISPs that opposed the change
(including the Bay Area's own MonkeyBrains & Sonic).

If you're lucky enough to have one, support your local ISP!

[https://twitter.com/monkeybrainsnet/status/84658580913846272...](https://twitter.com/monkeybrainsnet/status/846585809138462720)

------
jarcoal
If anyone in Portland, OR is looking for an ISP that will respect your
privacy, you might try reaching out to Stephouse
([https://www.stephouse.net/](https://www.stephouse.net/)).

I recently switched to them from Comcast, and this news makes me all the
happier that I did.

------
JumpCrisscross
I am reminded of a conversation with a Russian-born Valley-based venture
capitalist. I asked why Silicon Valley seems less politically organized, and
thus influential, at the grassroots level than New York City.

"New York is closer to D.C.," she observed. But that doesn't explain why the
average person from Silicon Valley has less influence than, say, from Los
Angeles.

We're Alan Turings, she said. Turing wanted to be left alone to make things.
Unfortunately, his government didn't see similarly. First, with World War II
and later by prosecuting him for his sexual orientation. Being able to be left
alone to make things is a luxury, a delicate balance almost unprecedented
across human history.

We will lose the privilege if we refuse to defend it. Please donate to the EFF
[1] or the ACLU [2]. Call your Congressperson [3] and Senator [4]. Get to know
their aides. Let your Attorney General [5] know you care about this.

[1] [https://supporters.eff.org/donate](https://supporters.eff.org/donate)

[2] [https://action.aclu.org/secure/protect-rights-freedoms-we-
be...](https://action.aclu.org/secure/protect-rights-freedoms-we-
believe-8?s_src=UNW170001SEM&alt_src=UNV170001SEM&ms=gad_SEM_Bing_Search-
Trump_ACLU%20Donate_ACLU%20donate_e_78202766912903)

[3]
[http://www.house.gov/representatives/find/](http://www.house.gov/representatives/find/)

[4]
[https://www.senate.gov/senators/contact/](https://www.senate.gov/senators/contact/)

[5] [https://oag.ca.gov/contact](https://oag.ca.gov/contact)

 _Note: this comment recapitulates an earlier one [I]

[I]
[https://news.ycombinator.com/item?id=13963777](https://news.ycombinator.com/item?id=13963777)
_

------
andr
Ask your ISP. Show them this matters to you, enough to cancel your contract. I
asked mine (PAXIO in the Bay Area) and they said they have no plans to sell
any customer data.

~~~
erentz
The problem with America is there is no competition in most areas. When there
is it's usually just two big providers you're stuck picking between and they
will both tell you to sod off. If this were many other parts of the world that
have dealt with the monopoly problem correctly, by splitting the provision of
wholesale last mile service from the retail ISP service there could be a
market overnight for ISPs that respect your privacy. But we don't have that.
We have a vertical monopoly. That means we need regulation to protect
consumers. But now we can't rely on regulation either.

~~~
deusofnull
Good thing all these pro-business republicans are all about competition and
marketplaces! /s

------
TOMDM
So, ISP's can sell your data now. The few who use VPN's or other methods to
obfuscate/hide their data are a rounding error, big ISP won't care at all
because the barrier to entry is at the moment much more complex than
installing an adblocker, not to mention, the immediate impact is not so
apparent to the average user.

What gets me, in the world we live in data is king, now that the ISP's can use
this data, surely they could sell it, but what's stopping them from looking at
googles throne?

Google at the moment leverages the data they gather from their services, but
your ISP has _everything_

Am I missing something here, or does the endgame look like the issue will be
what ISPs choose to do with this data in house rather than out of it.

Not to mention, do they also no longer need to disclose when they suffer a
data breach or am I mis-remembering?

All this together looks like it ends with gross oversteps in the use of data
by your ISP, not to mention they will do the [three letter agency of choice]'s
job for them, all they need to do is find a way in.

~~~
amluto
> Google at the moment leverages the data they gather from their services, but
> your ISP has _everything_

...which is surely part of the reason Google is pushing so hard to encrypt
everything.

(I'm not saying there aren't altruistic reasons too.)

~~~
ddalex
If there would be altruistic reasons, Google would push for end to end
encryption - however they try very hard to be the man in the middle - looking
at your searches, mail, location, everything.

And they make it worthwhile for you to give them data because they pay in
features - Gmail search works beautifully, just try web Outlook to see how
hard is to get it right; maps works so well that I can't even name a
competitor.

What benefit will consumers get from ISP sharing their data? None, obviously.

~~~
tobltobs
Google does push for end to end encryption. And why should they try to be the
man in the middle when they are the man at the end anyway?

------
SN76477
Can we not just have some representatives browser history leak and blame it on
this?

------
olivermarks
Dane Jasper, ceo at Sonic in the bay area has a good track record around
privacy...so
far...[https://corp.sonic.net/ceo/category/privacy/](https://corp.sonic.net/ceo/category/privacy/)

------
russdill
Can states enact their own law? California maybe?

~~~
Bahamut
This might be deemed a federal matter, as it involves transactions across
state lines.

~~~
binarycrusader
I think it's possible, for example, this seems to be in a related area:

[https://consumercal.org/about-cfc/cfc-education-
foundation/c...](https://consumercal.org/about-cfc/cfc-education-
foundation/california-online-privacy-protection-act-caloppa-3/)

------
skynode
May be a good time to reconsider that move abroad. There are quite a bunch of
places that still cherish privacy or don't even bother about privacy (so you
run your own infrastructure as you like), while you still get to conduct your
business reliably. With an Internet connection and a few good bank accounts
(and of course a BTC wallet), you can be anywhere these days and still
accomplish so much. But you must be willing to be quite flexible about your
worldview and learn.

------
atheiste
I think there is a hope in free software companies. I am working at one
nowadays and we are breaking the law almoust daily and get sued with similar
frequency. Now we are installing Lye transmitters into any village which is
interested communicating via satelite to bring the internet there. Becoming
your own ISP solves the problem right? If we see increase in such behaviour
the problem might disappear. Because the future is distributed

~~~
pdimitar
Would you mind sharing which company by the way? What you posted is really
interesting.

------
methehack
Seems like one could write a program that continuously (with some sleeping of
course) hit random websites in the background. This would hide the "signal" of
the sites one is actually browsing. The ISP's data would be much less
valuable. The solution to pollution is dilution. I wonder if an approach like
that would sufficiently cloak one's data and sufficiently screw the carriers.

------
MichaelMoser123
Isn't this in conflict with the fourth amendment? Does the US constitution
permit this practice?

~~~
kevingadd
Whether or not the constitution permits it doesn't really matter, because it's
clear that nobody wants to enforce the law against Comcast or Verizon.

~~~
MichaelMoser123
I was told that it can matter if the practice is challenged in court

------
LeicaLatte
Where is the anger the article refers to? Literally none of the big tech
executives who have a voice have spoken up about this. I am not sure we
minions count for anything anymore.

------
bythckr
Honestly, it is for the good. Let it burn. I am hoping for a phoenix.

I met a guy who started a bakery instead of a web startup as he was worried
about patent trolls & being bullied by the big companies.

The internet is today over commercialized and it cannot be relied on for
accurate information thanks to fake news.

I am reminded of a quote by Jeff Hammerbacher: ‘The best minds of my
generation are thinking about how to make people click ads… That sucks.’.

------
pdimitar
I am waiting for the day a cheery Russian teenager leaks all of the browsing
history of several USA senators.

Nothing motivates politicians more than them being directly affected.

As ironically amusing such a story would be, I don't think they'll draw the
right conclusion however. They'll probably push for more laws "against
terrorism" and will not see such an accident as a proof of how much of a
slippery slope the killing of internet privacy is.

------
ktta
I have a question. Right now I'm using a cheap $3.49 VPS and it is located in
Beauharnois, Canada. How are the privacy laws in Canada? Better than US or
worse? Is there anything else I should know?

PS/PSA: It was the best value with unlimited internet I could find. It was the
cheapest option from OVH. Cheapest, considering I wouldn't have to worry that
the company would shut down. Latency isn't terrible actually.

~~~
wheelerwj
You should assume that every thing that happens in the US is happening in
Canada. As a member of the Five Eyes, the G7, and G8, our policies are closely
linked.

I believe that Canada's ISPs might have stricter data protection laws, but
really you should have been using a VPN well before this latest policy change.

------
singularity2001
If you have some ssh server somewhere (who hasn't), you can very easily use
'VPN over ssh' by calling:

sshuttle -r user@remote_host 0.0.0.0/0 --dns

------
httpitis
I don't use it myself, but could the technology behind the tor network [1] (or
the product itself) be used to counter this?

1)
[https://en.wikipedia.org/wiki/Tor_(anonymity_network)](https://en.wikipedia.org/wiki/Tor_\(anonymity_network\))

~~~
ktta
Yes it can be used, but beware, your ISP WILL know that you are using Tor, so
there's that.

~~~
xena
They'll know you're using a VPN too.

------
swinglock
The only difference between allowing the postal and waste industries inspect
what they are hired to deliver, log and sell those logs to whoever pays and
allowing the Internet pipe industry from doing it is that it's much cheaper
for the Internet pipe business to do so.

------
JumpCrisscross
Were there any ISPs who did not, if not fight the measure, not overtly support
it? Wireless carriers?

------
dcow
But why should Google be allowed to share your data but not ISPs? Not that I
love this move but the reasoning does resonate, or at least make me question
if the former law really did anything at all or if FB/Google lobbied it
through to stifle competition.

~~~
rybosome
1) Yes, Google has a lot of services, but you can avoid them. Admittedly it's
challenging but it's doable. For many Americans, choosing a different ISP
isn't "challenging" so much as "impossible".

2) Google doesn't sell your data to third parties. This is a big one. They
make money by showing you ads and reporting to the advertisers that they did
it. Nobody else gets access to your data, and Google goes to great lengths to
lock it down and prevent unauthorized access. Do you trust every company your
ISP will sell the data to?

3) Google itself has ways to opt out temporarily for highly sensitive things,
like with an incognito window. Can't do that with an ISP.

4) You generate a lot of traffic that Google has nothing to do with. Do you
have an iPhone? Do you use a laptop other than a chrome book? Have a gaming
console? Use a non-chrome browser? Your ISP will inhale all of this.

~~~
dcow
Great points. I'm personally tying to avoid Google services as much as
possible, but I guess I was thinking in a more general context. Even so, your
points still stand. (Small obligatory remark: incognito is entirely client
side.)

The silver lining might be, considering your ISP can now access your data,
that maybe the culture will shift and people will take online privacy a little
more seriously, both applicastion and services providers and users. Maybe
people will stop sending user analytics in plain text all the time. Maybe
people will expect tls everywhere. Maybe a layer 3.5 overnet will emerge..

------
ReinholdNiebuhr
I asked this is in the other thread on this topic, when did the Obama-era
rules emerge? If anyone has the bill info that would be ideal. I've been
trying to find stuff on google but it's flooded with the current news.

~~~
ttyprintk
2015-03-12. This is rolled into the FCC's implementation of net neutrality.
(wileyrein.com/newsroom-articles-3501.html)

------
toodlebunions
So what's the best VPN that doesn't store or sell their user data?

Surely a new business opportunity if there isn't one good enough to recommend
for privacy.

~~~
dreamcompiler
I like Private Internet Access. The're usually ranked pretty high by privacy
advocates and they don't keep logs.

~~~
dreamcompiler
P.S. just found out about PIA's full-page ad in NYT:
[https://www.reddit.com/r/pics/comments/61ns2w/private_intern...](https://www.reddit.com/r/pics/comments/61ns2w/private_internet_access_a_vpn_provider_takes_out/)

------
canaglie
Get your own VPN server. Convince your friends to get the same and just share
resources with them. Mini VPN company :)

------
danblick
Is there any hope I'll be able to find a major ISP that doesn't sell my data?
(Google Fiber, I wish?)

------
mdani
Is there a way to opt out explicitly by requesting the ISP not to share your
data?

~~~
mirimir
Sure. Cancel service.

Or use a VPN.

~~~
ryan-allen
And hope the VPN isn't selling the data, also. Pretty bad news for everyone
involved.

~~~
mdani
My ISP Comcast has the following in its privacy policy. I hope this clause
stays the same - then you can opt out :)

\--- The Cable Act authorizes Comcast as a cable operator to disclose limited
personally identifiable information to others, such as charities, marketing
organizations, or other businesses, for cable or non-cable “mailing list” or
other purposes. From time to time we may disclose your name and address for
these purposes. However, you have the right to prohibit or limit this kind of
disclosure by contacting us by telephone at 1-800-XFINITY or by sending us a
written request as described below under “How do I contact Comcast?” Any
“mailing list” and related disclosures that we may make are limited by the
Cable Act to disclosures of subscriber names and addresses where the
disclosures do not reveal, directly or indirectly, (i) the extent of any
viewing or other use by the subscriber of a cable service or other service
provided by us; or (ii) the nature of any transaction made by the subscriber
over our cable system.

~~~
alphabettsy
I wouldn't be surprised to see this quickly changed to differentiate between
cable and internet.

------
tobltobs
Who needs privacy as long as you have guns.

~~~
mirimir
But they have bigger guns, no?

------
Gustomaximus
A great time to start using Opera browser with their free built-in VPN

[http://www.opera.com/computer/features/free-
vpn](http://www.opera.com/computer/features/free-vpn)

Disclaimer: Worked at Opera ~5 years ago which is why I'm familiar but no skin
in the game now.

~~~
LeoPanthera
The Opera VPN cannot be trusted.
[https://www.reddit.com/r/technology/comments/4fuyxf/operas_n...](https://www.reddit.com/r/technology/comments/4fuyxf/operas_new_baked_in_vpn_is_not_a_good_solution/)

------
acover
Do people actually care? Https makes only reveals the domain not the content.
Google/Facebook collect way more information. Everyone keeps using them.

If given the choice of targeted ads vs an extra $30 a month I suspect most
people would choose targeted ads.

Edit: remember downvote if you disagree

~~~
phreack
Difference is you can choose not to use them.

~~~
acover
If someone chooses to use Facebook then why would they care if their ISP did
something similar.

I have never been harmed by targeted ads. Maybe someday but right now they
just provide a bunch of free services.

Not to be pedantic. If you don't stream video or audio then a mobile
connection is a viable alternative.

------
ericcumbee
It wasn't a law passed by Congress and signed by the president... It was a
regulation. There is a difference.

~~~
guelo
What difference are you talking about? A regulation is based on law passed by
Congress and signed by the president.

~~~
ericcumbee
There is a semantic difference between a law i.e. something passed by Congress
and signed by the president versus a regulation promulgated by a regulatory
body. That regulatory body dervies it's power to regulate from law. But in a
purely technical sense it is not a law.

~~~
ubernostrum
There are multiple categories of things which have the force of law. Referring
them generally as "laws" is acceptable when technical hair-splitting about
their precise origin is unnecessary.

------
belovedeagle
> will soon no longer need consent from users to share browsing history with
> marketers and other third parties

This is a lie — "fake news", if you will. This congressional action cancels an
upcoming change in policy: it maintains the status quo, and therefore "no
longer" is not an accurate characterization of the situation.

~~~
matthew-wegner
You don't know what you're talking about. The rules went into effect January
3rd:
[https://www.federalregister.gov/documents/2016/12/02/2016-28...](https://www.federalregister.gov/documents/2016/12/02/2016-28006/protecting-
the-privacy-of-customers-of-broadband-and-other-telecommunications-services)

They used the Congressional Review Act to strike it down, which requires that
it be a new federal regulation:
[https://en.wikipedia.org/wiki/Congressional_Review_Act](https://en.wikipedia.org/wiki/Congressional_Review_Act)

The CRA includes this, too, so the FCC can no longer do anything about it
without a new law passed by Congress:

 _Once a rule is thus repealed, the CRA also prohibits the reissuing of the
rule in substantially the same form or the issuing of a new rule that is
substantially the same, "unless the reissued or new rule is specifically
authorized by a law enacted after the date of the joint resolution
disapproving the original rule"_

~~~
belovedeagle
Please read your source more carefully:

> Effective January 3, 2017, _except for §§ 64.2003, 64.2004, 64.2006, and
> 64.2011(b)_ which contain information collection requirements that have not
> yet been approved by OMB.

The section in question in the article is 64.2004. It did not go into effect
on January 3.

~~~
matthew-wegner
Well, it looks like I don't know what I'm talking about.

The CRA still ensures it will never come to pass, in any form out of the FCC,
and I guess the clauses on data security and breach notifications are
considered acceptable collateral damage here.

