Earlier this week, Congress voted along party lines to undo FCC regulations passed last year meant to strengthen privacy for Internet users. Set to take effect later this year, the rules would’ve banned Internet service providers (Comcast, T-Mobile, etc.) from selling customers’ web usage data without their consent. Additionally, the bill Congress passed also bans the FCC from passing similar rules in the future. Trump, unsurprisingly, promises to sign the bill into law.
Why this is bad
The only beneficiaries to this rule rollback are ISPs, advertisers, and telcos, not the public.
For years, broadband providers have been itching to avoid being less-than-lucrative “dumb pipes.” They’d love to take advantage of their unique position (being everyone’s Internet service) to get in on selling customers’ Internet use data to advertisers. The Electronic Frontier Foundation wrote about some of the possible downsides of this (ad injection, hijacked searches, etc.).
As for why Congress voted this way, I blame a mix of: anti-regulation ideology; a lack of technology awareness or concern; and corporate lobbying.
Between Congress and the Trump administration’s anti-regulatory nature, don’t expect any consumer-friendly policies anytime soon. Thus, American Internet users are left on their own on how to deal with protecting their online privacy. Fortunately, various sites, from PC World to Lifehacker, are offering advice.
I wrote about computer security a few months ago, but below are several things most people can do to shore up Internet privacy. If wondering, putting your browser in “Incognito/Private” mode alone won’t cut it. While said mode won’t leave any records on your computer, ISPs can still see all of your Internet traffic.
1. Install the HTTPS Everywhere extension
HTTPS Everywhere is a browser extension that ensures pages loaded direct to their secure, HTTPS versions. However, the plugin won’t do anything if there’s no HTTPS version of a page available.
Versions of HTTPS Everywhere exist for Chrome, Opera, and Firefox (both mobile and desktop versions).
In the long run, I expect HTTPS versions of sites to become the norm. (I switched my site over last year.)
2. Use a non-free virtual private network (VPN)
Virtual private networks (VPNs) have been heavily talked about since the Congressional vote. And for good reason: they’re a pretty strong way of protecting online privacy, by setting up an encrypted connection to the Internet. Businesses use VPNs for various reasons; they’re also useful for securing and using devices while on public WiFi, such as coffee shops.
There’s a few downsides to VPNs. They aren’t strongly regulated, so while there’s a wide range to choose from, some might be a security risk, or engage in shady or questionable behavior (such as, well, selling user data to advertisers). You also want to make sure VPNs aren’t storing Internet usage logs, though all good VPNs will define their logging policies. A few sites have also started blocking VPN users; Netflix recently started doing so, in order to please Hollywood.
Finally, note I said “non-free” VPNs. It’s strongly advised to pay for a VPN; free ones might place too many limits on usage, or pose a security risk. Fortunately, there’s affordable VPNs.
As for which VPN to choose, I like Tunnelbear, a Canadian VPN that’s very user-friendly. It also offers a limited free tier (500MB of data a month). Another popular VPN is Private Internet Access, though I’ve never used it myself.
3. Change your computer’s DNS
A Domain Name System (DNS) is how website URLs are converted into IP numbers for computers’ use. Most Internet users use their ISP’s router, and thus also their default DNS. Thus, ISPs can know what sites one visits.
Of course, as with VPNs, the downside is entrusting another third party with your Internet traffic. (Google relies on advertising for income, which might turn some users off on using its DNS.)
Use encrypted email
Email encryption, such as with PGP or a webmail service like ProtonMail, is an option for boosting email security. The downside is email encryption isn’t overly popular with the general public, and can be complicated to set up and use.
Use a messaging app with end to end encryption
Encrypted messaging apps have grown in popularity. I haven’t used it, but Signal is probably the most popular such app.
While the above wouldn’t deter a truly determined or aggressive entity (such as an active government investigation), the above tips should be sufficient for boosting most individuals’ online privacy.