[Note: This item comes from friend Charles Jackson. DLH]
What to Look For in the House Internet Privacy Debate
By Richard Bennett
Mar 28 2017
Now that the Senate has passed the Congressional Review Act resolution nullifying the Obama FCC’s “privacy-for-me-but-not-for-thee” regulations, the action moves to the House. Floor debate, scheduled for sometime Tuesday, is likely to echo the themes we heard in the Senate. The primary factual issue remains the same: those who like the FCC’s current regulations believe Internet Service Providers have a broader and deeper view of the Internet than do the large, distributed, highly intrusive tracker networks that record and trade our every move about the web. Those who seek to revoke the Obama regulations have a different (and better, in my opinion) understanding.
This is an empirical question that would not be a bone of contention if those on the opposite sides of the debate had similar regard for the facts. But those who believe the ISPs see more continue to repeat the same talking points and continue to ignore the criticism of their position. Perhaps we can get their attention by offering a somewhat personal analysis.
How Foes of the CRA Surveil Visitors to Their Campaign Websites
Senators Markey and Wyden delivered harsh criticisms of the CRA to their colleagues. Both claimed that ISPs see everything their customers do on the Internet and tracker networks only see that happens in their own domains. So they would have us believe ISPs can decode encrypted data – half of all Internet traffic these days.
They would also have us believe Google only sees us when we visit google.com and Facebook only sees us when we visit facebook.com. The claim that tracker networks need us to visit their domains in order to follow our movements is laughably absurd, as we can see by examining the campaign websites maintained by Senators Markey and Wyden.
Sen. Markey’s campaign website is http://www.edmarkey.com/. The code for this site includes tracking scripts supplied by Google, Facebook, Twitter, and Optimizely. If you visit edmarkey.com, all four of these companies will know you were there, and all will harvest your personal information, use it for their own purposes, and sell it to 3rd parties to greater or lesser degrees.
Markey’s Facebook Tracker
Per FTC guidelines, the trackers Markey employs to spy on his visitors have to disclose their policies regarding the collection and sharing of information of varying degrees of sensitivity. Markey’s Facebook tracker collects personal information at all four levels of sensitivity:
• Anonymous (Ad Views, Analytics, Browser Information, Cookie Data , Date/Time, Demographic Data, Hardware/Software Type, Internet Service Provider, Interaction Data, Page Views , Serving Domains, Details Undisclosed)
• Pseudonymous (IP Address (EU PII), Location Based Data, Clickstream Data, Device ID (EU PII))
• Personally Identifiable Information (Name , Address, Phone Number, Email Address, Login, EU- IP Address, EU- Unique Device ID )
• Sensitive (Financial Information)
Facebook admits to sharing all of this data with third parties: “Aggregate data is shared with 3rd parties. Anonymous data is shared with 3rd parties. PII data is shared with 3rd parties. Sensitive data is shared with 3rd parties.” Markey employs two Facebook trackers, Facebook Connect and Facebook Social Plugins. Both connect visitors to edmarkey.com to facebook.com without full disclosure.