PrivacyRepealing FCC’s privacy rules: A serious blow to privacy, cybersecurity
In the end, the cybersecurity implications of repealing the FCC’s privacy rules come from simple logic. If the privacy rules are repealed, Internet providers will resume and accelerate these dangerous practices with the aim of monetizing their customers’ browsing history and app usage. But in order to do that, Internet providers will need to record and store even more sensitive data on their customers, which will become a target for hackers. Internet providers will also be incentivized to break their customers’ security, so they can see all the valuable encrypted data their customers send. And when Internet providers break their customers’ security, you can be sure malicious hackers will be right on their heels. The net result is simple: repealing the FCC’s privacy rules won’t just be a disaster for Americans’ privacy. It will be a disaster for America’s cybersecurity, too.
On Sunday, two days before the Tuesday vote in the House to kill the FCC’s browsing privacy rules, Peter Eckersley, the Chief Computer Scientist for the Electronic Frontier Foundation, and Jeremy Gillula, EFF’s Senior Staff Technologist, posted the following notes on the EFF’s Deeplinks Blog:
Five ways cybersecurity will suffer if Congress repeals the FCC privacy rules
Back in October of 2016, the Federal Communications Commission passed some pretty awesome rules that would bar your Internet provider from invading your privacy. The rules would keep Internet providers like Comcast and Time Warner Cable from doing things like selling your personal information to marketers, inserting undetectable tracking headers into your traffic, or recording your browsing history to build up a behavioral advertising profile on you—unless they got your permission first. The rules were a huge victory for U.S. Internet users who value their privacy.
But last Thursday [23 March], Republicans in the Senate voted to repeal those rules. If the House of Representatives votes the same way [which the House did, on 28 march] and the rules are repealed, it’s pretty obvious that the results for Americans’ privacy will be disastrous.
But what many people don’t realize is that Americans’ cybersecurity is also at risk. That’s because privacy and security are two sides of the same coin: privacy is about controlling who has access to information about you, and security is how you maintain that control. You usually can’t break one without breaking the other, and that’s especially true in this context. To show how, here are five ways repealing the FCC’s privacy rules will weaken Americans’ cybersecurity.
Risk #1: Snooping on traffic (and creating new targets for hackers)
In order for Internet providers to make money off your browsing history, they first have to collect that information—what sort of websites you’re browsing, metadata about whom you’re talking to, and maybe even what search terms you’re using. Internet providers will also need to store that information somewhere, in order to build up a targeted advertising profile of you. So where’s the cybersecurity risk?
