Repealing FCC’s privacy rules: A serious blow to privacy, cybersecurity
On Sunday, two days before the Tuesday vote in the House to kill the FCC’s browsing privacy rules, Peter Eckersley, the Chief Computer Scientist for the Electronic Frontier Foundation, and Jeremy Gillula, EFF’s Senior Staff Technologist, posted the following notes on the EFF’s Deeplinks Blog:
Five ways cybersecurity will suffer if Congress repeals the FCC privacy rules
Back in October of 2016, the Federal Communications Commission passed some pretty awesome rules that would bar your Internet provider from invading your privacy. The rules would keep Internet providers like Comcast and Time Warner Cable from doing things like selling your personal information to marketers, inserting undetectable tracking headers into your traffic, or recording your browsing history to build up a behavioral advertising profile on you—unless they got your permission first. The rules were a huge victory for U.S. Internet users who value their privacy.
But last Thursday [23 March], Republicans in the Senate voted to repeal those rules. If the House of Representatives votes the same way [which the House did, on 28 march] and the rules are repealed, it’s pretty obvious that the results for Americans’ privacy will be disastrous.
But what many people don’t realize is that Americans’ cybersecurity is also at risk. That’s because privacy and security are two sides of the same coin: privacy is about controlling who has access to information about you, and security is how you maintain that control. You usually can’t break one without breaking the other, and that’s especially true in this context. To show how, here are five ways repealing the FCC’s privacy rules will weaken Americans’ cybersecurity.
Risk #1: Snooping on traffic (and creating new targets for hackers)
In order for Internet providers to make money off your browsing history, they first have to collect that information—what sort of websites you’re browsing, metadata about whom you’re talking to, and maybe even what search terms you’re using. Internet providers will also need to store that information somewhere, in order to build up a targeted advertising profile of you. So where’s the cybersecurity risk?
