Slashdot Mirror
FCC To Halt Rule That Protects Your Private Data From Security Breaches (arstechnica.com)
According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening. The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches. The rule would be blocked even if a majority of commissioners supported keeping them in place, because the FCC's Wireline Competition Bureau can make the decision on its own. That "full commission vote on the pending petitions" could wipe out the entire privacy rulemaking, not just the data security section, in response to petitions filed by trade groups representing ISPs. That vote has not yet been scheduled. The most well-known portion of the privacy order requires ISPs to get opt-in consent from consumers before sharing Web browsing data and other private information with advertisers and other third parties. The opt-in rule is supposed to take effect December 4, 2017, unless the FCC or Congress eliminates it before then. Pai has said that ISPs shouldn't face stricter rules than online providers like Google and Facebook, which are regulated separately by the Federal Trade Commission. Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards. According to today's FCC statement, the data security rule "is not consistent with the FTC's privacy standards."
You'll take what you're given and stop whining, proles
nt
Ban everything and make America Great Again!
Yours,
Judge Roy Bean
Wow.
Your guy Trump sure is sticking it to the corporations and elites, eh?
Yes, because the only thing protecting the consumer is the Government. (Pay no attention to NSA, FBI, and the Border Guards.) There is a Million Regulators March on Washington being planned for — you guessed it — April 15th. Be there to show your support!
(Npghnyyl, ab, gung jnf fnepnfz.)
By making it less likely that an ISP will be (frivolously) sued for violating the nebulously unclear standard to take "reasonable" measure measures, Trump's government lowers the cost of the legal insurance, which lowers the total cost of doing business. And that's a good thing for both producers and the customers alike.
In Soviet Washington the swamp drains you.
What does data security have to do with technology? This is why I don't come to Slashdot any more.
You are welcome on my lawn.
How convenient that Mr. Pai neglected to mention that AT&T was sued in 2014 by the FTC for false advertising -- namely, describing their mobile Internet service as "unlimited" when in fact they would throttle you or cut you off after you exceeded undocumented limits.
AT&T argued that, because the package included voice service, the dispute was outside the FTC's jurisdiction and should properly have been brought by the FCC. Mindbogglingly, the 9th Circuit agreed. ( https://consumerist.com/2016/0... )
So Pai's claim about wanting to achieve regulatory harmony and improved demarcation between agencies is unvarnished bullshit. He's trying to create more opportunity for regulatory arbitrage and pitting one federal commission against another.
Editor, A1-AAA AmeriCaptions
Net Neutrality is about the government staying out of your networks, or at the new FCC chairman puts it:
Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards
Somewhere in here is a real story but you aren't getting it from the summary.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
As a European I am astounded that companies don't already have a requirement to keep personal data safe. It is something that I just expect to happen. OK: I do realise that what the law says and what companies actually do can be very different, but still - companies do get fined over here for lax security. This must be why people tell me that the USA is not a safe country for personal data.
'nuff said.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Life under the Internet Microscope: Prison inmate, or zoo animal, take your pick
Welcome to the Post-Internet Era, everyone!
Well, there's one more step backwards for the US. We'll be back in the 1950's in no time at all, while the rest of the world moves forward.
build the death camps and gas these pieces of shit before they fuck everything
But the privacy order stressed that following these standards is "voluntary" and that "providers retain the option to use whatever risk management approach best fits their needs." If there are complaints about security, the FCC would decide whether the ISP has implemented reasonable data security practices based on a few factors.
So ISPs don't have to do anything. But whatever they do, the FCC can step in and decide if it was enough - after the fact. Sounds like a half-baked regulation that should be tossed.
"According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority."
Republicans screwing over the American public? This is my shocked face.
Just cruising through this digital world at 33 1/3 rpm...
That sounds like a very pro-consumer rule, doesn't it? Except, it really isn't, because "reasonable" is pretty arbitrary, and so is FCC enforcement. More likely than not, such a rule is simply an excuse for ISPs to say "we took reasonable steps, so if something happened anyway, we're not liable".
It would be far better if people whose information has been leaked or mishandled could simply sue for damages and hold ISPs liable in court.
Funny how 'draining the swamp' seems completely indistinguishable from letting the major corporations have every single thing they want made into law.
I have never seen so many shills jump in so quick - even on slashdot. This is even worse that nukes and climate combined. Come on guys. I would personally welcome a VP of communications for for one of our new corporate overloads jumping in and saying, "hi I'm joe/jane doe, a VP at mega corp. Here is why I think this is important....and why I think this is a good idea. ...." We can engage in a meaningful conversation then. We might agree. We might disagree. But I would take you seriously and listen to what you have to say. But hiring a bunch of technologically uninformed hacks who have no idea what they are taking about to post a bunch of me-too drivel just hurts your cause. If there is this much dumb money being thrown against something then it make me think there is something important to protect here.
> As a European I am astounded that companies don't already have a requirement to keep personal data safe. It is something that I just expect to happen.
Of course there are laws. Several of them. This submission is just BeauHD spouting more utter bullshit.
Yesterday, the FCC decided that some of the hundreds of thousands of Title II regulations originally written to regulate the phone companies would apply differently to small ISPs. BeauHD claimed the order said "ISPs are now allowed to lie about their pricing!" Uh, no. The closest regulation to what he claimed is actually that small ISPs won't have to go through the same six-to-twelve month process of getting preapproval from FCC before they offer a new pricing plan. Wireline phone companies have to get any pricing options pre-approved ahead of time under Title II.
When BeauHD submits a summary saying "giant shark eats man alive", that means what actually happened is that a trout bit a guy's finger.
"Trump's government lowers the cost of the legal insurance, which lowers the total cost of doing business." Are you from some magical land where cable and teleco monopolies would have any reason at all to pass the money they have saved onto the consumer? Because here in america, we're used to paying more and more for the same or worse quality internet service, especially compared to the rest of the world.
The gap between who the people voted for and who ends up in the office is where the consequences lie. If the majority person was in office, he'd try to make the lives of the majority better, to keep a majority.
On the other hand, if POTUS candidate conspires with a foreign government, getting hacking help and propaganda and possibly funding, then he'd block cyber security bills. Undermine government investigatory powers. Refuse to open his books for inspection. Put people in power more for their loyalty not for their ability. Constantly keep trying to divide us with divisive issues.
Elected leaders have a majority and don't seek to divide a country into small fighting groups. One's that get in by other means, they're the problem.
Without the rule, they can simple cancel liability in the ISP contract. They would not even be required to even take 'reasonable' steps.
It lets Russia and China buy everyone's private browser history, health records, social security number, without anyone being liable. Our orange haired traitor's work.
Well in a way. He has quite a few enemies in the Republican party, and imagine how useful it would be if you could simply buy Paul Ryan's browser history from his ISP?
Ryan goes to some country and complains about their torture policy and anti-religion laws, and Putin responds back with his browser history showing Ryan visited sites like "nuns in bondage dot com".
If the ISPs have no duty to protect people's private data, then it's an item that can be sold.
From the list (below), it means who you speaks to, when, where you were, what you read on the Internet, all of it becomes unprotected. The ISP can have a field day, both looking for their own benefit, and their own lobbyists benefit, but also selling it on, since there is no duty and hence no obstruction to commerce.
"The data security rule says that telecommunications providers "must take reasonable measures to protect customer PI [proprietary information] from unauthorized use, disclosure, or access." That includes financial and health information, information pertaining to children, Social Security numbers, precise geo-location data, the content of communications, call detail information, Web browsing history, and application usage history."
Selected quotes from Patel's dissent on the FCC's ruling under discussion:
For the last two decades, the United States has embraced a technology-neutral framework for
online privacy. Administered by the Federal Trade Commission, this framework applied across all
sectors of the online ecosystem. It reflected the uniform expectation of privacy that consumers have
when they go online. It didn’t matter whether an edge provider or ISP obtained your data. And it
certainly didn’t matter whether, as a consumer, you understood what those regulatory classifications
meant—let alone the technical and legal intricacies that dictate when a single online company is operating
in its capacity as an edge provider as opposed to an ISP. Regardless of all of that, the FTC’s unified
approach meant that you could rest assured knowing that a single and robust regulatory approach
protected your online data. 1
That’s why since the beginning of this proceeding, I have pushed for the Federal
Communications Commission to parallel the FTC’s framework as closely as possible. I agreed with my
colleague that consumers have a “uniform expectation of privacy” and that the FCC thus “will not be
regulating the edge providers differently” from ISPs. 2 I agreed that “consumers should not have to be
network engineers to understand who is collecting their data and they should not have to be lawyers to
determine if their information is protected.” 3 I agreed that “harmonizing FCC policies with other federal
authorities with responsibilities for privacy is a responsible course of action.” 4 And I agreed with the
FTC when it said that an approach that imposes unique rules on ISPs that do not apply to all online actors
that collect and use consumer data is “not optimal.” 5 These are the core principles that I have held
throughout this proceeding.
I was disappointed—but not surprised—when FCC leadership circulated an Order that departed
so dramatically from those principles.
Now, today’s Order tries to justify this new and complex approach by arguing that ISPs and edge
providers see vastly different amounts of your online data. It recounts what it says is a vast sea of data
that ISPs obtain. It then says that “By contrast, edge providers only see a slice of any given consumers
Internet traffic.” 6 A “slice.” Really?
But due to the FCC’s action today, those who have more insight into consumer behavior (edge
providers) will be subject to more lenient regulation than those who have less insight (ISPs). This doesn’t
make sense. And when you get past the headlines, slogans, and self-congratulations, this is the reality
that Americans should remember: Nothing in these rules will stop edge providers from harvesting and
monetizing your data, whether it’s the websites you visit or the YouTube videos you watch or the emails
you send or the search terms you enter on any of your devices.
But the agency has rejected that approach. Instead, it has adopted one-sided rules that will
cement edge providers’ dominance in the online advertising market and lead to consumer confusion about
which online companies can and cannot use their data. I dissent.
OP should READ and COMPREHEND before cutting ans pasting.
This rule uses the legally indefinable word, "reasonable" which renders it unenforceable and a total waste of everyone's resources.
That's why it's being killed.
Trump /= Emmanual Goldstein
All actors in the online space should be subject to the same rules
Exactly. THAT is net neutrally. Any other action is just corporations pulling the strings in one way or another.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Always trying to divide groups? Always pretending it's political? Yet you use 'anonymous coward'.
Trump isn't a Republican, he's some sort of anti-trade, anti-business, anti-defense, anti-America, disrupter, working for Putin. Thanks to this, now, ISP can sell your web surfing and internet data and foreign governments and his groups can buy that data.
Just like the "clean water regulations Bill Clinton never adopted during his 8 years in office, but had his minions roll-out as he left office, Obama never implemented this while in office for 8 years but just had his minions roll it into the tent of his successor.
These policies are dirty political tricks. The administrations launching them neatly plan to never themselves be in charge of, or subject to, them and never have to bear the costs or other burdens of implementation and/or enforcement. Then when Bush(43 not 41) got in and cancelled the Clinton mandate, the Democrats endlessly accused him and the entire GOP of wanting "dirty water" tainted with lead and arsenic (for sticking with the VERY SAME STANDARDS the Democrat president Clinton had used for 8 years!). In this case, the ISPs were supposed to start doing something impossible starting in March (AFTER Obama's get-out-of-town-free (or actually at taxpayer expense) move). Now that the Trump FCC might not try to force the ISPs to do the impossible and instead leave people with the vary same conditions Obama supported for 8 years, Trump is apparently violently anti-consumer... and a racist sexist NAZI homophobic Islamophobe trangenderphobe...
Calm down, everybody, and stop being so easily manipulated by dishonest overpaid political hacks.
"tolerant" progressives I keep hearing about.
"Love Trumps Hate", right?
when we go low, you and your friends go high, right?
Are we "stronger together" yet???
(sigh)
The modern progressive left - all blithering idiots with hatered, spite, and bile in their souls, empty rhetoric and spite on their tongues, molotov cocktails in their hands...
Your mommies should have spanked you at least once in your lives to teach you that you are not the most important people in the universe, things do not always go the way you want, and sometimes you have to behave yourselves and tolerate the idea that others disagree with you and might say or do things you do not like. Mature adults do not throw temper tantrums - two-year-olds do that.
The rules being cancelled were proposed by the Obama team AT THE END OF HIS TERM and to be implemented AFTER HE LEFT OFFICE.
Therefore, by definition, cancelling the change means conditions going forward will be what they were during the 8 wonderful years of the infallible and most worshipped messianic figure Obama.... and the wonderfullness of saint Obama is suddenly evil and backward now because Trump????
Keeping things as Obama had them is now "one more step backwards for the US. We'll be back in the 1950's in no time at all"..... REALLY?!?!?!?
Do you Obamabots EVER read what you write and THINK things through AT ALL??? Have you ANY , even miniscule, sense of introspection??? Do you have ANY CLUE about what it would be like to be consistent and honest?
I find your way of thinking to be fascinating, in a disturbing way.
You highlight the problem of big government fascism (the REAL sort that you like, rather than the phoney movie sort you hate) and yet you do not even appear to notice. Allow me to lend you an intellectual hand here as you clearly are in desperate need:
"They're not "my" networks, or yours. They're ours. They were built with government subsidies." - your words... wow... on SO MANY LEVELS...
1. By your warped reasoning, everything which gets a subsidy is "OURS"... so we all own SpaceX and Tesla and all those wind farms and solar panels, right? My neigbor gets government aid so I guess his home is mine? Does HE belong to me too? I disagree strongly with subsidies, but I'm even more scared of them if they automatically mean community ownership.
2. Your comment about subsidies is a bit unclear, given that with the internet subsidies were involved both in the invention and in the later mass-deployment of infrastructure. Since we're on the infrastructure, let's go with that part: The companies that built the internet infrastructure were indeed subsidized because the government passed laws, rules and regulations mandating those subsidies. By this precedent, if any new thing becomes sufficiently desireable to the public that the public convinces lawmakes to use subsidies to give them cheaper/better access to the new thing, then the ownership of that new thing becomes shared and public!
Actual fascism is the blending of socialism with corporatism - that's the economic system Italian socialist dictator Benito Mussolini cooked-up as a "better" form of socialism. The goosestepping and tyranny are just the implementation details required to keep order and keep stealing resources in any sufficiently heavy-handed successful Marxist system that is trying to delay the onset of Margaret Thatcher's Law of economics which states that "The problem with socialism is that eventually you run out of other people's money". Thinking that the thing to oppose is the goosestepping, rather than the grand governmental scheme to indirectly hijack the economy and corrupt the society is a bit like thinking a firefighter's job is to battle smoke, rather than worrying about the flames.
To avoid all this garbage, all you have to do is pay attention to the lessons of the founders of the USA - keep government small and very limited. If government is not supporting government monopolies on things like internet access, then you do not need more government to implement "net neutrality". If government is not subsidizing things, then you do not have arguments about whether these things have magically morphed into public property (whose operation and maintenance and liabilities are amazingliy NOT public liabilities...
The question here is whether IPs will spend the money to implement adequate protections against hacking. If they choose not to do so, no one will hold them accountable.
1. In many markets there is no effect competition. With only one viable IP(I.e. one set cables, no cables, poor wireless coverage). In these same markets IP have lobbied for legislation to create significant barriers to market entry or made "gentlemens agreements" not to compete with one another in certain markets.
2. Lack of information. Competitive markets depends on accurate information flowing to consumers so they can make educated choices. Consumers aren't informed about what security protocols are implemented by a given IP and are not able to judge if they are adequate. Also, consumers might not be informed a data breach has occurred until it is too late and they are already the victim of identity theft. There is no way force IPs to make an individual consumer whole for their lack of due diligence.
3. Lack of redress. Most consumers are not financially equipped to sue a large corporations. Recent legislation has made class action suits more difficult. Arbitration mechanism offered by corporations are biased against consumers.
If you still believe competition will solve problems of security breaches you are a zealot that is not thinking rationally.
Pai is wasting no time kicking that nepotism into high gear.
Your sig here!
Not that the FCC was ever very much more than a corporate puppet, but it's fascinating to watch them, and the government in general, find ways to be of even less service to the people.
So far, in just a couple months, we've seen the elimination of the requirement that energy companies must disclose royalties and government payments; the elimination of rules preventing dumping of coal mining waste into rivers and streams; the funneling of even more money into our "only more costly than the next eight countries put together" military; assertion that we need more and better nuclear weapons; suspension of an insurance rate cut for new Federal Housing Administration loans; completely unjustified disruption of already-issued visas; the installation of a white supremacist on the national security council; an order to "review" a rule requiring financial managers to act in their clients' best interests when handling retirement accounts; an "easing" of the Wall Street Reform and Consumer Protection Act of 2010; amplification of the drug war; amplification of the war against personal and consensual sexual choices; partisan filtering of the Whitehouse press pool; anti-free-press agitprop straight from the president... all this, along with a great deal of additional rhetoric that indicates more of this nature is likely on the way.
We no longer need turn to dystopian fiction to see just how badly our government can act out. A dystopian reality is rapidly establishing itself. The indicators are so strong at this point that some of the "peppers" are actually beginning to look like forward-thinkers.
I wonder just how much of this kind of damage the country can suffer before it undergoes some kind of seismic shift, or, if it will just deliquesce into a fully classist, corporatist nightmare.
I prefer to hope that the complacent have had a wake up call as to just how foolish and blind large segments of our population actually is; that they now understand that it is possible that without their active resistance, both at the voting booth and in general, all of this will continue apace while every tweet from President Trump, every bit of nonsense from Spicer and Conway, every craven abrogation of responsibility by congress, every unwise and harmful regulatory alteration, will be met with a blinkered nod-and-drool from the very people that saw to it that he reached the Oval Office — and that this will outright determine the future course of the country along these same destructive lines.
These are such very interesting times. We know we're not 1940's Germans; but we're finally going to get an answer as to whether we are better — or worse. I see little reason for optimism in this regard at this point in time, either.
I've fallen off your lawn, and I can't get up.
It most definitely is. A decent quality pizza worth less than $2.00 (I make them from scratch, and that's what they cost me in low quantity in a relatively isolated region where raw materials prices are high, so I'm quite sure of the number) often costs well over $10.00. Sneakers worth about $8.00 can cost far, far more than that -- no more than a little bit of canvas, plastic and metal off a mass production line. The gouging is blatant and obvious. The fact that you are willing to actually write as if it wasn't reveals that you have no actual sense of the economics of either matter.
Because US broadband is lagging far behind the state of the art, and prices are far too high. You should be running much faster, and paying much less. Same was true six years ago. And you are not even at the bottom of the low performance / high price heap. In many places, it's worse.
No, the answer is collusion.
I've fallen off your lawn, and I can't get up.
As far as I can tell there are only two states of affairs: Business is regulated, leading to government monopoly over price controls. Not good for the consumer when the government is corrupt, as nearly all are or will become. Business is not regulated, leading to corporate monopolies over price controls. Not good for the consumer as corporations are only ever concerned with profits and they are quite happy to band together to price-fix things and drive out any competition with anti-competitive practices. Neither state of affairs is optimal at the consumer level.
I know that providing false information to the feds is a crime but does that apply to your ISP. Just make up a SSN and remember it. Where do they have the authority or source to check or verify your provided info ?
errr....umm...*whooosh* *whoosh* Is this thing on ?
In truth all ISPs should be required to log NOTHING from their customers.
That'll go well with the snooper's charter being passed in the USA: ISPs have to record everything you do but don't have to keep it private. I think Republican politicians will discover their neo-liberal grovelling has unpleasant side-effects.
That FCC Chairman Ajit Pai might be setting up bureaucratic arbitrage. In short, set the FCC and the FTC up against each other, allow ISPs to claim (no matter which FxC organization they are dealing with) that the other FxC organization actually has jurisdiction.
And either way the customer gets screwed.