Slashdot Mirror
Activist Starts a Campaign To Buy and Publish Browsing Histories of Politicians Who Passed Anti-Privacy Law (searchinternethistory.com)
On Tuesday, Congress sent proposed legislation to President Trump that wipes away landmark online privacy protections. In a party-line vote, House Republicans freed Internet service providers such as AT&T, Verizon, and Comcast of protections approved just last year that had sought to limit what companies could do with information such as customer browsing habits, app usage history, location data and Social Security numbers. Now call it a poetic justice, online privacy activist Adam McElhaney has launched an initiative called Search Internet History, with an objective of raising funds to buy browsing history of each politician and official who voted in favor of S.J.Res 34. On the site, he has also put up a poll asking people whose internet history they would like to see first.
Update: The campaign, which was seeking $10,000, has already raised over $55,000.
Update: The campaign, which was seeking $10,000, has already raised over $55,000.
Why should Google have all the fun?
Please make sure to purchase , but not publicize their children's information also. .... How this is legal is beyond me....
Every politician, all the time, with the results updated in real time. This is the only way the rest of us will ever see our privacy respected.
https://www.gofundme.com/buycongressdata
It should be clear by now that fake facts are just as good as real facts, maybe better if they support xenophobic nationalism.
God damn politicians need a taste of their own medicine.
Many ultra-conservative, bible preaching Congress members found to frequently visit porn sites most likely LGBT ones.
Well, there's spam egg sausage and spam, that's not got much spam in it.
The politicians are doing the bidding of deep pocket corporate executives. These treasonous sub-citizens need to be on this list also.
Is about to find out just how limiting the ability to get information is even if they pay for it. Even in industries where there's no data protection laws why would an ISP sell this?
A baker sells a variety of bread to suit tastes, they don't sell you a specific bread made from your own recipe, and they don't sell you their recipes or equipment either.
Back when the UK passed the Snoopers Charter (the one that lets everyone and their dog access your full internet history), those clever politicians made just one important exemption - they themselves wouldn't be subject to the law.
http://www.independent.co.uk/l...
I'd be surprised if the US hasn't done the same thing, but then the UK *is* a world leader in surveillance of their own citizens.
Just because a company CAN sell something does not mean they will.
I think it will be pretty interesting to see what they can actually end up buying.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Great idea. If the ISPs refuse to sell the information for some half-assed reason then there'll be fireworks.
One: Companies CAN sell your data. They're not mandated to do so... and they'd be stupid to screw those who can control them with legislation.
Two: If they're stupid enough, or you get the data through a middleman, they will simply find a law to charge you with for doing it. And if they can't do that, they'll draft such a law THEN charge you.
Best case, one or two of them is mildly embarrassed before you have a new home with very secure doors and windows.
Yeah, some ISP with a social conscience could really make hay with this new freedom... publish all politicians' internet activity, for the low price of $0, daily or weekly on a website. Let's see how they like *that*.
I know this law has been passed but surely the law doesn't let them sell personally indentifiable information like names, SSNs, and addresses? Does it?
Too bad https://www.searchinternethist... is currently showing nothing more than SHTML Wrapper - 500 Server Error
Might makes right irrelevant.
and Social Security numbers
How do ISPs have those?
In the wake of the Kelo vs. City of New London case, where the Supreme Court ruled 5-4 that municipalities can forcibly buy out your land under eminent domain just to do a redevelopment of some kind, some guy went public that he wanted to buy out Justice David Souter's house and raze it and build a bed and breakfast on it. I was greatly pleased with this idea as I'm still pretty angry about the verdict, but this just ended up being 100% talk and nothing even came close to being done. No development was ever actually done on the land acquired. It's currently a vacant lot. So you can thank the Supreme Court for the idea that if anybody in your local government has a grievance against you, they can get a bogus developer to come up with a phony plan to redevelop your land, force you to sell it to them, tear down your house and then do absolutely nothing with the property and it's all 100% legal.
To be honest with you, I would expect the Congresscritters involved to complain a lot about this plan and wouldn't be surprised if they pass legislation to make it illegal to harvest their data and only theirs. But most voters don't care about anything but whether there is an R or a D by a candidate's name and I wouldn't expect any browsing revelations to matter in the next election, nor would Congress even protecting themselves from such matter. If the past election taught us anything, it's that for 80% or more of the voters, no matter what they say, they really don't care about anything except party affiliation of the candidates.
Just because a company CAN sell something does not mean they will.
I think it will be pretty interesting to see what they can actually end up buying.
One thing that got lost in all the wailing and moaning is that protecting privacy is the purview of the FTC, not the FCC.
The law got axed because it was a standout overreach of a specific government agency, only affected a certain segment, and was done badly.
What *should* have happened is the FTC should pass a low saying that *every* corporation has to protect customer privacy.
Everyone got so distracted with "muh rites!" and completely lost track of whether it was a good law or not.
"The lesson here is that it is insufficient to protect ourselves with laws; we need to protect ourselves with mathematics. Encryption is too important to be left solely to governments." -- Bruce Schneier
Proud neuron in the Slashdot hivemind since 2002.
If you have something to hide, route all traffic through an encrypted VPN.
Every online shopping business is already busy analyzing your buying and browsing patterns as you move through their site. Retail stores and groceries have studies watching people walk through their aisles and analyzing product placement and buying patterns. Movie theaters track every ticket sale and then sell that data to production studios. Google and Bing scan your email and your search requests and they sell access to their analysis results. Everything you do is being captured and tracked for analysis and reused into business-to-business products. Your ISP pimping your traffic habits is just business as usual. Do you really care about ISP's if you don't care about the other businesses tracking and reselling you?
The FTC can't keep the ISP's in line -- our information is too valuable, and the fines for breaking the law to insignificant to stop them.
And, those ISP's are already lying to you about data rates and coverage and upselling you into packages you don't need.
It's safer to have everyone assume they are being watched at all times rather than pretending your ISP can be on your side.
There! Just use a VPN if you have something to hide.
Here's the scam.., err, activist's gofundme page https://www.gofundme.com/searchinternethistory.
I don't have all the answers to a lot of questions right now. But I'm working with people who are assisting me in developing a fully fledged plan. I do hope that if you are skeptical, you'll stay with me and watch.
This will be a roaring success, I just know it.
Google analytics tracks everyone, everywhere, and has been for sale for a very long time. Facebook Like buttons and iframes follow you everywhere. But yeah, let's all freak out, because AT&T and Verizon can haz cheezburger nao too.
If you thought cleartext http or dns was ever private, which is all the ISP is going to see anyway, then I have bad news for you.
They have made the fundamentally flawed assumption that politicians they wish to embarrass know what a computer is and how to use it.
This is a cute idea, but I don't think much will come of it. ISPs won't be selling individual browsing histories- despite whatever changes to the laws happen, the liability would be staggering and most buyers would be looking for data in a bulk, automated way that scales. As an advertiser, one individual's complete browsing history is completely useless to me; there's no market for that data that ISN'T to publicly shame people or otherwise spy on people. While I suppose private investigators and law enforcement might be a niche market for this sort of thing, I just don't it happening in a significant way.
What you'd actually be buying are audience segments against IP addresses and possibly device IDs, which could then in turn be matched up to other data sets. Ie, if I'm Coscto, I might be trying to identify "Devices that have recently shopped at Walmart.com". Once I have that, I might be able to match some percentage (maybe 10-40%) of those devices to some other kind of data set (for example, to add demographic data). That's just two data points- not nearly enough to identify anyone- and I've already likely narrowed my starting set of devices down to 10-20% of what the ISP provided me.
It IS possible to ultimately drill down into this kind of data far enough that you can be pretty sure you've found the history for an individual person- in theory anyway. But the amount of time/effort/luck involved to get there makes this impractical to do at scale (i.e., for all the Congress-critters) or to keep up to date manually as cookies expire/are deleted, IP addresses change, people upgrade their phones every 1-2 years... it takes full time teams of people to do this at a very basic level.
Plus there's the whole "That wasn't me, damn neighbors stealing my wifi" defense for anything nefarious.
Source: I work in programmatic audience targeting for a Fortune 100. (I promise we're not evil, we just want to sell you stuff you might actually want)
Google
Giving up the web? Because if you hit a site using Google Analytics, or a site clamoring for any of the many, many resources Google hosts, you're tracked. Sure, you could blacklist Google outright. Good luck with half the web being broken.
You can't from your ISP.
VPN. Conversely, that'd also protect you reasonably from Google. Either way, it's a fucktarded solution to bad legislation that was pushed because Big Tech lined Democrats' pockets slightly more than Big Comcast.
According to the bill, selling of search history requires "explicit user opt-in". I am not sure how providers will obfuscate the "opt-in" checkbox for the rest of us, but for members of congress that "opt in" will not be granted - I can assure you of that. So, nothing to buy.
When ISP's start selling customer browsing history to advertisers, i think they would give the advertising company a weird look if they asked "give us the browsing history of these 400 people"
More likely they would need an agent to purchase browsing history of 'IP addresses in Washington D.C' and then the browsing data would (god i hope) be anonymized, requiring forensic analysis to determine which browsing history belonged to a sentaor/house member. I don't know if you could easily match a particular senator with a particular record of browsing history. You could easily say '20% of congressmen searched for 'teen porn' it the last month' i don't know if you would be able to say 'these particular senators browsed for teen porn'
It's wishful thinking and pathetic to hope that we'll catch them going to porn sites. Sure there's guys like Anthony Weiner, but the fact is that almost all these guys know better than to do anything like that on the Internet, and they're not that interested in porn anyway because they're grownups and have better things to do with their time.
I still think exposure maybe will work.
One way these things are done is that you go after the family, friends, and business associates of the politician.
When Congressman Bob is on the board of directors of Acme Corp, and the browsing history of everyone else on the board gets published as "Congressman Bob's associates at Acme Corp was looking at from his home computer for 3 hours last Tuesday. Also, here's the bank sites and online stock brokerage that they been accessing, and these two have treasury direct accounts.
Bob is going to get a phone call to fix this, and it'll be coming from the people he really wants to please.
Do you remember a time before when medical records were considered private, and the law punished anyone sharing your record?
I do. No one in government ever gave a shit about the we peons' medical records privacy.
That whole privacy thing came about in the late 1960's when a candidate got the idea that during an election you could expose your opponents medical record and let the world know that Congressman Bob had gotten a prescription for valium, and thus was mentally unstable. Also, Congressman Bob had a heart bypass operation and was likely to die at any moment, and in any case certainly didn't have the stamina to serve as congressman. Then many others started doing started doing it until the plug was pulled by the newly discovered need for privacy, by Congress.
If I were an ISP, I would maintain a VIP list and cull those records from anything I sell, so you would never see anyone in higher levels of government, big-name entertainers and so on. I might even offer it as a paid service to opt-out for some extra gravy.
You can easily protect data with encryption. It's harder to protect meta data. For example: with proper encryption we may never know what Devin Nunes was actually watching on pornhub. To actually hide that Devin Nunes was on pornhub requires something like TOR or a VPN.
the browsing history for Mitch McConnell and Paul Ryan first. Let's see if they're actually working or fucking off. I think they're fucking off.
This was NOT a party line vote. The following Republicans voted NO and should be congratulated for standing with the People, not the ISP $$$.
If five more Republicans had switched to a NO vote, the resolution would NOT HAVE PASSED!
A thank you phone call to their offices today will be noted and WILL make a difference in future efforts to enact comprehensive privacy legislation.
Brooks, Mo AL 5th
McClintock, Tom CA 4th
Coffman, Mike CO 6th
Yoder, Kevin KS 3rd
Graves, Garret LA 6th
Amash, Justin MI 3rd
Zeldin, Lee NY 1st
Faso, John NY 19th
Stefanik, Elise NY 21st
Jones, Walter NC 3rd
Davidson, Warren OH 8th
Sanford, Mark SC 1st
Duncan, John TN 2nd
Herrera Beutler, Jaime WA 3rd
Reichert, David WA 8th
https://www.govtrack.us/congress/votes/115-2017/h202
FACTS MATTER
Who's browser history would I want to see up for sale? Adam McElhaney's, of course.
Good, inexpensive web hosting
Others have already suggested why this might not work, but if government perceives even the slightest possibility that their browsing histories might become public, they will just add an amendment to the bill making it illegal for THEIR data to be sold.
Encryption isn't going to help you when Time Warner Cable sells the bit of your browsing history that shows you surfed to https://www.shooshtime.com/ among others.
So you'll use a VPN, until you realize that the upstanding VPN providers are also selling.
Then you turn to Tor, until you find that all the Tor exit nodes have been compromised by the FBI and CIA.
So then what does encryption get you?
Thanks Guys!
privacy is for the ruling class. I can guarantee there's exception processing in place for anyone who makes over a certain amount of money. They have personal assistants who make more than you and will see to it.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Morons.
Out them all.
Everywhere.
No privacy for us == No privacy for you.
-- Tigger warning: This post may contain tiggers! --
We'll know exactly what Nunes was watching on Pornhub because it uses HTTP GET instead of POST. Having unique URLs for content and having people visit them is important for searchability and SEO, so the porn industry probably can't afford to give up its URLs and GET in favor of some more secretive AJAX method or Fetch. As long as sites want to present themselves well to web spiders, they'll use insecure methods of navigation for real customers.
As for your VPN, you only trust that they're not logging you. In point of fact, beyond all their promises, they have just as much ability to log your traffic as does your ISP.
There is no safe way to indulge in thoughtcrime online. Keep your thoughts inside your head, and keep your internet browsing clean: abstinence is the only way never to get caught.
CAPTCHA: blacked. Not even kidding.
Still protects the content. So even if they are able to discern who you were talking to they won't be able to discern what was said.
Minimum threshold fixed. Thanks!
This legislation passing.. my response is "Way to drain that swamp Trump!"
Since Trump insists on using his old unsecured Samsung phone on I believe AT&T I would be fascinated by (and pay money to see) his web browsing logs.
RussianPeeHookers.com anyone?
If you're an ISP, you just won't sell this information to a buyer (even if they were to sell individual browsing history, which is totally unlikely given it's relative lack of utility to advertisers) to accomplish two things:
1) you're a well behaved ISP
2) not make an enemy of the lawmakers
Any attempt at buying lawmakers browsing histories is only going to reinforce the argument of the ISP industry that they behave sans regulation when they politely decline to do so.
"Old man yells at systemd"
Really, I don't know why anyone (except perhaps Trumpslaves) is surprised by this.
I mean, come on! Who do you think will be the biggest customer of citizens' private data? Some random advertiser, or the newly installed (and already despotic) government? Privacy laws that keep the US government from collecting our info are unlikely to keep it from buying that information from our ISPs, particularly now that our "expectation of privacy" has been deconstructed (removing at least one point which could support a judicial reversal of this crap).
This is yet another power grab by the Republican Regime, and a rather transparent one at that.
Isn't there some kind of browser add-on that could be written that would ping or simply connect to a pre-selected (or crowd-based) list of web-sites / URL's ?
this would render the whole thing useless because 95% of the data would be random ? why isn't this a thing yet ?
If their children embarrass them once or twice...
Please also see https://www.gofundme.com/buyco...
Please don't dominate the rap, Jack, if you got nothin' new to say.
bunch of spoiled brats. they need a good spanking.
If we go after their families data, especially their spouse, that will really knee-jerk them.
Random people can't buy the information, and trusted companies can only buy it in bulk,
and it's going to cost a lot more money than this guy could ever raise, anyway.
And even if all that weren't the case: the expose web site would be shut down as an
allegedly illegal operation, probably the operators arrested, and of course civil actions.
What will be necessary to make the point is for some Verizon employee to be compromised,
or their data center to be compromised, and the information to be leaked.
Then some group can do the de-anonymization work (or if somehow raw data were
available, the data integration work).
Then it can be published irrevocably on Wikileaks.
To be effective, it should include ALL of the lawmakers, not just the ones who voted wrong,
and also everyone in the White House, and the entire FCC board.
Not just the obvious wrongdoers.
Imagine you're an ISP who paid your congressperson to vote for this law. Someone wants to use your freshly-purchased law to embarrass you and your law vendor.
If I were in that position, I would tell Search Internet History, "Sorry, we don't sell that." (At first, and then when I later got caught selling it to others, it'd become a more combative "Sorry, we don't sell that to you.")
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
...I've ever considered using Tor. Thank you Republicans for giving us reasons to obfuscate our online behavior. The FBI and CIA will love what you'd done.
Seriously, we need to get the address, family info , and SSN as well.
That will make these GOP rethink what they are doing.
And if at all possible, lets find out what businesses these GOP own and interact with. It could an interesting source of money for them.
I prefer the "u" in honour as it seems to be missing these days.
This is the rep that is pushing this; Marsha Blackburn.
And here is the Senator pushing this;
Anybody who is represented by these ppl should let them know that the internet is waiting to know all about them AND THEIR FAMILY, including kids and grandkids.
I prefer the "u" in honour as it seems to be missing these days.
Starting now...
Don't just stand there, get that other dog!
I should be able to safely hide behind a screen name without my ISP guessing things about my life.
Well it looks like you're in luck. They won't have to guess, they can rummage through everything you do online.
If you ever find a bottle with a genie in it, do yourself a favor, put it back and run away. ;-)
https://www.opensecrets.org/in... (Hint for liberals - look for the "blue").
"I say we take off, nuke the site from orbit. It's the only way to be sure."
which is also going to be unregulated. We elected a president and congress who's stated goal is to eliminate regulations. Why is anyone surprised?
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
Purchase the activists' histories and publish theirs, even if it requires digging deeper.
Twitter supports and protects racists - by smearing their critics with the "Hate Speech" label.
The 9th Circuit Court of Appeals ruled in AT&T v. FTC that the FTC has no authority over common carriers. This FCC rule that Republicans got rid of filled the gap from that court decision.
So instead of going to the supreme court to fix yet another boneheaded decision from the 9th, someone decided to plaster over the bad mistake with an FCC ruling.
Which as it turns out is like patching holes in a roof with cotton candy - one wisp of rain and the protection is gone.
If someone wanted real protection why not try and pass a real law to do so, instead of jiggering the FCC to patch something wrong?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Since it was all Republicans that voted YES on the bill, their browsing history is just bum fight videos, cuck porn (gay cuck porn for the Freedom Caucus) and the Daily Stormer.
You are welcome on my lawn.
I am conservative and I think this is and EXCELLENT idea.
Let congress critters feel the pain of intrusive advertisements.
I am also in favor of Net Neutrality. If they can do deep packet analyzing, they are on the hook for Kiddy pr0n.
If they are just common carriers, they cannot do deep packet analysis or charging different clients different rates.
...somebody REALLY doesn't like that idea.
When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
In an article posted by the Verge today, the members of Congress who voted to Shred the ISP Privacy Rules are listed, by name, along with information of how much they received in donations from the telecom industry and employees of those corporations.
Remember... Congress didn't need to do this. Newly-promoted FCC chairman Ajit Pai was going to gut the FCC rule behind Internet privacy all by himself. But with this move, the members of Congress named in this list took the extra step under the authority of the Congressional Review Act to expressly cause the privacy rules to "have no force or effect" and prohibit the FCC from issuing similar regulations in the future .
They might say that this move was just a legal technicality... that the real power for privacy should properly rest with the FTC. Bullshit. The resolution they passed eliminates the FCC's privacy rules without any immediate action to return jurisdiction to the FTC, which is prohibited from regulating common carriers such as ISPs and phone companies.
All that's left to happen is for Trump to sign it, and then, that's that. Out of the frying pan, into the fire.
Take it easy, Charlie, I've got an Angle...
You clearly also care about HIS gender.
Run a crawler. Visit the internet. Just because my crawler goes to a site doesn't mean I've gone to a site. And the number of times I visit the internet is small compared to the number of visits my crawler makes. So you just end up buying a nice even sample of the internet, based off a dictionary seeded Google search crawl. Meta data is nice, but what does it mean? It means the internet. How much is that worth?
Pornhub doesn't support https.....so I've heard.
http://resistancereport.com/ne...
Architectural plans are like computer source code with a couple of differences: You only compile once.
I'm pretty ignorant of all this, but doesn't the HIPAA cover urls and identifiers as protected health information? Does this mean I can sue my ISP for disclosing PHI if it sells the knowledge that I contacted Itturnedgreenanddroppedoff.com? Or the medical billing agency? Profit!
You know that's what you are going to do eventually anyway. Sounds like a quick scam for a few bucks.
ISPs are required by law to allow you to opt out of data collection... Even if it is collected, no names are associated to it...... FU FAKE NEWS!
The SJW shit has been pushing me away but privacy is a big deal. This vote being along party lines is literally the deciding issue for me.
I just wish they had a stronger stance. I'm ripe for poaching by a 3rd party who really gives a shit about mass surveillance and privacy in general.
V'z jnl nurnq bs lbh.
They probably do a lot of vanity searches, hit their own website as well as focus on news from their home. Though their staffers probably behave similarly.
And if history is any lesson gloryholeoftheweek.com will likely found to be heavily frequented by Republican Congressmen.
Stop targetting just the people you don't like - hold them ALL accountable for the destruction of this once great nation...
Already saw posts from the creator of Cards Against Humanity saying he'd be doing this with his own money, and specifically telling people not to send him money for it...
One thing that no one seems to be talking about with this law is that yes it allows companies to sell your browser history and no even allow an opt-out; but the biggest is it takes away the legal responsibility of the companies to report breaches. The restrictions before forced the companies to report breaches because they exposed private customer data; but now they don't have any of the same protections so they do not have to report breaches. Do you really think any of these companies are going to willingly report new breaches? Take all the publicity flak and condemnation for a breaches willingly? No way, they will sit on any breaches and just deal with each affected customer one by one; and no one will know if the breach exposed 1 customer or 10million.
I wonder if my requests and the packets coming to me are protected under copyright law.
So, let me be sure we have this correct: The techies on slashdot are upset because their data is being sold.
The techies on slashdot should know they have always done this with all personal information.
Every company sells its email addresses and home addresses, no matter what you are told or 'agreed to'.
Entire companies exist to clean and de-duplicate this data and then sell it to marketers and spammers.
You should all know that no matter what the govmint does, these predatory companies make millions on our data. They have done so since the 1990's and will continue to do so regardless of legislation or anything.
Stop assuming that companies, politicians, and the u.s. govmint EVER do anything that helps you. You are being screwed hourly by these three groups.
If they make a sound, it is a lie. If they pass a law or rule, it is only for We The People and not them.
Wake up sheep.
I love it...the congresscritters voted to support this bill so they could continue to collect campaign donations from ISPs. Clearly, they did not realize that THEIR browsing histories could be collected, and sold.
Imagine what the infamous Anthony Weiner would reveal.
But, my question is: can browsing history be captured if they us a VPN?