We’re going to look at a potential future in which it’s not terribly hard to get your browsing history from an ISP and why this is a bad thing. This may be a little stretch from where we’re at now, I’m not thinking it’s much of one though.
ISPs will most likely claim that they’re storing data only for advertising purposes and that it’s somehow anonymized, locked in a vault, not retained, and in no way can be linked to you except by the advertising choices that are presented to you.
It should be mentioned that Paul has had way too much Indian food from Sitar in Nashville today so don’t take anything below as much more than the stuffed-ramblings of a failed dieting IT tech.
Why should I care about privacy when I don’t do anything bad?
We’re going to look at a scenarios of a person who does nothing illegal. Their browsing history at the provider level (stuff you can’t clear,) is now datamined by their ISP and eventually sold off to bidders. This is how things are probably going to go in the US from this point forward now that ISPs have the ability to mine and sell that data like Adsense and Amazon have been for years.
With adsense, amazon, cookies, etc you maintain the ability to not load or accept them. Most of you use an adblocker (judging by hits vs ad impressions,) so visiting us doesn’t usually trigger advertising for other sites written by people who have eaten way too much at the buffet today.
Cleared cookies and a new browser ID generally restarted you as a person on the net until Adsense found you again.
The ISPs can now track where you go and sell this information. Before they couldn’t use it for anything other than network improvements.
Now, the ISPs are undoubtedly going to anonymize the data some so you won’t be able to say “I want John Smith’s internet history” and be able to get it without a lot of kerfuffle, dollars, or court order, but it’ll probably be relatively easy to get the browsing history of people who go to a certain website and they’ll probably charge based on popularity of website and number of records returned.
EG I want the browsing history of Amazon customers, chances are that’s going to be expensive. But let’s say I just want the browsing history of people going to my website, or say mail.mycompany.com. This would be marketed to give people who are purchasing the data some insight into their customers, but what happens when that insight gets narrowed enough to see what a company’s employees are doing at their home.
Oh, looks like people going to mail.mycompany.com are suddenly looking at job sites at home. Oh appears people going to johnsmail.mycompany.com really like going to porn sites and married-but-looking sites after work. Etc.
Alternately cheap ISPs are now able to just sell your data. Oh you’re switching ISPs? Want to give us $1000 to forget all the times you visited xhamster and watched big butts videos or should we just send it over to your new ISP?
Extortion yes. Illegal even now? yes. going to happen?
So in this piece we’re assuming it’s probably not going to be terribly hard to get complete browsing data because the dollar rules. What happens when your kid taints your ISP browsing history?
Imagine not getting a callback for a job because their verification agency does a quick check and finds your info in some “verified history” they’ve managed to purchase. Oh, you regularly visit websites that are classified as racist, adult, etc? You’re on whatever the Disney pop-star of the moment’s picture pages all the time? Creeper.
Now you’ve got to find out that you’re identified as a racist pedophile, which the verification agency probably isn’t going to put on their don’t-bother-hiring note they send to the employer. Much like the no-fly list you’re looking at having to sue the verification company to find out what info they have based this off of.
But employers can’t do that…
There are a lot of protections for potential employees in larger non-religious institutions. You can’t just drop someone based on something you don’t agree with in their supposed browsing history, however you can have a person give them a very long interview and then find a reason during that interview for no callback. I know people who have been tasked with giving the fake interview even though the job’s already decided against them. It happens.
Imagine the Supreme Court nomination hearings of the future. “Judge Smith, do you want to tell us why you spent so much time researching pinkies up the butt after hours at your residence?”
Just the tip of the iceberg
I talked with an HR person today on this and unless you’ve got truly anonymized or protected data out there this will be used by hiring managers if they can get it, advertisers, hate groups, and of course the people who are coming to take your kids, guns, or some such.
So treat your browsing from today on as though it were going to be used against you, your kids, etc.
Delete your browser history?
Nope, ISPs are tracking it, not your computer. You can destroy the devices and move to Canada but it’s still on a disk somewhere what you watched.
Don’t visit that site?
Sure, don’t let anyone other than you in the house use the internet ever. Their history may be used against you.
What can I do?
At the moment, either get a VPN, use TOR, tell your ISP you’re quitting if they don’t adopt a policy that allows users to opt-out of history tracking, elect a legislator that understands this is not just about advertising or tracking down warez kiddies, don’t do anything you wouldn’t want posted to the internet.
My ISP says this data is not going to be used against me
Good ISP. Are they storing it or leaving it somewhere where a hacker could manage to reach it?
Pretty safe to assume currently that anything connected to the internet will eventually be hacked.
Should I be scared?
Most likely no. My guess is after Cards Against Humanity or some hacker group manages to get the browsing history of Congress and the Senate and releases it we’ll probably have some privacy protections and several fewer Senators and Congressmen.
Should I care?
Yes. You and your loved ones could be circumstantially negatively profiled and this could follow you.
What do I have to cough up?
TOR is free. Betternet is free.
Most VPNs you get are going to cost something but will anonymize your data somewhat. Of course then there’s the issue of if someone manages to tie your identity to whatever any user of those VPNs is doing you might get virtually caught up with a bunch of disreputables.
Don’t get a VPN
Or do. I’ve got a financial interest if you purchase on from one of my links.
You should care about your information, not about the means to protect it. Seriously I look at the sites I’ve visited and know that it would be extremely difficult for me to find employment just based on weird stuff I’ve researchedor wondered about.