Federal Communications Commission (FCC) and the Expectation of Privacy in the Digital Age
In October 2016 under the Obama Administration, the Federal Communications Commission (FCC) passed Privacy Protection Rules that would prevent Internet Service Providers (ISPs) from using some categories of customer information without the users' permission. This was to include "data such as a consumer's Web browsing history, app usage history, location details and more would have required a customer's explicit permission before companies such as Verizon and Comcast could mine the information for advertising purposes." (Washington Post, 2016) These rules had not yet gone into effect when they were rescinded by President Trump in April 2017.
There seems to be a disconnect in today's news media when it comes to online privacy. On one hand, we eagerly report the latest sensational Tweet and post, and on another, something as impactful as the FCC rules recision in April, seems to pass by almost unmentioned.
The irony of the now rescinded FCC rules is that they placed customer privacy regulations on ISPs, while maintaining the right of online powerhouses like Google, Amazon Web Service, and Facebook, to continue to access and run analytics on similar personal online activities and data. Though the FCC rules attempted to protect consumer data, they may not have included all the necessary layers to do so.
So should we be alarmed? Frankly, I believe we each should be aware of what online data or activity of ours is not protected. It is important to be mindful of the Terms and Services of the providers we use, and brush up on changes when they occur. But the question remains: is it reasonable for us to have an "expectation of privacy" regarding our general online interactions, searches, or activities (other than the agreed upon dealings with finances and Personally Identifiable Information (PII))?
Though the lack of ubiquitous online privacy may make some users uncomfortable when they think about it, the fact remains - it is not technically feasible nor practical to keep all our open wanderings confidential online. It is most important that we, as a CyberSecurity savvy community, focus on legally and technically protecting specific groups of significant data online: our PII and trusted (especially financial) transactions. Not only is that focus worth fighting for, but it is actually achievable if we work together. To that end, trust in our online ecosystem, as it pertains to the data we care about most, will exist in support of key business and government functions both nationally and globally.