Did they also say that...
...they wouldn't just give it away?
Inquiring minds want to know.
US cable giant Comcast is looking to calm public outrage over its newfound ability to sell the browsing histories of its customers. In a post to the company's corporate policy blog, chief privacy officer Gerard Lewis vowed not to take advantage of the recently passed legislation limiting the FCC's ability to protect consumer …
There were two parts that to me seem to be Comcast using the weasel-words.
First, they won't hand over individual data, that doesn't mean it won't be sent in aggregate and who knows how small those "buckets" get. Also it has been shown many times you get enough aggregate data you can sometimes work out who someone is.
The opt-in can of course be covered by 5 scrolling pages of "EULA yada yada" style opt-in in the future, so its all good.
It's Comcast right? We all know how this will end.
Beat me to it. Weasel words indeed - typical corporate double-speak, where the words are carefully chosen so as to sound utterly reassuring whilst leaving huge loopholes.
For example, there is no incompatibility between
"we have never sold our customers' individual web browsing histories and never will"
and
"Hey, Walmart, we have a list of all of our customers who browsed for 'baby food supplies' in the last 6 months - pay us $AMOUNT and we'll inject your adverts direct into the HTTP streams of everyone on the list"
Grr.
Even though I'm not in a place served by Comcast, hopefully this will put pressure on other major ISPs to make a similar commitment.
I imagine if cord cutting starts eating too much into their bottom line a few years down the road they might be forced to change tactics, or offer special discounts that depend on the customer voluntarily giving up their data, but at least it might not happen immediately.
I'm actually more worried about cellular operators. We do more and more stuff via mobile today, so that data is becoming more and more valuable. People with Android don't need to care, they are already giving up all the info to Google so what's wrong with AT&T or Verizon grabbing it too? But since Apple is not hoovering up all your data for resale like Google, I'd prefer to have a cellular provider who does likewise. Luckily there is a little more competition for cellular, at least for now...
Looks like we may be in the clear at least for a little while.
Or maybe because of all the attention this is getting they are making these statements, and they'll slide a change into an updated privacy policy in six months when everyone has forgotten about it and moved on.
Does this mean I don't need to spend $40/year on a VPN?
Of course I will continue to spend money on security, since my connection is not always via trustworthy comcast. I have 5-6 devices roaming about in various networks and each one of them is using a VPN. Just makes sense.
Still, I wouldn't trust an ISP such as comcast or any of the down/up-stream conduits to always honor their press releases.
I almost wonder if stoopids in congress weren't paid to shill the fear of browsing history disclosure - by the vendors of VPNs. Oh, paranoid me!
But then, I'm using a browser that has full access to everything I'm typing and everything that my bank/spy-master sends my - encryption be damned.
Same setup at my house. Also looking into a VPN-capable router, for connected devices like TVs and whatnot.
I have also seen evidence (on the interwebs) where using a VPN can speed-up traffic, because Comcast can't segregate it based on type, which is something else the FCC is looking to (or has already) roll back. No more throttling Netflix during peak times (except, again, for the connected TVs).
I do wonder about our Android phones though (really any computer in general). Sure, PIA has an Android client, but can't the phone still record the requests being made? I'm pretty sure it can. So we also have to trust the OS provider, and as others mentioned, the browser provider too.
I too am not in a place that's severed by Comcast, but like more or less everybody else on the planet I am in a place that gets an incessant barrage of garbage from Comcast IP addresses. So if an IP is in any way associated with Comcast, I tarpit all the packets from it. If only everybody else would do the same, we could rid ourselves of this abomination and the world would be a better place.
I call Freudian slip!!
Anyway, this assurance is coming from Comcast, so there has to be a catch. Either that, or they are using the same workstations to monitor your web browsing as they use for their customer service, because their customer service workstations are always down :)
They are one of the most greedy companies out there and one of their most famous employees is now is a position to abuse his powers in favor of them (Trump is still legally an employee of Comcast through their subsidiary, NBC, by virtue of him retaining his contract for "The Apprentice")
I wouldn't be surprised that if Comcast starts making more money that Trump's salary doesn't skyrocket when he returns to his show after leaving the White House (The guy is just far too much of an ego-maniac to not take every opportunity to have his face smeared across the airwaves).
No. Trump is not "legally an employee", as he was a contractor when he did the show. But yes, he is still a beneficiary of royalties from Comcast, so he obviously has an interest in maintaining their health (so they can continue to milk the cow that sends him golden eggs, to mash metaphors).
I am wondering if this sort of traffic data will be available from corporations or just from the plebes? I run on Comcast Business service - and IP traffic and metadata could be considered business proprietary.
and what about the backhaul providers? Are they also free to sell data and metadata?
consumer privacy is SUPPOSED to be the jurisdiction of the FTC. Is everyone ignoring that?
I get regular (annual) statements from banks and credit card companies regarding my privacy rights and how to "opt out" of various kinds of 'information sharing'. If existing FTC regs do not ALREADY apply to computers and networks (and especially MICROSOFT GOOGLE FACEBOOK and ISPs), then they SHOULD.
The FCC overreached quite a bit under Obaka. THIS recently passed legislation is just putting the FCC back in its place.
Yes, it could be argued that the FCC over-reached here, and this legislation is just pruning back those policies. Except, that while neutering the FCC, the legislation very carefully did not move the ISPs back under FTC regulation.
So the ISPs are still under FCC regulation, but congress has acted to make sure that the FCC cannot pass any privacy protecting regulations. Ergo, not privacy protection for the ISPs' customers victims.
No, no it would not. Logging DNS traffic is trivial, at best, to grab from users' streams. I am doing it right now for 250,000 people (My employer). I'm just using some old servers to do it while an ISP will have access to much larger and more efficient systems (If they aren't already doing it).
I'm just picking up all port 53 traffic going in and out of the network, and correlating it with the http and https traffic. I have the ability to see what websites everyone is viewing and how much traffic is going back and forth (I can only see domain when it comes to https). For the most part, its a simple matter of matching an http steam's destination IP to the DNS responses the user's system recently received. All of it is done with open-source tools and a little know-how.
ISP would have an incentive to produce much higher quality tools and invest in higher-end equipment since they'd make so much off of selling that data. I'm just tracking this data to identify malware activity and web traffic is very much against company policy (The policy violating traffic is really only because HR is requiring me to do so, personally, I couldn't care less about it).
* Has decided to head off a torrent of defections.
* But of course the wording here is key : No individual profiles will be sold - 'for now'... But aggregated profiles will of course be sold repeatedly. Plus individual profiles may still be 'given away' if the right incentives are offered.
* The number of ways America f*cks over its own people is incredible... I used to live there but I left this BS. Its just wound 99 of a 10,000. You have to live there to see how corporations extract every once of blood from consumers. Phone / Laptop confiscation at borders should be a clue!
* I don't believe a revolution is coming.... But it needs to! Every corporation has become lawless. Every day starts with which a new corp f*cking you over... This isn't isolated... This is not going to stop! US politricks is cancer!
* Has decided to head off a torrent of defections.
* But of course the wording here is key : No individual profiles will be sold - 'for now'... But aggregated profiles will of course be sold repeatedly. Plus individual profiles may still be 'given away' if the right incentives are offered.
* The number of ways America f*cks over its own people is incredible... I used to live there but I left this BS. Its just wound 99 of a 10,000. You have to live there to see how corporations extract every once of blood from consumers. Phone / Laptop confiscation at borders should be a clue!
* I don't believe a revolution is coming.... But it needs to! Every corporation has become lawless. Every day starts with which a new corp f*cking you over... This isn't isolated... This is not going to stop! US politricks is cancer.