ISPs Tell Congress They Don’t Need Privacy Laws

Earlier today the second of two governmental hearings related to online privacy got underway. This particular hearing focused on deep packet inspection and how Internet service providers want to mine your data. The hearing kicked off with new data from Consumer Reports that said 72 percent of Americans are worried about their actions being tracked online. But apparently 61 percent are confident that what they do online is private and isn’t shared without their permission.

After the hullabaloo about NebuAd, which wanted to use deep packet inspection technology to determine where users surfed and then sell advertising against those surfing habits, I imagine consumers are more aware than ever about threats to their online privacy. But after listening to the hearing I’m not sure we will get meaningful legislation on this topic.

Already, the ISPs testifying before the committee, which included AT&T, Time Warner and Verizon, pushed the idea of self-regulation by the ISPs when it comes to online privacy. If the testimony from the AT&T executive doesn’t scare the heck out of anyone thinking their data isn’t tracked online, you’re clearly not listening. Broadly, all of the ISPs wanted some kind of informed opt-in to permit tracking on their online activity. For more details, plus the ISP’s plans for ensuring consumer privacy without legislation, check out their statements.

Representing the public, or at least the people who don’t make money from online advertising, was Public Knowledge President and Co-Founder Gigi B. Sohn, who warned against the use of deep packet inspection technology. She compared the use of DPI to ISPs reading your mail — an analogy used by FCC Chairman Kevin Martin when he issued the enforcement order last month against Comcast for throttling P2P traffic. Sohn said that:

ISPs are opening these envelopes, reading their contents, and keeping or using varying amounts of information about the communications inside for their own purposes. In some cases, ISPs are actually passing copies of the envelopes on to third parties who do the actual reading and use. In others, ISPs are using the contents to change the normal ways that the Internet works.

Some of the senators were clearly disturbed by the amount of information that could be collected via deep packet inspection and later sold for advertisers. Others wanted a way for consumers to see and control their online profiles. From a consumer perspective, I want to know if Congress will decide that an opt-in strategy will be enough, or if it will attempt meaningful legislation to protect privacy and data collection online. And how far would that legislation go? Would it address the data collected by search engines? Our cell phones? There’s a lot at stake here.