back to article Pai, Pai, Mr American spy: FCC supremo rips up privacy protections for broadband punters

New rules due to take effect next week that would have restricted what ISPs can do with your private information have been killed off by the new chair of the US Federal Communications Commission. In a statement put out Friday, Ajit Pai masked the impact of the decision by claiming that there needed to be a "comprehensive and …

  1. Ian Michael Gumby
    Big Brother

    No clean answer...

    There is some truth to the fact that FB and Google can and do collect so much more information about you that its frightening. So to be fair, the ISPs are at a disadvantage when you consider how FB and Google monetize this information.

    HOWEVER... IMHO there should be a law that syncs both FTC and FCC rules and that both require OPT-IN for everyone who wants to capture my data. And they all have to explain how they use the information and who their customers are, for the data.

    But hey! The news stories today are how senior citizens who are on Medicare are fighting with their Republican Congressmen about Obamacare. (Free clue to those outside of the US. If you're on Medicare / Medicaid, you're not on the ACA / Obamacare open markets and Obamacare is hurting you. )

    1. Anonymous Coward
      Anonymous Coward

      Re: No clean answer...

      But Hey! Free clue use google to fact check your off topic remarks.

    2. The Man Who Fell To Earth Silver badge
      FAIL

      Clean Answer

      Follow the money.

    3. quxinot

      Re: No clean answer...

      FWIW:

      Obamacare and Medicare are both forms of insurance.

      When in the history of ever have you known your insurance to NOT be ripping you off?

      Okay, then.

    4. Anonymous Coward
      Anonymous Coward

      Re: No clean answer...

      Explain how the ACA is hurting people on Medicare? I'd love to hear it. I am on Medicare (retired) and have two kids who use the ACA to get insurance for the grand kids. They could not afford $500/month term insurance for Dependants. I hear all this trash on how so called Obama care has hurt people. I dare you to explain how it has hurt you!!!!!!!!!!!

  2. Anonymous Coward
    Anonymous Coward

    He's right in one respect

    There does need to be a "comprehensive and uniform framework to protect Americans' online privacy", and congress should pass it. But good luck getting a pro-business republican congress to pass consumer friendly legislation. Even the democrats didn't do much on that when they were in power, since they are just as sold out to corporate lobbyists even though they give lip service to protecting consumers from big business.

    Wheeler was right that ISPs are in a unique position since they see ALL your traffic, i.e. what sites you visit, what products you look up on Amazon, and so forth, but Google sees even more since they not only see most people's online traffic thanks to Chrome, they also get access to many people's email, phones, and real-time location information.

    Europe is decades ahead of the US in consumer protection, and I don't see that changing unless the democratic party has a "tea party" like revolution to change the soul of the party like the republicans are undergoing. There are signs of that from the anti-Trump movement, just like the Tea Party was born from an anti-Obama / Obamacare movement. We'll have to wait and see if that translates into more Russ Feingold type legislators and fewer Nancy Pelosi types.

    1. Yet Another Anonymous coward Silver badge

      Re: He's right in one respect

      With https everywhere how much do they see anymore?

      1. Paul Crawford Silver badge

        Re: https

        They still see which web sites you visit, even if the page content is hidden. That alone is valuable.

        Also they have been guilty of interfering with email security protocols (and others) before:

        https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks

        https://www.eff.org/testyourisp

        Sort answer - if you are in the USA you damn well need a VPN as much, if not more than, us poor suckers in the UK (assuming you value your privacy).

        1. Yet Another Anonymous coward Silver badge

          Re: https

          But IIRC only the initial dns lookup for the site - not the actual page url, and not any post/get data?

          1. Anonymous Coward
            Anonymous Coward

            Re: https

            No they see the actual HTTPS connection to the server, not just the DNS lookup, and usually they see the actual page.

            Just look in your address bar when you are visiting a site with HTTPS. Sometimes you see a garbled URL, but for instance at El Reg you are browsing HTTPS but the URL of the articles you are reading is clearly visible, so they can learn something about you based on which articles you've chosen to click on, and which you haven't.

            They won't see the actual page content, but if the pages are titled like Reg articles everything you need to know about the subject of the article is included. They won't see what I'm posting, but whether I post with my real name or a fake one they could connect the times I posted (because my HTTPS 'POST' has "post" and "reply" in the URL!) to when comments by 'DougS' or 'amanfrommars1' appear in comment sections, which a crawler could then read. I don't think they actually have the ability to do all that yet, but the possibility certainly exists.

            Now multiply that by the millions of forums people post to, talking politics, asking questions about sensitive medical or financial issues, and you can see how much data the ISP could potentially get, if they had smart enough software.

            1. fleed
              Windows

              Re: https

              Under https the URL in the request is only sent after the SSL connection is made, so the URL you're asking from the server will be encrypted and not available to anyone snooping on the line. At most they'll be able to see which domain you're connecting to through the DNS request. With DNSSEC even this can be hidden.

              Good thing The Register has finally implemented HTTPS for forums!

              1. Anonymous Coward
                Anonymous Coward

                Re: https

                Thanks for the correction on HTTPS, I didn't realize the SSL setup came before the GET.

                Not sure if DNSSEC will help, because the ISP will be providing most people's DNS service. Hopefully DNSSEC doesn't make caching go away...

              2. really_adf

                Re: https

                > At most they'll be able to see which domain you're connecting to through the DNS request. With DNSSEC even this can be hidden.

                You've never been able to hide what you're talking to with SSL/TLS; DNSSEC doesn't help.

                In the past, the IP address and port identify it.

                More recently, Server Name Indication (SNI) means the server name part of the URL is visible.

  3. Crazy Operations Guy

    Improper to compare ISPs to Facebook / Google

    A better comparison would be to compare an ISP to FedEx / UPS / DHL / Postal Service / etc. in that they are paid to move items from one place to another. Even if it is clearly labeled what is in the package, they cannot sell or give that information to a 3rd party without your consent, or at least inform you about it. The entity or sender can use the packages contents how they see fit, but they agreed to that (and there are laws governing that data sharing).

    There is a big different between being an endpoint and being the communication medium. If I send a post-card home during a vacation, I might expect the recipients to suggest other places they've been, but certainly not from the letter carrier (which it is technically illegal for the post worker to look at a letter beyond what they'd need to deliver it).

    I remember a court case from several years ago where someone mentioned drug use on a post card, the postal worker reported it, and the sender was arrested for drug possession. The defendant was then successful in suing the postal service for invasion of privacy.

  4. cantankerous swineherd

    slow death of the internet proceeds.

    off topic, but the picture demonstrates that the repubs and trump administration embrace equal opportunities for all races and creeds, which is nice.

    1. Anonymous Coward
      Anonymous Coward

      Some slave traders were black as well, Kapòs in concentration camps were not 'arians'. When you need someone to do a dirty work you aren't picky usually, you need unfettered loyalty. You can still get rid of him later...

  5. Anonymous Coward
    Anonymous Coward

    In plain English please...

    "and proposes instead a "light touch" regulatory regime."

    This is code for; "if you are a big player you know what to do; give us bribe, I mean "Lobbying gift," monies, and you will have carte blanch to fuck over your customers in any way possible, and forego any other regulations you see fit to pay us to enact or go away! If you are a small player; you will be punished for the slightest misstep, unless you start playing the bribery game. Comprede?!"

    This is nothing more than changing rules that favor consumers to ones that favor big biz players. THAT'S the American Way! Good work, idiots!

    The two party system in the USA is a lie foisted on the people by the players of the United States of Plutocracy. You've been sold already. Start fighting back in little ways; like using Tails and Tor to get things done and obfuscate your traffic. Create "fake deep link messages" and fill up some /var file systems that belong to this enemy. Super long, fake, deep links will be gathered by the web server's logging system. Fill it up! Make scouring the error.log a painful and worthless task. Be creative, and say hello to the admins who will be cleaning up that mess. These are just off the top of my head. So many more hacks can be accomplished with little work and big damage... offer encrypted files of random characters to wikileaks. Load outrageously long deep links into a URL compressor and cause amplified expansion of data to the target host. Basically, become an expert in infrastructure and learn where there is easy meat to kill.

  6. Mark 85

    a) Follow the money. Who owns Pai but we knew that.

    b) He who takes the King's shilling, does the King's bidding. Yep.. check that one on the list.

    Funny thing about politics... during the campaign there was much rhetoric about "keeping us safe" both in the real world and the Internet world. There was much about "draining the swamp", etc. Direction comes from the top.. either the President or Congress and so we once again find out that The Who were right: "Meet the new boss, same as the old boss".

    At least Wheeler at some point started trying... Why, I never did figure out.

  7. PhilipN Silver badge

    Welcome to the '60's ... '70's

    Perhaps complementing another piece seeking New Blood at El Reg this is the second item received last night (where I live) whose by-line referenced a classic song which means nothing to today's yoof**.

    By the way - Thanks! And if you want to update the job advertisement to encompass Old Farts I might well apply.

    ** Hi kids. Steve Stills/Buffalo Springfield was one. Don McLean the other. Go Google them.

  8. Anonymous Coward
    Anonymous Coward

    You reap what you vote

    Or something like that.

  9. Anonymous Coward
    Unhappy

    Nin-U.S. El Reg readers--want to understand the Trump Administration?

    Start with the assumption that everything is for sale. Once you embrace that, it all becomes much less confusing.

    (And if you want to know the value of a large lobbying/politcal donations budget, 're-read the article)

  10. Anonymous Coward
    Anonymous Coward

    VPN please

    This would be an apropos time for the Reg cogniscenti to recommend a VPN !

    1. Charles 9

      Re: VPN please

      Bet your bottom dollar that's what the CIA are working on right now.

      1. frank ly

        Re: VPN please

        I use PIA (Private Internet Access) at US$40 a year. Easy to setup an account and the software for Linux and Windows is easy to install and use.

        They are based in the USA so you can bet that the NSA/CIA/FBI have a direct tap, which is something to bear in mind.

    2. Aristotles slow and dimwitted horse

      Re: VPN please

      AirVPN. I have it configured onto my RT-AC88U router flashed with the Merlin update to secure all outgoing packets from all devices on my home network, and also my mobile when I am out and about. The router is quite powerful also, so it handles the VPN encryption overhead just fine so I don't lose to much bandwidth.

  11. John Smith 19 Gold badge
    Unhappy

    Sweet Pai demonstrates the old French adage of an honest politician

    Or in his case an honest civil servant (which AFAIK he technically is).

    Once they are bought, they stay bought.

    As for "light touch" regulation I think that was a popular phrase with the British Treasury Minister Gordon Brown before 2008.

    Which is why HMG still owns RBS and RBS is still loosing money.

  12. Anonymous Coward
    Anonymous Coward

    Coming soon....

    A Diktat from Penn Avenue making the use of a VPN illegal and subject to prosecution under a charge of 'Wire Fraud' for illegally moving things over state lines.

    The FEDS won't have to prove that you actually did move some Pron or a Movie but the mere fact that you established an unhackable connection that went to another state/country.

    A sign of the times where those in power have no concept of cause and effect.

  13. Anonymous Coward
    Headmaster

    Not so clean...

    Because (perhaps unknown to the writer of this article), "pai pai" is Japanese slang for a woman with large breasts.

    1. Doctor_Wibble
      Trollface

      Re: Not so clean...

      So it was a bit of a boob to use that headline?

  14. John Brown (no body) Silver badge

    Around 100 years ago...

    ...a group of robber barons tried to buy the presidency. Now there's one in the office and his colours are showing. The futures bright. The futures orange.

  15. Frank N. Stein

    "Pai Pai"?? This guy isn't even American. Wonderful. Just great. Was already using VPN. Screw these trolling *********

  16. Mikel

    VPN

    You can configure a VPN enabled router to magically transport your Internet presence to a country that respects privacy. And, just in case, you can pay for the service anonymously in various ways including cash by mail. It's not expensive.

    Google's Android network assistant can now automatically do the same service when you connect to unsecured wifi.

    Take care of yourself out there. It's going to be the Wild West in the US for a while as the open goal of this Administration and Congress is to eliminate any and all regulation whatsoever. It's "The weak are meat the strong do eat." - David Mitchell, Cloud Atlas

    1. Anonymous Coward
      Anonymous Coward

      Re: VPN

      But don't count on VPNs to be bulletproof. If the US doesn't make their use illegal by law (or even just outlaw all unsanctioned encryption full stop), they'll probably sic the CIA on all the foreign ones to keep holes open.

  17. Ian 55

    It's looking more and more like They Live was a documentary

    Where do I get my glasses?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like