User viewership patterns are highly desired by advertisers to help formulate strategies to improve online sales. The approval of CRA law allows ISPs to sell aggregate data in a similar manner to Google and other similar firms. Many privacy advocates see this as a step backwards.  It will be done without user knowledge or permission. Some potential concerns include: IP addresses, actual names (e.g., FB account name), personal websites, or other identifiable information found in URLs.

House Votes to Kill Privacy Rules Binding ISPs

The United States House of Representatives on Tuesday approved the Congressional Review Act (CRA), undoing privacy restrictions imposed on Internet service providers during the Obama administration. The Senate passed the CRA last week in a 50-48 vote along party lines.

Privacy advocates have fought against the CRA, warning of its dire consequences, but ISPs and businesses support it.  Supporters of the CRA argue that it puts ISPs on a level playing field with Google, which was exempted from the FCC restrictions even though it collects a considerable amount of customer data.

“There’s not a whole lot more money in selling individually identifiable customer Internet traffic records than there is in analyzing and packaging those records in a way that enables effective advertising but is not readily identifiable,” observed Ryan Radia, research fellow at the Competitive Enterprise Institute.  “Advertisers really don’t care who you are,” he told the E-Commerce Times. “They just want to be able to figure out what people like you tend to do, and how to sell things to people who have similar habits to you.”

Consumers should be wary when signing up for a VPN, however, said Paul Bischoff, privacy advocate at Comparitech, which maintains a list of reputable free VPNs.  There are “hundreds of supposedly free VPN apps out there,” Bischoff told the E-Commerce Times, “many of which contain malware, inject ads into Web browsers, and mine user data.”