Arrow-right Camera
The Spokesman-Review Newspaper
Spokane, Washington  Est. May 19, 1883

Kai Teoh: Our internet privacy is dead. Congress sold us out.

FILE – In this Feb. 25, 2014, photo, a Samsung Galaxy S5 is demonstrated at the Mobile World Congress, the world's largest mobile phone trade show in Barcelona, Spain. (Manu Fernandez / AP)

Internet privacy is dead, long live internet privacy.

After a long, hard-fought battle for better privacy protections that both ordinary Republicans and Democrats wanted (an overwhelming 72 percent), President Donald Trump signed a bill repealing the rules that were to regulate what internet service providers, such as Comcast or Charter, could sell about us.

It’s easy to be cynical and say, “Well, I’ve always assumed that they’re selling my data anyway.” And it’s true: ISPs have been selling our data for a while now. It’s why ads you see online can be oddly prescient sometimes.

But the United States was supposed to be the nation that strove to do things right and make things better – rather than maintaining a detrimental status quo.

And let’s not forget about the time when AT&T’s network charged people extra for privacy.

Even to imply that the repeal is “maintaining a status quo” would be terribly inaccurate. More and more people – a whopping 88 percent of U.S. adults alone – are using the internet, and for increasing amounts of time.

What we read, what we watch, what we search for, where we live, what we care about – that’s a treasure trove of data.

It’s too late to call any of our representatives in Congress to chew them out for selling our data now, and there are no truly effective or efficient ways to protect our privacy moving forward either.

But still there are things we can try.

Virtual private networks

Virtual private networks (VPNs) are most people’s go-to option. They act essentially as a middleman between your activities and your ISP – you funnel everything you do through them and they’ll hide what you do from your provider.

They do, however, often cost money. And you have to trust that they won’t act the same way your ISP does or record your activities.

VPNs don’t always work, either – because some services and websites will block users when they notice they’re connected through a VPN.

Netflix, for example, started blocking people who connected to its service through a VPN, after many people used VPNs to fake their locations and gain access to Netflix content.

On top of all that, VPNs can be complicated to set up.

TOR (The Onion Router)

An oversimplified way of looking at TOR is to pretend it’s a VPN on steroids. Except that, instead of using a single company or network, TOR funnels your encrypted traffic through hundreds if not thousands of different machines across the world.

TOR is extremely secure but also notoriously slow. And it has a rather infamous reputation as the gateway to “The Dark Web.”

ISP data pollution

ISPs can look through customer habits to create a profile, and then can sell or use these profiles to target the customers with advertising. The more accurately we’re profiled, the more valuable we become.

So what if we started browsing webpages that have no relevance to us as at all? What if we started “polluting” the data that ISPs collect about us?

That’s the idea behind a script that generates random, but supposedly believable, web traffic to obfuscate what your actual internet usage may be.

It’s a great but untested idea – and unlikely to be found either decisively effective or otherwise. The reason for skepticism about this method is that computers are really good at figuring out patterns.

There’s a distinct possibility that ISPs would be able to differentiate between your actual browsing habits and the random noise generated by a script.

And unless everyone is generating a great deal of randomized usage, a little pollution might not matter at all.

The future looks complex

If all of this sounds overly complicated or disappointingly ineffective, that’s the reality we’ll be living in for the foreseeable future.

Even though it can be comforting to hear that Comcast, Charter, AT&T and other ISPs have stated they won’t sell our individual browsing habits, they don’t have to sell anything if they already run their own ad networks: They’ll just use their knowledge about our habits themselves.

Comcast, one of the bigger providers around here, runs its own ad network.

But there is some slight hope out there: States including Washington, Minnesota, Illinois and Montana are considering legislation to protect their residents.

In Washington’s Legislature, Senate Bill 5919 and House Bill 2200 were introduced by lawmakers last week. These bills would require ISPs to obtain opt-in approval before using or collecting customer data.

So perhaps we should call our local politicians after all, and make our voices heard again.

Kai Teoh works as a web developer for The Spokesman-Review. He can be reached at kteoh@spokesman.com.