Five Creepy Things Your ISP Could Do if Congress Repeals the FCC’s Privacy Protections

Why are we so worried about Congress repealing the FCC’s privacy rules for ISPs? Because we’ve seen ISPs do some disturbing things in the past to invade their users’ privacy. Here are five examples of creepy practices that could make a resurgence if we don’t stop Congress now.

Call Congress and help keep creepy ISP practices a thing of the past!

5. Selling your data to marketers

Which ISPs did it before? We don’t know—but they’re doing it as you read this!

It’s no secret that many ISPs think they’re sitting on a gold mine of user data that they want to sell to marketers. What some people don’t realize is that some are already doing it. (Unfortunately they’re getting away with this for now because the FCC’s rules haven’t gone into effect yet.)

According to Ad Age, SAP sells a service called Consumer Insights 365, which “ingests regularly updated data representing as many as 300 cellphone events per day for each of the 20 million to 25 million mobile subscribers.” What type of data does Consumer Insights 365 “ingest?” Again, according to Ad Age, “The service also combines data from telcos with other information, telling businesses whether shoppers are checking out competitor prices… It can tell them the age ranges and genders of people who visited a store location between 10 a.m. and noon, and link location and demographic data with shoppers' web browsing history.” And who is selling SAP their customers’ data? Ad Age says “SAP won't disclose the carriers providing this data.”

In other words, mobile broadband providers are too afraid to tell you, their customers, that they’re selling data about your location, demographics, and browsing history. Maybe that’s because it’s an incredibly creepy thing to do, and these ISPs don’t want to get caught red-handed.

And speaking of getting caught red-handed, that brings us to…

4. Hijacking your searches

Which ISPs did it before? Charter, Cogent, DirecPC, Frontier, Wide Open West (to name a few)

Back in 2011, several ISPs were caught red-handed working with a company called Paxfire to hijack  their customers’ search queries to Bing, Yahoo!, and Google. Here’s how it worked.

When you entered a search term in your browser’s search box or URL bar, your ISP directed that query to Paxfire instead of to an actual search engine. Paxfire then checked what you were searching for to see if it matched a list of companies that had paid them for more traffic. If your query matched one of these brands (e.g. you had typed in “apple”, “dell”, or “wsj”, to name a few) then Paxfire would send you directly to that company’s website instead of sending you to a search engine and showing you all the search results (which is what you’d normally expect). The company would then presumably give Paxfire some money, and Paxfire would presumably give your ISP some money.

In other words, ISPs were hijacking their customers’ search queries and redirecting them to a place customers hadn’t asked for, all while pocketing a little cash on the side. Oh, and the ISPs in question hadn’t bothered to tell their customers they’d be sending their search traffic to a third party that might record some of it.

It’s hard to believe we’re still on the subtle end of the creepy spectrum. But things are about to get a whole lot more in-your-face creepy, with…

3. Snooping through your traffic and inserting ads

Which ISPs did it before? AT&T, Charter, CMA

This is the biggest one people are worried about, and with good reason—ISPs have every incentive to snoop through your traffic, record what you’re browsing, and then inject ads into your traffic based on your browsing history.

Plenty of ISPs have done it before—AT&T did it on some of their paid wifi hotspots; Charter did it with its broadband customers; and a smaller ISP called CMA did the same.

We don’t think this one requires much expla