Despite backlash from the American people, the U.S. Congress passed and President Donald Trump signed into law a resolution that repeals the Federal Communications Commission (FCC) rules to protect consumers from privacy invasions by their Internet service providers (ISPs).
The rules were passed by the FCC in October of last year and set to go into effect later this year. They would have kept ISPs from selling customers' data and using new ways to track and deliver targeted ads to customers. Additionally, the rules would have required those companies to protect customers' data against hackers.
Tens of thousands of people called on lawmakers to protect those rules, but Republicans in Congress repealed them by narrowly passing a Congressional Review Act resolution.
That measure not only repeals the rules, it also prevents the FCC from writing similar rules in the future, throwing into question how much the FCC can do to police ISPs looking to trade off their customers' privacy for higher profits. Because of the current legal landscape, the FTC can't police ISPs either.
FCC Chairman Ajit Pai praised the repeal in a statement late on Monday for having "appropriately invalidated one part of the Obama-era plan for regulating the internet." Those flawed privacy rules, which never went into effect, were designed to benefit one group of favored companies, not online consumers."
On Friday, Comcast, Verizon AT&T Inc said they would voluntarily not sell customers' individual internet browsing information.
How to Protect Your Privacy
There are technical measures internet users can take to protect our privacy from ISPs.
In 2014, Verizon was caught injecting cookie-like trackers into their users' traffic, allowing websites and third-party ad networks to build profiles without users' consent. Following criticism from US senators and FCC action, Verizon stopped auto-enrolling users and instead made it opt-in. Users now have a choice of whether to participate in this service.
You should check your account settings to see if your ISP allows you to opt-out of any tracking. It is generally found under the privacy, marketing, or ads settings.
If a website or service offers a secure connection (Https), then the ISP is generally not able to see what exactly you're doing on the service. However, the ISP is still able to see that you're connecting to a certain website.
In the wake of the privacy rules repeal, the advice to use a Virtual Private Network (VPN) to protect your privacy has dominated the conversation. However, while VPNs can be useful, they carry their own unique privacy risk. When using a VPN, you're making your Internet traffic pass through the VPN provider's servers before reaching your destination on the Internet. Your ISP will see that you're connecting to a VPN provider, but won't be able to see what you're ultimately connecting to.
In other words, you should be sure you trust your VPN provider to not do the shady things that you don't want your ISP to do.
If you are trying to protect your privacy from your Internet company, Tor Browser perhaps offers the most robust protection. Your ISP will only see that you are connecting to the Tor network, and not your ultimate destination, similar to VPNs.
Keep in mind that with Tor, exit node operators can spy on your ultimate destination in the same way a VPN can, but Tor does attempt to hide your real IP address, which can improve anonymity relative to a VPN.
Users should be aware that some websites may not work in the Tor browser because of the protections built in. Additionally, maintaining privacy on Tor does require users to alter their browsing habits a little.