As the media is reporting, the administration has removed privacy protections for American consumers, the idea being that service providers would sell a consumer’s browsing history to those who are interested. Over time, service providers have looked for new and novel (if not ethical) ways to make money, and this has included such annoyances as so-called “supercookies”.
Why, then, would I claim that removing consumer privacy protections will harm not only consumers, but telecommunications companies as well?
In the new world that is coming at us, our laptops, cell phones, and tablets will be a minority of the devices that make use of our home Internet connection. The Internet of Things is coming, and will include garage door openers, security systems, baby monitors, stereos, refrigerators, hot water heaters, washing machines, dishwashers, light bulbs, and lots of other devices. Many of these systems have been shown to have vulnerabilities, and the consumer does not have the expertise to protect these devices. The natural organization to protect the consumer is the telco. They have the know-how and ability to scale to vast quantities of consumers, and they are in the path of many of communications, meaning that they are in a position to block unwanted traffic and malware.
The consumer, on the other hand, has to be willing to allow the service provider to protect them. Why would would consumers do that if they view the service provider as constantly wanting to invade their privacy? Rather it is important the these companies enjoy the confidence of consumers. Degrading that confidence in service providers, therefore, is to degrade security.
Some people say to me that consumers should have some choice to use service providers who afford privacy protections. Unfortunately, such contractual choices have thus far not materialized because of all the small print that such contracts always entail.
What is needed is a common understanding of how consumer information will be used, when it will be exposed, and what is protected. The protections that were in place went a long way in that direction. The latest moves reverse that direction and harm security.
When we got married, we ordered our invitations over the Internet from a company that seemed fairly reputable. Apparently, however, their ordering process was screwed up because we didn’t get the invitations until 6 weeks prior to the wedding. No big deal to some, perhaps, except that almost nobody was going to be local to the wedding location, and many people were going to have to book airline reservations. I asked the credit card company to stop payment to the vendor because of the late delivery.