Newspapers such as the New York Times and Washington Post are today trumpeting with front-page headlines the Federal Communications Commission’s decision to crack down on Internet Service Providers all in the name of online consumer “privacy.” It is good to be in favor of Internet consumer privacy. It is better to do something about it.
We Americans live in a blissful world where we are led to believe that our Internet communications are private and secure. And the FCC is there to ensure that privacy.
Wishfully believing that insecure information is in fact secure and private is a precursor to disaster. The German and Japanese militaries during World War II had tactical communications systems that they believed were secure. Unknown to them, the Allied and American governments could decipher their communications. Did the Allies reveal to the Germans and Japanese that their communications were compromised? Of course not. A cunning adversary does not reveal knowledge of one’s vulnerabilities.
Many Americans wishfully believe that our Internet communications are secure and private. An FCC order does not make the Internet private or secure. At least the German and Japanese governments of the 1930s and 1940s knew exactly who might seek to compromise their communications. We American consumers don’t know who has or is seeking access to our communications and personal information: any number of foreign governments, international crime rings, rogue hackers, or simply otherwise honest businesses seeking to gain a competitive advantage by vacuuming information through the Internet. It is the non-business foreign entities that are our most troubling adversaries.
Almost daily, news articles tell of the woes of Internet communications hacked or computer databases compromised. For example, Wikileaks has dripped out thousands of embarrassing emails including from the Democrat National Committee and Secretary of State Hillary Clinton. These emails were sent and received by individuals who likely assumed their correspondence and online activities were private. They were not.
American consumers do not know who provided Wikileaks with the purloined emails, although speculation focuses on one foreign government. It would be naive to assume that only one hostile entity had access to these emails. It would be even more naive to assume that hostile entities only have access to selected DNC or Clinton-related emails. Hostile entities likely have access to much that transpires on the Internet.
Much like the Allied governments during World War II, entities hostile to America today will not tell us when they have compromised our Internet, communications, emails, and databases. The FCC and other federal agencies can pass rules to protect “consumer privacy,” but hostile entities do not care about abiding by federal regulations.
Occasionally, government and businesses report major Internet breaches. In 2011, the Pentagon revealed that 24,000 electronic files were detected as having been stolen. Pentagon emails were reported breached in 2015. Sony databases were discovered to have been breached in early 2015. The sensitive personnel files of millions of Americans at the federal Office of Personnel Management were discovered to have been breached in June 2015. In September 2016, Yahoo! revealed that 500 million accounts were breached in 2014. These are but a few examples.
Quite likely, many if not most Internet security failures are never detected, much less reported. Our international adversaries are clever enough to breach our Internet security systems and usually cunning enough not to tell us.
Businesses seek Internet information to sell us more products or to sell advertising to those who wish to sell us products and services. These business uses of the Internet are to serve us as customers better. Business interests are only too happy to reveal to us who they are and how much they know about us through advertisements and useful information.
But when international adversaries seek Internet information, it is not to serve our individual consumer interest. Rather it is to undermine our government, to steal business and trade secrets, to collect information for such ulterior purposes as extortion, and more generally to harm the American consumer. Our international adversaries will not tell us who they are, much less how much information they have about us.
The FCC may not have an effective means to combat foreign adversaries that troll the Internet and steal our information with impunity. Instead, the FCC promulgated rules prohibiting Internet service providers–such as AT&T, Comcast, and Verizon–from collecting information about their own customers. Ironically, these are the only entities we consumers are actually willing to pay for Internet services. Under the FCC rules, everyone on the Internet who does not have an ISP relationship is free to collect any information about us. These rules are labeled as protecting consumer privacy. Whether they provide any protection is a different matter.