This piece originally appeared in The Hill.
President Trump and some of his supporters on Capitol Hill have recently been expressing anxiety over the possibility of politically motivated surveillance and leaks by our intelligence agencies. But ironically, at the very same time they are moving to give our nation’s largest Internet telecommunications companies even more power to share their customers’ data, including with the government, without permission. Indeed, some of the most ardent critics of government surveillance — including Senator Paul, Senator Cruz, and Senator Heller — are among those leading the charge to roll back rules that would prevent such abuses by companies.
While the NSA can listen to Americans’ communications with Russian government officials and the FBI can listen to conversations when they have an order from a judge, our Internet Service Providers (ISPs) can monitor almost everything we do online. Increasingly, that’s a big part of everything we do, period. Yet Trump and his allies appear to want to open the way for much of that information to be sold or even given away to government agencies, political rivals, or anyone else whenever they want — no permission necessary.
For hundreds of years countries around the world have provided special privacy protections for communications, whether that is the mail, telegraphs, or the telephone system. In the United States the reason the phone company can’t listen in to our telephone calls is that we have a law (Section 222 of the Communications Act) that bars them from doing so. Last year, the FCC moved to expand that privacy protection from telephones to the Internet. Yet Trump has nominated as his FCC chair Ajit Pai, a man who has promised to reverse those privacy protections, and 23 senators have co-sponsored a resolution that would apply the Congressional Review Act to them — not only wiping away Americans’ privacy protections, but barring the FCC from drafting any new rules that are “substantially the same.”
When good protections are lacking, abuses do occur. During the 1876 presidential election, for example, at a time the new communications technology of the telegram was not covered by any privacy laws, Western Union secretly disclosed to Republican operatives telegrams between southern Democrats and their northern counterparts during a battle over disputed election results.
In 1987, a local newspaper obtained and published Robert Bork’s video rental records while he was being considered by the Senate for confirmation to the Supreme Court. Though this was a time when video stores were a primary means of accessing pornography, his rental records turned out to contain nothing racy. Still, members of Congress were apparently greatly concerned by this development and hurriedly enacted the Video Privacy Protection Act, a set of protections that are unusually strong within American privacy law. Members of Congress recognized that the absence of privacy protections (which would permit, for example, disclosure of an adult-video rental) would probably be much more threatening to them than to the average American. And while there are many ways that similar privacy invasions by Internet providers could be used to hurt many Americans, the same holds true with regards to Internet usage.
Without the FCC rules that opponents want to undo, AT&T, Comcast, Verizon, and other Internet providers could sell or give away sensitive information about how any of their customers are using the Internet. The data they can collect includes every website visited, the time and amount of Internet usage, and in some cases even locations. Without the rules, the ISPs won’t even have to disclose what it is that they collect.
I’m surprised that President Trump and his supporters are not more concerned by the prospect that some Democrat-supporting CEO of Comcast or Verizon might slip intelligence to some ruthless future Democratic president based on the home Internet usage patterns of an opposing member of Congress. A politician sitting at home can avoid using Google or Yahoo or Facebook if he or she doesn’t trust one of those companies, and can use encryption, but can’t avoid sending data through their Internet service provider and revealing a lot of things to that ISP.
I’m surprised that these politicians are not more concerned that these companies will voluntarily share this information with the very government agencies they’re criticizing today. We know, for example, that AT&T has sold customer data to state and local law enforcement in the past. And if (perhaps I should say, when) new abuses do emerge, passage of the CRA today will block future FCC commissioners from taking obvious steps to correct those abuses in the future.
I’m also surprised that these politicians are not more concerned by the prospect of a data breach. Even if you’re a politician who can rely on these companies as big supporters, that will do you no good if Anonymous or foreign intelligence agencies can hack into those databases and find out what websites you’ve been visiting. Yet Pai, Trump’s nominee as FCC chair, has already moved to halt implementation of the part of the FCC rulemaking that requires ISPs to maintain good cybersecurity practices.
It is true that the rules (despite the ACLU’s recommendation to the contrary) do not limit the information that the ISPs collect — only what they can share without permission. That means some kinds of abuses could take place even with protections in place. But giving permission to broadband providers to collect and share a wide range of data without even notifying customers, let alone getting their permission, makes it far easier for abuses to occur because those abuses may not even violate existing rules.
If President Trump and some of his supporters are worried about the national security agencies, their underlying uneasiness is well justified. We’ve seen old Washington hands warning that our intelligence community has many ways of “getting back at you” if you antagonize them. We know the intelligence agencies have been willing to violate the law on a large scale, as in the NSA domestic spying scandal of the Bush years. We know the intelligence community engages in blatant retaliatory prosecutions and other abuses of its enemies, such as whistleblowers (while typically not even bothering to investigate leakers who make them look good). And we know that their information collection abilities are sweeping.
But it seems strange that so many members of Congress are currently worrying so much about privacy invasions by the NSA and CIA, but are not just unconcerned, but actively enabling the possibility of abuses by big companies whose loyalties can never, in the end, be counted upon for either political party.
All human beings need privacy, and one reason is that we need to be able to say things to some people that other people can’t hear. That is crucial to building relationships and creating intimacy—and it’s crucial to politics. Those who are engaged in the difficult but necessary process of marshalling support from diverse constituencies, brokering agreements, and strategizing opposition within the political process are especially aware of that human need, and especially vulnerable to spying that can shatter it.
Click here to tell the Senate you don't want companies selling your Internet usage data without your permission.