Online Privacy and How to Protect It

With the repeal of the 2016 Online Privacy Protection rule, many are concerned that their online privacy may be compromised. To understand more on the FCC rules see our article Who Owns Your Data? – The Repeal of Online Privacy Protection.

The biggest concern with the repeal of the 2016 Online Privacy Protection rule is that Internet Service Providers (ISPs) now have the right to mine customer data for commercial purposes. Due to the nature of their service (transmitting your data), they have access to both where your online activities take place as well as the content of some of those activities.

What You Can Do

Use an ISP that chooses to protect its customers’ privacy

Even though the law allows for data mining, an ISP may adopt policies against it and that favor customer protection. As the market reacts to the repeal, more and more ISPs may implement customer privacy protection policies to attract customers.

Encrypt Your Transactions

Encryption protects the content of your transactions so even though the ISP may see with whom you are transacting, they can’t decipher what is being transmitted. This is actually one of the easiest things you can do. When transacting through a web browser use “https://..” instead of “https://…” We could write an entire article on encryption alone, but in short when using http, text is sent in “clear text” just like what I am typing now. But when you send text over a browser using https, text is “garbled” and unreadable except by the receiving website. You’ll notice that all bank and shopping sites use https. Keep an eye out for it in your day to day browsing and transactions. If there is no “s” (for secure), then what you type is readable to your ISP and others.

Unfortunately encryption is not a viable option for everyday emails. In order for it to work both the sender and the receiver need to know how to speak the same language so they can encrypt and decrypt each other’s messages. It is not practical for general usage, but if you have a handful of correspondents with whom you want to secure your email communications, it can easily be done.

Mask Your Activity

ISPs know who and where you are because they provide you with internet access. They see every place you go whether the transmissions are encrypted or not. They know where you bank, where you shop, where you whatever… They can see it. Masking your activity is less than convenient, but it is possible from a variety of options. What you do is you use your ISP to connect to another internet access point. Your ISP can only track you to the other “provider”. After that they are blind, so they can’t see where you bank, browse, etc…

Private Cloud

Using a Private Cloud is probably the best and most comprehensive solution to encrypting your transactions and masking your activity from your ISP but it is likely the most expensive as well. With a Private Cloud, your computing takes place in a secured offisite virtual environment. You connect and the ISP can only track you as far as Private Cloud service provider. The ISP for the Private Cloud service provider sees your activity, but relates it all to the Private Cloud service provider and not you or your business. Chose a Private Cloud provider carefully and ensure they have clear privacy protection policies.

VPN service

With a VPN service, you securely route your computer or your local network traffic through another company that provides the VPN service. The VPN service provider establishes your “access point” to the internet. Your ISP can only trace you as far as the VPN service provider. A good VPN service provider will securely and anonymously handle your online transactions. There are many companies providing this service nowadays. They are not all equal. Do your homework, or let us help, and choose a reliable and trustworthy service provider with clear privacy protection policies. Unfortunately VPN services will adversely impact your internet speeds and performance. It is best to try it before committing.

Tor Browser

Using a Tor browser is an inexpensive option to mask your internet browsing activities. It is an excellent and free solution that both encrypts and masks your transactions through an implementation of “onion routing,” which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe. It is free and effective, but internet browsing performance is hammered: slow. Additionally it can be kind of quirky. You can end up with your internet access point in Scandinavia rendering your search results both humorous and frustrating.

Understanding the Environment

The repeal of Online Privacy Protection is a complicated rule as it treats the ISP like a utility. Historically utilities are held accountable for providing access and quality for things we take for granted like electricity, water and telephone. We would argue that ISPs should be held to the standards of a utility. But the ISPs argue that why are they beholden to regulations when “providers” like Google and Facebook are not? Both Facebook and Google provide services and both unashamedly sell their customers’ information.

If you are really concerned about online privacy, the repeal of the Online Privacy Protection, though important, plays only a part of what it means to not only secure your data but to maintain your privacy in a digital world.

Dean Lentzcybersecurity, privacy