An FTC investigation found that major ISPs monetize private customer data in a variety of ways, all while telling users that their data is not sold …
The Federal Trade Commission published a report saying that while the claim that major ISPs don’t sell customer data is technically true, they do find a variety of ways to use, transfer, and monetize it.
“While several ISPs in our study tell consumers they will not sell their data, they fail to reveal to consumers the myriad of ways that their data can be used, transferred, or monetized outside of selling it, often burying such disclosures in the fine print of their privacy policies,” the report concludes.
The report, which the agency ordered in 2019, looked at six of the largest ISPs — AT&T Mobility, Cellco Partnership (Verizon Wireless), Charter Communications Operating, Comcast (Xfinity), T-Mobile US, and Google Fiber — covering 98% of the mobile internet market. It also covered three affiliated advertising entities: AT&T’s Xander, Verizon Online and Oath Americas (Verizon Media).
Examples included crude-sounding customer segmentation, and sharing location data.
Common collection practices across many of the ISPs included gathering data that wasn’t necessary to provide internet services, as well as using web browsing data to serve up specific advertisements. Targeted ad groupings, for instance, included categories such as “Gospel and Grits,” “Hispanic Harmony,” and “Asian Achievers” […]
Numerous ISPs also shared real-time location data with third parties, allowing third parties to garner sensitive details about an individual’s life, such as if they visit a rehab or where their children go to daycare.
The FTC highlights a couple of particularly problematic aspects. First, ISPs can – by default – see every website you visit, enabling them to build up a detailed profile. Second, some of the profiling they do appears to be illegal. There have, for example, been cases of advertisers targeting housing ads at groups that are predominantly white, which is not just abhorrent but also illegal.
You can protect against snooping by ISPs by using a VPN. When you do this, all your ISP can see is that you accessed a VPN server – it has no way to see which websites you actually visited. Apple’s iCloud Private Relay, built into iOS 15, offers the same benefit.
Photo: Christin Hume/Unsplash