On the heels of Congress’ recent rollback of the FCC’s privacy rules, some web-goers had a clever idea: why not buy Congress’ web history?
The privacy rules were set to protect against service providers like Comcast and Verizon using customer web-browsing data for marketing purposes. Now that the rules are gone, there’s nothing stopping those providers from using your browsing data for targeted advertising.
To be clear, you can’t do this
The move has enraged web privacy advocates, and a new crop of GoFundMe campaigns (including one campaign launched by Supernatural star Misha Collins) has seized on an unexpected method of revenge: buying politicians’ web histories one by one and publishing them for all to see. One campaign describes it this way:
Thanks to the Senate for passing S.J.Res 34 , now your Internet history can be bought.
I plan on purchasing the Internet histories of all legislators, congressmen, executives, and their families and make them easily searchable at searchinternethistory.com.
Everything from their medical, pornographic, to their financial and infidelity.
Anything they have looked at, searched for, or visited on the Internet will now be available for everyone to comb through.
Help me raise money to buy the histories of those who took away your right to privacy for just thousands of dollars from telephone and ISPs. Your private data will be bought and sold to marketing companies, law enforcement.
Let's turn the tables. Let's buy THEIR history and make it available.
To be clear, you can’t do this. Just because carriers are allowed to market against data doesn’t mean they’re allowed to sell individual web histories. The campaigns seem well-intentioned, but that’s just not how it works.
Got a tip for us? Use SecureDrop or Signal to securely send messages and files to The Verge without revealing your identity.
In fact, what the campaigns describe would be illegal no matter what the FCC does. The Telecommunications Act explicitly prohibits the sharing of “individually identifiable” customer information except under very specific circumstances. It’s much more permissive when it comes to “aggregate” customer information, which is where things get squishier and the FCC rules become more important. We could argue all day about whether a targeted ad is individually identifiable or not, but if you’re paying Verizon to find out which sites Paul Ryan visited last month, that’s pretty clearly individual information, and pretty clearly illegal to sell. If you want to get really clever, the Wiretap Act also makes it illegal to divulge the contents of electronic communications without the parties’ consent, which arguably includes browsing history.
But we don’t even need to get that far, because even if it weren’t illegal, carriers would never offer a service that unmasked all the gross and horrible things their customers do online. Targeted ads can be creepy, but they’re not that creepy, and every major network has robust safeguards in place to prevent you from working back to a single person’s web history.
None of this means that the recent privacy rollback isn’t a problem. It really will encourage more data collection and more aggressive ad targeting by service providers, and leave customers with few ways to escape. Aggregate data can still be invasive, as modern web advertising demonstrates over and over. It’s a fight worth having! But that’s a far cry from buying individual web histories.