Some big Internet service providers (ISPs) want consumers to pay for privacy. Earlier this month, both Comcast and the CTIA-The Wireless Association (formerly known as the Cellular Communications Industry Association) submitted comments about the broadband privacy rules proposed by the U.S. Federal Communications Commission (FCC) in April.
"Finally, we briefly noted that allowing consumers a variety of options regarding whether to receive a discount on broadband service in exchange for personalized advertising should be preserved. Hybrid payment models have been in commerce for centuries, including advertising supported magazines, grocery store loyalty programs, and app-based discount programs for retail establishments. Many internet companies rely on use of consumer data as their sole source of income, like search engines and social networks. Such offerings can lead to significant cost savings for all consumers, enable more valuable services for consumers, and mirror much of the economic activity that consumers expect. On this point, we provided a copy of a recent report by the Information Technology & Innovation Foundation, titled “Why Broadband Discounts for Data are Pro-Consumer,” which is attached to this filing."
Let's unpack this. It says that ISPs should be able to charge their customers for privacy, since many ISPs rely upon using (and reselling) their customers' information to make money. This would be an opt-out for customers, since the default is customers' information is used and resold. There are several problems with this approach:
- The pay-for-privacy business model is camouflaged in a seemingly harmless term: "hybrid payment models"
- The CTIA's argument falsely assumes ISPs are equivalent to search engines or social networking sites. They aren't. When a consumer uses the Internet, he/she has a choice of which search engine or social networking site to use; or none. Not so with ISPs. A consumer must use the Internet to do anything. Plus, there is a lack of ISP competition in key markets, which provides consumers with fewer choices. Is the industry suggesting more competition? Doubtful. In fact, the industry lobbied for and obtained local laws in about 20 states that deny residents the rights and benefits from competition by community-run ISPs; laws which a federal court recently (and mistakenly) upheld. And, proposed legislation to encourage ISP competition to gain lower prices and more choices for consumers has been blocked by the industry, by politicians, by attorneys general in some states.
- The CTIA's position is harmful. It essentially says this: the default is no privacy. Customers get privacy only when they pay for it. Huh? I find this at odds with traditional property rights laws. Information about consumers is owned by consumers until and unless they share it.
- Most customers already pay a monthly fee for Internet access. So, paying for privacy amounts to a price increase... a premium price, for something that should be baked into the service at the start. Plus, consumers in the United States already pay more for broadband and get slower speeds compared to other countries.
- The pay-for-privacy model does not address under- and un-served broadband segments: rural and low-income consumers. One could argue that paying for privacy is a greater burden on low-income consumers, when everyone has property rights and Fourth Amendment rights.
- Consumers need simplicity and clarity. For example, should a service offer a pay-for-privacy, it should mention optional components (e.g., web browsing, scan email contents, scan text message content, etc.) with standardized labels and language. Otherwise, consumers have more difficulty comparing services, and privacy policies that are already too long, complicated and difficult to read become even more so.
The CTIA's position seems to have followed Comcast's position. Portions of August 1, 2016 comments submitted by Comcast to the FCC:
"We also urged that the Commission allow business models offering discounts or other
value to consumers in exchange for allowing ISPs to use their data. As Comcast and others have argued, the FCC has no authority to prohibit or limit these types of programs. Moreover, such a prohibition would harm consumers by, among other things, depriving them of lower-priced offerings... A bargained-for exchange of information for service is a perfectly acceptable and widely used model throughout the U.S. economy, including the Internet ecosystem, and is consistent with decades of legal precedent and policy goals related to consumer protection and privacy.
Finally, we discussed how Comcast has partnered with vendors who have helped to
enhance consumer data privacy, and that the Commission should be clear that any rules it adopts do not prevent ISPs from providing CPNI to a vendor based on implied consent, provided the ISP has an agreement with the vendor requiring it to safeguard the CPNI and to use it solely on behalf of and as directed by the ISP..."
The same problems I listed above also apply to Comcast's comments. This is not theory. MotherBoard reported:
"Telecom giant AT&T already offers such a [pay for privacy] plan, called “Internet Preferences,” which tempts consumers with “best pricing” if they are willing to let the company “use your individual web browsing information, like the search terms you enter and the web pages you visit, to tailor ads and offers to your interests.” Users who opt-out of "Internet Preferences," which DSLReports calls a “deep packet inspection program that tracks your browsing behavior around the internet—down to the second,” face a $30 premium on their monthly bill."
"But $29 isn’t actually the price that AT&T charges per month for privacy. As I discussed back in May last year after I tried to sign up for AT&T’s GigaPower service to find out more about the pricing and the disclosures associated with the plan, the actual costs were closer to $44 or even $62 per month. This time around the price differentials are $44 for gigabit internet and $66 for HD TV and HBO Go plus gigabit internet."
Like anything else, the devil is in the details. $44 and $62 monthly both sound excessive. Apparently, the more services a consumer has, the more privacy costs. Regular readers of this blog already know about CPNI notices from AT&T.
The problems I see with both Comcast's and the wireless industry's pay-for-privacy positions are rooted in a lack of trust and transparency. The ISP industry has a long history of abuses, customer service failures, and a lack of transparency. Both the Gigaom and MotherBoard articles mentioned above highlight problems and failures, plus:
- 13,000 Complaints Submitted By Consumers About Comcast's Usage Based Internet Pricing
- Verizon WIreless Settles With the FCC Regarding 'Supercookies' And Online Tracking
- Attorney General Invites New York State Residents To Check Their Internet Speed
- Report: Researchers Compare High-Speed Internet Services Worldwide. Consumers In The USA Pay More And Get Slower Speeds
- Customers Sue Internet Service Provider For Failing To Provide Promised Broadband Speeds
- Filing Supports Claims That ISPs Already Throttle And Violate Net Neutrality Rules
- 4 Reasons Why Your Internet Access Is Expensive And Slow... And Could Get A Lot Worse
- Several Internet Service Providers Hijack And Replace Consumers' Search Results
- SIMON Says... DON'T SPY!
- ISPs Begin To Spy And Abuse Consumer Privacy
- Under Pressure From Congress, ISP Admits To Secret Snooping In Kansas
Consumers are rightfully wary and skeptical of pay-for-privacy schemes. Plus, consumers have no way to confirm that in a pay-for-privacy scheme their information is not being reused and resold anyway.
A solution based upon transparency that promotes trust would help: regular privacy audits by an independent third-party to ensure that the information of consumers who paid a privacy price premium are getting what they paid for.
To me, the whole thing smells like another excuse for ISPs to increase prices on services that are already too expensive and too slow. What do you think?