Last week, the US Senate and Congress voted to repeal privacy laws enacted by the Obama administration. Now, ISPs in the United States will be able to sell customer browsing data. Is this something to get up in arms about? If our browsing history is now up for sale, what can we do about it?
There has been some quite hysterical commentary on this matter. I'm not saying it's a minor change - I think it's a massive blow against privacy - but the suggestion that the data would be sold with our Personally Identifiable Information (PII) attached to it is nuts.
The data being sold (if it is to be sold) will be anonymised and aggregated. By the way - the magical combination of outrage and a celebrity is not how to combat this.
The US Telecommunications Act prohibits the sale or sharing of PII so you won't be able to buy your favourite politician's late night browsing history.
I travel to the US regularly - usually four or five times per year - so I expect some of my data to be swept up with this. For the last year or so, I have abandoned public WiFi unless it's my only option (like now, as I'm sitting in a hotel room across the ditch). And then, I always use a VPN.
Google has been caught out, with their algorithmic marketing tools serving up ads to websites and YouTube channels that are allegedly affiliated with terrorist networks. I'm not sure it's a coincidence that these changed laws have been rushed through just as this story was breaking.
Many industries have been disrupted by Google. But the availability of this data could be used to strike back against the search and advertising giant. With the flaws of algorithmic marketing laid out, a new data set, that gives a rich view into the internet habits of demographic groups could drive a new advertising and marketing channel.
And American ISPs, if they can get their act together, could reap that whirlwind.
If you're traveling to the US and want to hide your browsing habits, you could use a VPN. However, you'll need to choose your VPN provider carefully. The big question to ask them is whether they retain your browsing history.
So, while using a VPN could hide your data from the ISPs logs, you'll need to ensure it's a decent VPN. And, as Ars Technica notes, you need to trust your VPN - while they were made for privacy, VPNs aren't designed for anonymity.
The good news is major US ISPs have agreed to not sell the data, for now, unless customers specifically opt in. I assume that when they decide to start selling the data there will be incentives for customers to make their data available.
Until then, my advice is to use a VPN from a reputable source when travelling in the United States.