Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security The Internet Businesses Communications Electronic Frontier Foundation Government Network Privacy United States Politics

ISPs Claim a Privacy Law Would Weaken Online Security, Increase Pop-Ups (arstechnica.com) 86

An anonymous reader quotes a report from Ars Technica: The country's biggest Internet service providers and advertising industry lobby groups are fighting to stop a proposed California law that would protect the privacy of broadband customers. AT&T, Comcast, Charter, Frontier, Sprint, Verizon, and some broadband lobby groups urged California state senators to vote against the proposed law in a letter Tuesday. The bill would require Internet service providers to obtain customers' permission before they use, share, or sell the customers' Web browsing and application usage histories. California lawmakers could vote on the bill Friday of this week, essentially replicating federal rules that were blocked by the Republican-controlled Congress and President Trump before they could be implemented. The text and status of the California bill, AB 375, are available here.

The letter claims that the bill would "lead to recurring pop-ops to consumers that would be desensitizing and give opportunities to hackers" and "prevent Internet providers from using information they have long relied upon to prevent cybersecurity attacks and improve their service." The Electronic Frontier Foundation picked apart these claims in a post yesterday. The proposed law won't prevent ISPs from taking security measures because the bill "explicitly says that Internet providers can use customer's personal information (including things like IP addresses and traffic records) 'to protect the rights or property of the BIAS [Broadband Internet Access Service] provider, or to protect users of the BIAS and other BIAS providers from fraudulent, abusive, or unlawful use of the service,'" EFF Senior Staff Technologist Jeremy Gillula wrote.

This discussion has been archived. No new comments can be posted.

ISPs Claim a Privacy Law Would Weaken Online Security, Increase Pop-Ups

Comments Filter:
  • by Anonymous Coward

    If web browsers removed the code that implements popups, then it would be far less likely that they show up, regardless of what privacy laws are in place.

    • by LinuxIsGarbage ( 1658307 ) on Thursday September 14, 2017 @07:03PM (#55199639)

      If web browsers removed the code that implements popups, then it would be far less likely that they show up, regardless of what privacy laws are in place.

      Modern Web Browsers have Popup blockers that block standard HTML popups, giving indication that a popup was blocked, with options to create an exception. However they still seem to allow popups created by other means (JavaScript, HTML5, etc). The result seems to be annoying popups still show up, but useful popups from a legacy application are blocked.

      • Modern Web Browsers have Popup blockers that block standard HTML popups, giving indication that a popup was blocked, with options to create an exception.

        That works well. I get popup alerts from my bank, letting me know my session is about to expire, but only because I have specifically enabled those. I never see unexpected popups from other sites.

        However they still seem to allow popups created by other means (JavaScript, HTML5, etc).

        Those are not real popups. They don't appear in a separate window, they have no ability to grab the focus from other tabs, and they are easy to ignore.

        • by radams217 ( 3731033 ) on Thursday September 14, 2017 @08:33PM (#55200033)
          Javascript Popups are not easier to ignore. They are much more invasive when you want to read an article or not have to mute your sound. The websites that do the follow me as a scroll video ads need to die a slow death.
        • by Anonymous Coward

          Those are not real popups. They don't appear in a separate window, they have no ability to grab the focus from other tabs, and they are easy to ignore.

          I work in porn, those are called pop-unders and they make a lot of money to my boss, more than good old popups. They all pop in a new window and they're all annoying.

          I wish browser vendors would just disable new windows unless I ^n it explicitely.

          • by Cederic ( 9623 )

            They all pop in a new window

            Those are not what he's referring to.

            I wish browser vendors would just disable new windows unless I ^n it explicitely.

            That's what popup blockers achieve. Your pop-under windows are blocked by those too.

          • They all pop in a new window and they're all annoying.

            I don't believe you. Can you provide a link to a page that does this?

            I use Chrome. I NEVER see a popup in a new window except for the one site (my bank) where I have explicitly enabled it.

    • Then the ISP will simply redirect.

  • What they meant (Score:5, Insightful)

    by sit1963nz ( 934837 ) on Thursday September 14, 2017 @06:42PM (#55199545)
    " Privacy laws directly attack one of our income streams, our ability to collect, store, and sell your personal information"
    • ...which is why we are uncharacteristically unified.

    • Re:What they meant (Score:5, Insightful)

      by Altrag ( 195300 ) on Thursday September 14, 2017 @09:14PM (#55200169)

      Basically yes, and they're implying that if you remove that income stream, they'll just go ahead and implement something even worse to be a new income stream.

      Of course, that leaves out the little tidbit that if they could actually use all those popups and shit as a revenue stream, they would already be doing it. Its not like ISPs are known to be terribly scrupulous.

    • Remember to marketers you are the product what they sell is you!
    • by syn3rg ( 530741 )
      "That's a nice Internet experience you have there. It'd be a shame if something happened to it..."
  • This is the perfect opportunity for that one AC to come along and say "ISPs can suck my DAMN balls!".

  • Oh my god! (Score:5, Insightful)

    by Opportunist ( 166417 ) on Thursday September 14, 2017 @06:48PM (#55199571)

    I had no idea what saint my ISP is. Just think how many ads and how much spam you'd get if they did NOT sell your personal information to advertisers and spammers.

  • by WillAffleckUW ( 858324 ) on Thursday September 14, 2017 @06:51PM (#55199583) Homepage Journal

    In Canada, the Canadian Constitution mandates Privacy.

    People spend years handling the privacy popups required.

    Oh. Wait. They don't. They just say "No" once and then the ads can't steal their info.

    Hmmm.

  • by PopeRatzo ( 965947 ) on Thursday September 14, 2017 @07:02PM (#55199631) Journal

    Privacy laws will also cause you to become sterile. You can look it up.

  • by llamalad ( 12917 ) on Thursday September 14, 2017 @07:12PM (#55199685)

    As a direct result of your efforts, I just clicked over to the EFF site to sign up to do recurring monthly donations to them.

    I've had a vague intention to do so for a while, but thanks much for pushing me into action.

  • by Anonymous Coward

    Seriously, why are ISPs in the US seems to treat everyone like they are god damn morons?
    This kind of BS wouldn't even make it in the news in other countries, they wouldn't try to do this shit to begin.

    • Re: Why oh why (Score:2, Insightful)

      by Anonymous Coward

      Because you ain't gonna do anything about it you cuck.

  • Popup concern? (Score:5, Interesting)

    by mysidia ( 191772 ) on Thursday September 14, 2017 @07:57PM (#55199909)

    The bill would require Internet service providers to obtain customers' permission before they use, share, or sell the customers' Web browsing ....

    In addition to REQUIRING customers' permission, I suggest they add the following to the law:

    • For the purposes of this act; specific permission MUST be obtained from the customer IN WRITING with the customer's official signature EACH time their history information or private details are to be shared, sold, or used for any purpose not directly essential to providing that customer's broadband service or resolving abuse complaints due to customer's activity. Non-written forms such as a verbal direction or acknowledging a "Click-Through Agreement" may not be used to obtain permission.
    • Customer's permission to share information SHALL NOT be required as a condition to purchase or renew subscription to any broadband, or internet access services.
    • Service providers SHALL NOT interfere with network access or delivery of purchased services in any way order to request or wait for permission.
    • Re:Popup concern? (Score:4, Interesting)

      by RLaager ( 200280 ) on Thursday September 14, 2017 @09:11PM (#55200159)

      At that point, it is effectively a ban on sharing. I assume that is what you want. It is what I want, and I am a manager at a small ISP (not in California). We should just enact an outright ban.

      This sort of thing was not allowed in telephone, as far as I know. I see no reason it should be different for Internet.

      • by Anonymous Coward

        I agree. Internet should be handled like telephone or the post. Unless there is a court order it should be illegal for anyone other than the recipient to interpret anything but the IP header.

      • by mysidia ( 191772 )

        At that point, it is effectively a ban on sharing.

        Exactly, because any required "Consent" is going to be obtained surreptitiously or through coercion, or annoying end users;
        the providers simply cannot be trusted, and sharing/selling for an additional marketing revenue stream should just be banned, EXCEPT possibly if the customer
        voluntarily opts to purchase an additional service completely separate and not bundled with the broadband,
        where sharing may be technically necessary to provide the separate ser

  • by XSportSeeker ( 4641865 ) on Thursday September 14, 2017 @08:49PM (#55200095)

    These fuckers... they really think people are idiots to beliebe in such outlandish claims.
    WE NEED TO COLLECT YOUR DATA AND SELL IT FOR YOUR PRIVACY AND SECURITY

    What's next? We need to double the price or your current plan because that prevents you from wasting it all on booze and drugs?

    • by Xyrus ( 755017 )

      Well, we elected Trump. They figure with a bar that low they can do just about whatever they want.

  • Pop-ups and EULAs (Score:3, Insightful)

    by thereitis ( 2355426 ) on Thursday September 14, 2017 @09:01PM (#55200135) Journal

    This claim is a lie too, and we have no idea how any rational person could read A.B. 375 and think “maybe that will mean more pop-ups.” The best we can come up with is that since A.B. 375 would require Internet providers to get your consent before sharing your data, maybe they think that if they constantly pester people with pop-ups, they’ll succeed in wearing people down until they give their consent. If that’s really what Comcast and Verizon are implying, then lawmakers should understand the claim for what it really is: a threat to hold consumers hostage in the fight for online privacy. As with Lie #1, if big Internet providers have a better explanation, we challenge them to provide it publicly.

    Regarding pop-ups, IMO the whole "click to agree to this legally binding document" idea should be rethought. It's far too easy to embed all sorts of nasty stuff in EULA's and most people can't fully understand the implications even if they do take the time to skim/read through it.

    That would be like programmers saying: hey, read through the source code at this github address and if you click I Agree, then you are declaring you are ok with whatever the code is doing with your system/data, for better or worse. You don't understand it? Ah well, too bad. Hire a programmer to try and figure it out.

    The right to privacy and security should be inalienable rights, impervious to click-wrap agreements.

  • by sandbagger ( 654585 ) on Thursday September 14, 2017 @09:29PM (#55200231)

    Why is this the dilemma presented. We get user privacy at the cost of a parade of pop up windows. Really? Maaaaaybe you could decide to not spam your customers with popup windows.

    This is how bullies talk: don't make me hurt you!

    The sooner ISPs become regulated as utilities, the better.

    • by Anonymous Coward

      ... don't make me hurt you!

      ... It's your fault for disobeying your corporate masters. Why are you spamming yourself? Why are you spamming yourself?

  • People still use those for advertising? I haven't seen one on my own machines in 10+ years.
    • (Hyperbolic of course, one gets through every now and again.. but almost always when the script/other condition that allows it to happen are hosted on the same site)
  • by Anonymous Coward

    We should all assume our internet connections are being monitored by our ISPs because they can't be trusted. This is where VPNs come into play because unlike the monopolies why rely on to get online we do have a choice which service providers take our privacy seriously. I've got a few I'd put some level of trust in, like ThinkPenguin's VPN wifi router produce + VPN service and Private Internet Access. Both have demonstrated a genuine concern. On the other hand most other VPN providers I wouldn't trust as fa

  • by Erik Hensema ( 12898 ) on Friday September 15, 2017 @04:37AM (#55201319) Homepage

    Over here in Europe we've got a crazy law requiring websites to ask visitor consent before placing tracking cookies. Now all websites have popups. You can't refuse the cookies like envisioned by the privacy lobbyists when drafting the bill. You can either accept or leave the site. The law is a useless disaster doing absolutely nothing for privacy. It just annoys everybody.

    Needless to say, lots of people now just use a browser plugin to just accept the cookies blindly.

    Also please note this isn't a browser window popping up of course. It's an overlay over the web page.

    • Needless to say, lots of people now just use a browser plugin to just accept the cookies blindly.

      Why? When I encounter those overlays, I just ignore them. But, if you're concerned about cookies, then most browsers have a "private mode" and many browsers have a self-destructing cookie add-on of some sort. Use them.

Keep up the good work! But please don't ask me to help.

Working...