Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Businesses Privacy The Internet

Comcast Argues 'We've Never Sold Customers' Data' (mediapost.com) 56

An anonymous reader quotes MediaPost: Faced with a new controversy related to online privacy, Comcast said this week that it doesn't draw on information about the sites broadband users visit for advertising or targeting. The company said Thursday that it deletes information every 24 hours about the domain names people navigate to online. "Millions of Comcast customers look up billions of addresses online every day," Chief Privacy Officer Christin McMeley wrote on the company's blog. "We've never used that data for any sort of marketing or advertising -- and we have never sold it to anyone."

The company's statement came one day after the publication Motherboard reported on Comcast's efforts to rally opposition on Capitol Hill to Google's plan to encrypt domain names... "While cloaked as enhancing user privacy, Google's DNS encryption will in fact vastly expand Google's control over and use of customer data, and will result in the complete commercialization of DNS data for Google's own ends," [Comcast's] presentation states. Google has said its plans were mischaracterized by broadband organizations, and that it has no intention of centralizing the web, or changing people's existing DNS providers to Google by default. "Any claim that we are trying to become the centralized encrypted DNS provider is inaccurate," a company spokesperson said last month...

One day after Motherboard posted the material reportedly prepared by Comcast, the cable provider touted its privacy policies in a blog post. "Where you go on the Internet is your business, not ours," McMeley wrote. "As your Internet Service Provider, we do not track the websites you visit or apps you use through your broadband connection. Because we don't track that information, we don't use it to build a profile about you and we have never sold that information to anyone."

Several years ago, Comcast opposed Federal Communications Commission privacy regulations that would have required broadband providers to obtain consumers' opt-in consent before drawing on their web-browsing activity for advertising. The FCC passed those rules in 2016, but the regulations were revoked by Congress the following year.

This discussion has been archived. No new comments can be posted.

Comcast Argues 'We've Never Sold Customers' Data'

Comments Filter:
  • I'll believe that when hell freezes over.
    • It could be revenue from that stupid sitefinder type DNS nxdomain hijack that many ISPs use these days. Obviously it makes enough that they think it is worth maintaining the service that nobody asked for. Not sure if Comcast does that in particular, but I'm 100% certain that Cox, Sprint, and TMobile do.

      • by bagofbeans ( 567926 ) on Monday October 28, 2019 @08:58AM (#59354566)

        We've never used that data for any sort of marketing or advertising -- and we have never sold it to anyone.

        So many holes here. I don't to hear that the data has not been sold. I want to hear that it hasn't been passed on to anybody else. Also, DNS queries could be deleted as soon as fulfilled. Why 24 hour log delay?

    • Hell could freeze over and I still wouldn't believe them.
  • Comcast: Sell you shitty, overpriced Internet service.

    Google: Gather as much data as they possibly can about you and sell it to anyone willing to pay for it.

    Gee, I wonder which one of those business models is a threat to privacy, and which company I'd trust more with my DNS history?

    Then there's the other issue that the whole DoH thing is mostly a red herring, a bunch of Google geeks demonstrating how clever they are. If I do a DoH lookup followed milliseconds later by going to the IP address for Pr0nhub, n

    • by darkain ( 749283 ) on Sunday October 27, 2019 @11:13PM (#59353960) Homepage

      Your example is good, in theory, for the internet 10 years ago. However, today, the vast majority of the internet as we know it is housed in either AWS, Azure, or Google Cloud. Many of these sites are using elastic load balancers using IP addresses provided by the cloud hosting solution. These IP addresses also shift regularly from one customer to another with these respective providers. Taking out DNS visibility means it is indeed significantly more difficult to see what sites you're visiting in today's modern cloud hosting age.

      • by ZoomieDood ( 778915 ) on Monday October 28, 2019 @12:52AM (#59354074)

        If they deleted their customers' records every 24 hours, how did they ever prove that their customers DID go to torrent sites to download copyrighted material on behalf of media companies?

        • They don't do it directly, they simply outsource it to contractors that do their dirty work for them.

          Same deal goes for reselling mailing lists to mass marketers. AT&T, anyone?

      • by WaffleMonster ( 969671 ) on Monday October 28, 2019 @02:41AM (#59354176)

        Your example is good, in theory, for the internet 10 years ago. However, today, the vast majority of the internet as we know it is housed in either AWS, Azure, or Google Cloud.

        This argument works both ways. When majority of Internet users attention is taken up by a small number of large content companies the implication of shared hosting and reverse proxy services carry less weight than it has in the past.

        The trend looks considerably worse to me. Look at what Google is trying to pull off not even bothering to show URLs in Google search results, nerfing URL bar in Chrome, scraping "answers" from websites and schemes like AMP... Their vision of the future seems to be encouraging people never to leave Google even if the user themselves is confused or actively mislead into believing they are somewhere else.

        These IP addresses also shift regularly from one customer to another with these respective providers. Taking out D.N.S visibility means it is indeed significantly more difficult to see what sites you're visiting in today's modern cloud hosting age.

        I'm not so sure of this characterization. Today site name is broadcast in clear over wire in TLS handshake for the ISP and anyone else in the data path to see. D.N.S is inaccurate. Names are cached by home routers and hosts and possibly shared by multiple clients and various prefetch schemes generate phantom hits. Currently all I have to do is inspect the first datagram after TCP session is established whenever a new flow is detected to extract history... it costs me way more to store the data than to gather it.

        Perhaps tomorrow there will be some opportunistic (e.g. insecure) group scheme to hide identity and the cost will go up.

        Either way all of these privacy and security mechanisms are total bullshit next to the breathtaking scope and scale of privacy violations actually being committed by content providers over completely "secure" sessions. Centralizing control over DNS to a company facilitating content as Mozilla is trying to do in the name of "privacy" and "security" is madness.

        Here with Comcast we are talking about theories and assumptions. There is not even real public information that Comcast is even doing shit with DNS but this story keeps coming up again and again.... as some kind of PR campaign to try and switch the narrative away from Mozilla's ridiculous DoH scheme... one so egregious not even fucking ***Google*** is publically contemplating emulating it.

      • Comment removed based on user account deletion
    • Google: Gather as much data as they possibly can about you and sell it to anyone willing to pay for it.

      I think Google would make a lot more money if they kept that information to themselves and used it to sell targeted ads, rather than selling it so that other companies can continue to use it without paying Google each time they show an ad.

    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Monday October 28, 2019 @05:39AM (#59354322)
      Comment removed based on user account deletion
  • Your ISP only has the DNS records of their customers. Google would have everybody's. It's not a solution. We just have to come up with an alternative to DNS [afnic.fr] [I don't care for any of the examples used].

    • ...and on the sliding scale of bad to worse... google monopolizing dns is the worse end by far.

      Google says they don't intend to make it your default DNS server, because they only intend to make it the default DNS when you use their browser, which now enjoys over 50% market share.

      Ask anyone defending Google here if they would be OK with Chrome phoning home reporting every link you click. They would get slammed by slashdotters left and right, obvious and malicious spyware, yes?

      Thats exactly what their p
  • by bussdriver ( 620565 ) on Sunday October 27, 2019 @10:57PM (#59353938)

    WHY freak out over DNS over https if they don't have a use for that data?

    Public meetings crowded with uninterested parties PAID by comcast to undermine the functioning of our government. Real trustworthy people.

    "Customer Data" can mean many things! It can be analysis of that data creating NEW data... profiles of you and that information is both technically customer data and their property. It's derived from your info and technically they are not selling your info but at the same time it's info about you they got from your data so it's also in a way your data too... I'm sure their PR people can doublespeak in a dozen ways.

    • by AmiMoJo ( 196126 )

      Comcast could just run their own DoH servers and ask Google to add them to the whitelist Chrome uses to enable DoH. It's only enabled for a small number of DNS servers that are known to properly support DoH and have a decent privacy policy.

      Ah, but that's what they are afraid of. Their privacy policy will suck or they will get caught violating it, and their own DoH servers blocked as malware with users re-routed to ones that respect their privacy.

  • by johnjones ( 14274 ) on Sunday October 27, 2019 @11:02PM (#59353946) Homepage Journal

    they are far and above one of the better ISP's in terms of implementing technology...

    DNSSEC allows you to VERIFY that your DNS has not been MITM
    with comcast it actually works (so does google, cloudflare et al ) the difference is that comcast are a actual ISP and not just playing at it like google...

    they do lots of other things in terms of business of a ISP that might be judged wrong but focusing on the technology they actually do a good job...

    • focusing on the technology they actually do a good job...

      Imagine how much better they would do if they had to deal with competing service providers.

    • by AmiMoJo ( 196126 )

      You have to make a very convincing argument as to why something should NOT be encrypted, otherwise I'm encrypting it.

  • Customers' Data (Score:4, Insightful)

    by Citizen of Earth ( 569446 ) on Sunday October 27, 2019 @11:12PM (#59353956)
    Comcast Argues 'We've Never Sold Customers' Data They probably don't even possess their Customers' Data. But have they ever sold Customer Data?
    • They've got access to interesting data. Complete data on the user plus the dns history. They've already monetized the user though so pissing off paying customers by selling their data is a bad move.
      • Why - what's going too happen? In most markets they are a monopoly. So none of their cattle... I mean, customers... will escape. And they've already bought plenty of judges. Don't expect DUH LAW to lift a finger against them, no matter how egregious their frauds and abuses.

    • The fact that Comcast was quick to oppose the blocking of user DNS data is extremely suspect. I would be curious to see what Comcast's arguement for opposing the encryption of DNS is, and why this would affect them.
    • They never sold it. But they probably make it available to paying cable TV advertisers.

  • We Didn't Burn Him! --Tubbs, from League of Gentlemen.
  • Bull Crap (Score:5, Interesting)

    by RedLeg ( 22564 ) on Sunday October 27, 2019 @11:48PM (#59353996) Journal

    One day after Motherboard posted the material reportedly prepared by Comcast, the cable provider touted its privacy policies in a blog post. "Where you go on the Internet is your business, not ours," McMeley wrote. "As your Internet Service Provider, we do not track the websites you visit or apps you use through your broadband connection. Because we don't track that information, we don't use it to build a profile about you and we have never sold that information to anyone."

    If that were the case, then Comcast, please explain why you ship wireless cable routers that DO NOT ALLOW the customer to edit or change their DNS servers?

    And while I'm on this rant, WHY do they ship your LOCAL passphrase for your wireless network up to their cloud, where it is stored in PLAIN TEXT, and accessible over the interwebs in the name of "customer service"?

    Browser manufacturers building in DNS lookups over an encrypted channel bypass this DNS lookup, and by extension, browser history data collection.

    FWIW, I have never heard of the government compensating an ISP for collecting this type of data and passing it along, so they are probably accurate when they claim to not be SELLING it.

    The only reason ANYONE does business with Comcast, is because they are a monopoly, and you have no viable choice.

    -Red

    • by fred911 ( 83970 )

      ''Comcast, please explain why you ship wireless cable routers that DO NOT ALLOW the customer to edit or change their DNS servers?''

      I've leased a couple of their routers in the past. Changing the default DNS server wasn't the easiest to find in the admin interface, and I've found them flashing the router effectively resetting my config, but I've never had one of their routers I couldn't change the DNS server. I used to see them turn on their public AP without my permission frequently until I bitched to them

    • And while I'm on this rant, WHY do they ship your LOCAL passphrase for your wireless network up to their cloud, where it is stored in PLAIN TEXT, and accessible over the interwebs in the name of "customer service"?

      Not only do they steal WiFi passwords from rental modems they exfiltrated them from **customer owned equipment**. I've personally witnessed this first hand.

      Browser manufacturers building in DNS lookups over an encrypted channel bypass this DNS lookup, and by extension, browser history data collection.

      Browser manufacturers building in DNS lookups over an encrypted channel bypass this DNS lookup, and by extension, browser history data collection.

      While I have no clue about unchangeable DNS in rented routers it wouldn't surprise me... Regardless the answer is to set a different DNS server on your hosts or save a shit ton of money and buy your own router... not this bullshit Mozilla is trying to get away with.

    • by AmiMoJo ( 196126 )

      If that were the case, then Comcast, please explain why you ship wireless cable routers that DO NOT ALLOW the customer to edit or change their DNS servers?

      And while I'm on this rant, WHY do they ship your LOCAL passphrase for your wireless network up to their cloud, where it is stored in PLAIN TEXT, and accessible over the interwebs in the name of "customer service"?

      To be fair it's probably to reduce customer service issues. If you can't change the DNS settings then they can't get hijacked. Any large ISP wi

  • This is most likey BS. If there wasn't money involved then why would they care? Send them to congress (not to the FCC, because no one at the FCC cares). Bury comcast in the ground.

    • by SeaFox ( 739806 )

      This is most likey BS. If there wasn't money involved then why would they care? Send them to congress (not to the FCC, because no one at the FCC cares). Bury comcast in the ground.

      Yeah, send them to a body made up of people likely in their employ... they'll really get the screws put to them, then!

    • For the same reason they killed net neutrality. They want to be able to monitor and prioritize traffic.
  • by fafalone ( 633739 ) on Monday October 28, 2019 @01:05AM (#59354086)

    "We've never used that data for any sort of marketing or advertising -- and we have never sold it to anyone."

    ...But we 'Shared it' with our 'partners' for a 'handling fee'.

    • Precisely. Sharing data with partners whom pay you is still considered selling information whethers it's directly or indirectly. This is like someone trying to say that a company sharing its IPO information on where it's stocks will go before market close with a partner is not insider trading. At the end of the day.. Comcast profits from consumer data regardless of how.
  • "We're so large we just monitized detailed information on your surfing behaviors in-house so we could cut out the middleman."

  • They just permit access to trusted partners and ask for an administrative fee in return. Thatâ(TM)s not âoesellingâ. Right?
  • Comcast does not have to abide by what some random exec writes on a blog. The real question is: what does the fine print on the ToS, Privacy Policy and/or EULA say about the ability of Comcast to share, sell or otherwise use customer data for internal or external purposes?
    • I just checked. It says:

      "You lose. Fuck you, prole, you have no rights. We win, you lose, no matter what. By clicking 'I agree' you signed over your immortal soul and the soul of your firstborn to Satan, our chairman of the board. You agree to let us snoop every detail of your life, day or night, even and especially when you're taking a shit. Your data will be shared with insurance companies, the Social Credit Score bureaus, your boss, the gestapo, Al Qaeda, North Korea, and at least fifty fully evil corpor

  • Pure lies. We need to have a law where a company knowingly lies to the public gets someone sent to jail.

    https://thenextweb.com/insight... [thenextweb.com]

  • by lorinc ( 2470890 ) on Monday October 28, 2019 @08:42AM (#59354550) Homepage Journal

    - Comcast: Our customers were seduced by the dark side of the web. They ceased to be customers and became social media product. When that happened, the good men who were our customers were destroyed. So what I told you was true, from a certain point of view.
    - Costomer: [incredulously] A certain point of view?
    - Comcast: Dude, you're going to find that many of the truths we cling to depend greatly on our own point of view.

  • Article Summarized:

    Comcast's Chief Privacy Invasion Officer Christin McMeley issues bold, obvious lie. Absolutely no one is fooled.

  • "We never sold your data, we traded it for these strips of paper with pictures of presidents on them."

  • If Comcast has nothing to gain from users web traffic data then why are they making such a big deal about DNS data and web traffic being blocked? The only reason a company would go as far as Comcast does to make sure that an outside source doesnt block traffic, and allows them to gain that information is if said company has something to lose. I've been an engineer for a long time now and there is literally almost no technical requirement that allows an ISP to need to know a customers traffic data so long as
  • We've never used that data for any sort of marketing or advertising -- and we have never sold it to anyone."

    Rented , my friend. We would never sell that data ... it's very valuable.
    -- Comcast

  • If Comcast do not use the data then why would they complain about DNS encryption and other privacy improvements?! Oh the level of stupidity.

  • This is always a special holiday for me because I can spend time with my children. But first you need to have time to finish all your affairs and help the children in college. Now I always recommend them this site https://businessays.net/physic... [businessays.net], which will help them prepare for the exam.

For God's sake, stop researching for a while and begin to think!

Working...