Become a Patron of Ask Leo! and go ad-free!
Transcript
FCCs, ISPs, VPNs? Oh my!
Hi, everyone! Leo Notenboom here for AskLeo.com. Earlier this week, Congress voted to roll back some FCC privacy protections that basically would have prevented our ISPs from selling or sharing the information that they gather as a part of providing our internet services.
Most people are thinking of this or referring to this as your browsing history, but in reality itâs pretty much anything that your ISP can see while youâre using your internet connection, which is actually a lot more than browsing history, although browsing history is perhaps the easiest to at least get a handle, on and perhaps, in some cases, maybe even be embarrassed by.
So, this all sounds pretty bad, right? Well, it does and there are definitely privacy issues at play here, but one thing I want to be very clear about is that in a practical sense, today, this actually changes nothing. The rules that are being rolled back, hadnât yet been put in place. What this means at a very practical level is that your ISP actually always could sell or share your data to whatever purpose they might have in mind.
Itâs not something that they now are suddenly allowed to do. Itâs something that theyâve been able to do, and in fact, have been caught doing from time to time in the past. The change, the only change is that the rule that would have prevented this is now not going to be put in place, assuming of course, that President Trump signs this, which every indication is that he will if he hasnât already by the time you see this.
So, thereâs lots of sensational headlines extolling the virtues of privacy and VPNs, which Iâll talk about in a minute. The real issue, the reason that I want to talk about this today is really the question that we should be asking ourselves is should we be concerned? Is there something going on here that really puts our privacy at that much more risk than it was already?
The short answer is, of course, both âyesâ and ânoâ. Like I said, nothingâs really changed today versus last week. The privacy that you had a week ago, two weeks ago, is exactly the same as the privacy you have today. That being, not much. Thereâs a lot of opportunity for your ISP, which Iâve for a long time said, can see everything you do. Thereâs a lot of opportunity for them to gather and collect data about what it is you and I do on the internet, and no doubt, they do.
It is an issue in the sense that by rolling back these rules, Congress has given the ISPs kind of sort of a green light to keep doing it and probably do more of it and I think that rightfully has a lot of people concerned. Privacy is no small issue and this is sending, in my opinion, the wrong message about whatâs important.
Itâs not the ISPâs ability to sell or profit from the data that they collect about us; it really does boil down to our right, if you will (I donât know if itâs a real ârightâ) but our expectation at least of privacy when we use the internet and the connectivity that it all provides.
So, am I concerned? Well, not really. Certainly not in the short-term. I stick by what I keep saying over and over again: you and I as individuals, weâre just not that interesting, but there are some issues coming up, I think, like I said, that sends a green light for to allow the ISPs to do more aggressive data collection and potentially do more things with it once they have it.
One thing I do want to clear up is that your information canât be bought. By that I mean, I canât go out and say, âI want to go and buy Leoâs browsing history.â Thatâs not how this works and unfortunately, there have been some moves afoot in reaction to this latest vote that have people actually collecting money to go out and buy Congress peopleâs browsing histories or whatever other information their ISPs might make available.
Like I said, it doesnât work that way. The way it really works, the way that I understand that it works; itâs more of an aggregate data collection that advertisers and others are purchasing. For example, an ISP might say, âOf my million customers, 100,000 of them went to askleo.com in this period of time.â Thatâs it. They might be able to slice it and dice it in ways that are interesting to say that, âOk, of those 100,000 that went to askleo.com, 50,000 were in Washington state; 20,000 were in Californiaâ â that kind of thing but they donât make available data down to the individual level and to the degree that they might, they actually do attempt to anonymize the data.
So, for example, the data they might have says that well, we can target computers that have visited askleo.com so that you can place ads on Ask Leo! visitors specifically. Again, thatâs not knowing who you are or even associating any of that data with it to you by name, but it is allowing a certain amount of insight and visibility into where a large number of internet users might be going, what they might be doing and what they might be buying.
As I said, with this green light being given by Congress, does it mean that they could do more? Absolutely. They can see everything you do and it certainly is possible that they could take things down to a much finer granularity. I just donât believe that they do. As individuals, I remain convinced that we are really, really uninteresting, at least to marketers.
Now, I will say that certainly the information is there and has always been there for people like law enforcement to come in with the appropriate justification and paperwork and so forth (court orders) to allow them to look at that data in a more granular fashion, but thatâ not what weâre talking about here; itâs not really what this latest change is all about.
This is all about rolling about privacy protections that really boil down to the data thatâs being exposed en masse about our activities from a marketing perspective more than anything else.
So Iâve talked about ISPs and Iâve talked about the FCC, where did VPN come in? Well, if youâve paid any attention to the tech news of the last week, itâs all been centered around VPNs. VPNs are going to save us from this invasion of privacy. What I really want to do here is basically say, âHold your horses just a minute.â
VPNs are interesting technology; I have one; I use one occasionally, but I think this mad rush to see VPNs as a panacea, as a way to really hide ourselves from our ISPs actually runs the risk of making things worse ,unless weâre very, very careful along the way.
Now to be clear, if you travel, as I do, a VPN is a great solution for keeping yourself safe in open Wi-Fi situations. Iâve talked about that in prior articles. The bottom line is that you want to make sure that everything youâre transmitting into the open Wi-Fi that could be sniffed by someone else is encrypted, and by definition, a VPN does exactly that. It encrypts all of your data regardless of what it might be in such a way that anybody sitting in the coffee house that might be monitoring the open Wi-Fi, canât understand, canât see what youâre doing; they canât sniff your data.
Thatâs not what weâre talking about this week, actually. Itâs good; itâs useful but it solves a completely different problem. The issue here is that weâre concerned that our ISPs are monitoring what we are doing and the same technology of a VPN that prevents hackers from being able to see whatâs going by in the open Wi-Fi scenario actually can prevent ISPs from seeing what weâre doing as well.
All your ISP would see if youâre using a VPN is that youâre using a VPN. In fact, they might be able to see which VPN youâre using but thatâ about it. They canât see which websites youâre visiting; they canât see what files youâre downloading; they canât see what video or audio youâre streaming. All they see is data going to and from this VPN service.
Hereâs the catch: All youâve really done is replaced one point of concern with another. If you donât trust your ISP, your electing to trust your VPN provider to the exact same degree, if not more so because very often, your VPN will be from or located in a different country, subject to completely different regulations that may or may not protect you as much or at all as someone who is local to your area.
The other thing thatâs going on here and this has to do a lot with the promotion of VPNs that weâve been seeing literally in the last few days, weâre seeing VPNs mentioned in article, after article, after article. There are a lot of shady VPNs out there; there are a lot of VPNs that basically get thrown together; they provide some level of service; they may or may not have any privacy policy at all; they may or may not have state agencies in whatever country theyâre located in, monitoring what theyâre doing and in turn what youâre doing.
So just getting a VPN isnât necessarily as solution and getting one without really doing some due diligence can really cause you some problem. VPN providers are coming out of the woodwork and now there are VPN comparison sites so you can figure out which one to choose. You would think that would be a good thing. A VPN comparison site would be a great way to compare features and functionality and pricing and all those other kinds of things that we might care about for VPNs.
Hereâs the problem: VPN providers often incentivize marketing for their product, and they do that by what are called affiliate links. In other words, if you read about a VPN on a site like this one, like mine (Iâll talk about my specific situation here in a second) if you read about a VPN here at Ask Leo! and I provide you a link to that VPNâs service and you then sign up for that VPN, Iâll get a cut. Iâll get a small piece of the price.
What that means is there is an incentive for me to promote that VPN over all of the others regardless of how good any of them might be. The issue then is how do you know what VPN reviews to trust much less what VPNs to trust? The answer is itâs really, really hard; Iâm not going to make a recommendation for a specific VPN, because the market is just that confused, that flooded and that misleading.
I do have a couple of pointers to a couple of articles that have reference information from at least one source that I trust, and thatâs the EFF: the Electronic Frontier Foundation. They actually point to a third party that has some comparisons of a collection of VPNs, which is great. Thatâs the closes thing to something that I would trust that Iâve been able to find.
But the bottom line is that to just quickly go out and get a VPN because you think you need it to protect yourself from your ISP, well, you may not need to protect yourself from your ISP; you certainly donât need to protect yourself from your ISP anymore this week than you did last week, and by rushing out and getting the wrong VPN, you may be putting yourself at more risk.
I want to be clear: Privacy is a big deal. I donât want to minimize that, and I do think that the direction that US lawmakers have taken this is the wrong direction. I believe that the privacy rules that they rolled back should not be rolled back. If anything, they should be examined and perhaps strengthened, but thatâs where we are today; thatâs not the world we live in.
So, weâre on our own. Like I said at the beginning of this year, in a lot of ways for Ask Leo! this is the year of privacy. Iâve been focusing a lot on privacy related issues; Iâve been writing privacy related articles and Iâve got a privacy related project that I hope to announce within a few weeks.
The issue here, though, is that itâs important to be aware of, and if anything, this recent brouhaha has at least raised the awareness of whatâs happening with respect to your privacy when you use the internet in the United States and by the way, I did want to make the point that if youâre not in the United States, youâre probably in either of two camps. Youâre either saying, âWow, how could you let things get that badâ or youâre saying, âWelcome to our world. This is what weâve been living in forever.â
So, thereâs a broad spectrum of privacy related issues already even when you step outside of the United States, so all of these privacy related tools and solutions and ways of thought are continued to be very, very important no matter really happens or where. So what can you do? What are my recommendations?
Well, the first is probably the best result of this entire conversation and all of this stuff thatâs happening in the news. Be aware of your privacy. Be alert. Understand what it means to share data. I still claim that by and large, weâre our own worst enemies. I continue to see people over share and share information in places and in ways that in some ways make this whole ISP issue a non-issue. Youâre much safer with respect with your ISP than you are with the information that you are regularly sharing yourself, publicly, for everybody to see.
Second, if youâre in the United States, contact your senators and representatives, and let them know that privacy is an important issue to you, assuming that it is, of course. Iâm not asking you to state an opinion that you donât have but it seems like privacy would be something we all should care about, we all do care about, and the only way I think weâre going to get any long-term solution out of this, at the legislative level is if we all make our opinion known, and let our elected officials understand that theyâre doing things in a way that we donât want them to be done.
They are giving away our privacy in ways that donât benefit the people whom they claim to represent and finally, consider supporting organizations like the EFF, the Electronic Frontier Foundation. These are the people who are boots on the ground, dealing with the legal and other implications of the legislation of the government policies. Theyâre out there helping people who have been wronged; theyâre out theyâre lobbying for things to be set right. They are an organization that I support personally. It doesnât have to be EFF; there are plenty of other organizations or other ways that you can make a difference to help make sure that privacy starts to be retained and perhaps maybe even we get an opportunity to dial the knob back just a little bit from where Congress has just recently taken it.
So, as always, whatâs your take? Iâm interested in your opinion on this issue. Itâs a very controversial one. It is one that has a lot of people upset and concerned. I will say one thing about the comments. First of all, hereâs a link to this article out on Ask Leo!. Itâs where all the comments are; itâs where I read all of the comments; the comments are moderated to keep out the trolls, and they are a place for discussion. Absolutely love contrary opinions as long as they are stated respectfully.
Now the one thing that I have to avoid in this particular case, is Iâm going to be very, very careful about VPN recommendations because I suspect that some of you have experience with specific VPN providers and might like to mention who they are. That being said, Iâm going to keep an eye out, because itâs also an opportunity for spammers to come in and spam their less than reputable VPN providers.
Speaking of which, I promised earlier I would mention which VPN Iâm using. Iâm currently using Tunnel Bear. Now, Tunnel Bear is if you take a look at some of the comparison charts provided by the third party that the EFF links to, theyâre not 100%; theyâre not the best in all categories, but Iâve been using about I think three months. Iâve been very happy with the service. Iâve been very happy with the throughput; Iâve been very happy with how itâs worked with all of my devices including as it turns out, a Chrome book that Iâll be talking about in a couple of days.
In the spirit of full disclosure, I am going to point out that Iâve been using it for three months, and Iâve actually been mentioning it occasionally in a couple of random places. A couple of days ago, I decided, âYou know what? If itâs going to be a thing, Iâd like to find out if they have an affiliate program.â And as it turns out they do, so Iâve signed up for the affiliate program, and yes, what that means is if you find Tunnel Bear through a link that I provide, and you sign up for their service? Iâm going to get a small piece. That doesnât affect your price, thatâs how affiliate links work,
But the important thing here, I think, is that Iâm obviously, thereâs a certain amount of trust I hope you place in me. The process that I just outlined is in fact the process that I use for any product. I use it; I hear about it; I play with it; I figure out if itâs any good; if it meets my needs, then and only then do I find out if they have an affiliate program, because as you know, generating revenue for Ask Leo! is one of the things that needs to happen in order to keep the site available and free for you, so we do that among other things with an affiliate link and full disclosure that theyâre being used.
If you donât want to use an affiliate link, TunnelBear.com â itâs not that hard. But if you are interested in Tunnel Bear, taking a look at it and going through one of my links, I thank you, Iâll get a cut. There are plenty of other VPN providers to choose from. Varying costs, Tunnel Bear happens to be kind of nice just because itâs got a very friendly user interface, but I encourage you to do your own due diligence before you invest in any VPN and to the point of: Do you really, really need one? If not, you may not need to do a thing.
So anyway, leave a comment down below on askleo.com. Hereâs that link again. I will see you again next time. Iâm Leo Notenboom for askleo.com. Take care everyone.
*
Was that video interesting? Helpful even? Well, then I could use your help. Iâve got a Patreon project underway. Youâve got an opportunity to contribute and help support askleo.com to help me do what I do: Help more people, answer more questions, produce more information about technology that hopefully can help you and others use it more effectively and with more confidence. Visit patreon.com to learn more. Among other things, you get rewards depending on the level of your patronage. So check out patreon.com/askleo to learn more and help contribute to askleo.com. Thanks.
Do this
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
I'll see you there!
Leo, start looking into the way âBig Dataâ (about 5,000 pieces of personal information on every US voter) affected the outcome of Brexit and the last US presidential electionâboth campaigns run by a new company headed by Alexander Nix called Cambridge Analyticaâ and I think you may change your mind about âweâre just not that interestingâ to companies who have our individual information to sell. Not a happy story
Here are a few of these sources:
Cambridge Analytica Channel 4
https://www.youtube.com/watch?v=1zVvIjtY31s
Company psychologically tailors ads to voters
https://www.youtube.com/watch?v=hdqox8CsdRs
The Data That Turned the World Upside Down
https://motherboard.vice.com/en_us/article/big-data-cambridge-analytica-brexit-trump
Alexander Nix, CEO Cambridge Analytica â OMR Keynote | OMR17
https://www.youtube.com/watch?v=6bG5ps5KdDo
Trumpâs plan for a comeback includes building a âpsychographicâ profile of every voter
https://www.washingtonpost.com/politics/trumps-plan-for-a-comeback-includes-building-a-psychographic-profile-of-every-voter/2016/10/27/9064a706-9611-11e6-9b7c-57290af48a49_story.html?utm_term=.8e5961f80b8b
another interesting one
The Story of How Our Facebook Likes Shaped the US Presidential Elections
https://www.youtube.com/watch?v=FmZFLJlNED0
But those all indicate how crowds are interesting. Iâm not saying thatâs not a problem â it can be, and Iâm certain we have a long way to go to understand the ramifications and control.
My point is that as an individual person what I do matters to these organizations not one whit. They care about what large numbers of people do. Thatâs why they data is collected and sold or shared.
Not sure Iâm understanding you, LeoâŠthe 5,000 bits of data on each individual adult in the US is not anonymized data. The political campaign accessed individualsâ data to do such things as visit specific homes to use tailored tactics to influence their votes; they use what one article called âdark postsâ on Facebook (that can be seen by certain individuals, but not by others) using individualized data to influence votes, or to motivate (scare in some instances) people to get out to vote. A non-political example was given about a person owning a beach who wants to keep others out. One (honest) tactic would be to put up a sign saying âprivate beach, no trespassingâ; a different sign would warn people they would be eaten by sharks (totally made upâbut works really well!).
If politicians could be trusted to be truthful and full of integrity, this would not be as much of a problem. But I think we all know how many untrue things were made up about candidates. And I think we all are feeling how very deeply divided we are as a nationâdue in large part, it seems, because we are all getting different âfactsâ. Plus, there is the most important general issue of what I see as our inalienable human right to privacy. And there are many other very nefarious ways that individual data could technically be used in the future, if no controls are set in place.
This is veering off your topic of VPNs and purely technical advice so I wonât comment anymore. However, you are in a position to influence a great many people, and that is why I hope you look more into this topic.
thanks, Leo!
Youâve missed a pointâŠyour comment about Facebook only relies on one thing, mandatory participation.
The internet data in whole is made from highly fragmented and somewhat random data points.
Not everyone is on Facebook, nobody has required them to be and for them to make a broader and more detailed profile of their users as well as those that merely graze their data (i.e. read things on FB but arenât members) they still have to gather data from other sources than Facebook. It would be prohibitive to operate as the sole source to gather their own data.
And another thing you forget about everyday, and welcome more often than not, is how stories as well as ads are placed for you by the data given what you prefer (still a patchwork of clicks and returns used, not Jolene Blow).
The truth is that the internet is COMMERCIAL, and equally true that even with the amount of data transferred every second you have a business contract with the ISP and they have to state how your data is used. If you do not like the outcome, you can use another provider perhaps, even in a âone-horse (franchise) town. At this point there are too many ways to send information in the US that it probably bugs those that want to control it. To be blunt, They banned all but the Nazi Party and sent dissenters to death camps etc in the scenario you canât tie to any leader or dictator and not even Der Fuhrer as radio made it nigh impossible to silence opposition. As long as ANY information can come in and go out there is no political vacuum.
And to complete the Off-Topic reply to the Off-Topic reasoning before (which isnât that OT) NO, the information flows freely, real and not real, unimpeded, which neither solves anything anybody wanted nor makes anyone any more popular. so nobody âwinsâ.
Maybe âdemocracyâ. But back to the 1s and zeros. The only free platform is one that you own completely and control the content on. Talking to yourself is what itâs called.
In your example, were the signs aimed at specific individuals or at a group (whomever would want to use the beach)?
âIf politicians could be trusted to be truthful and full of integrityâ â when has this ever been the case?
âour inalienable human right to privacy.â Where did you get this? The Declaration of Independence shows only âlife, liberty, and the pursuit of happinessâ as being inalienable. The basic Constitution and original Bill of Rights do not include a right to privacy.
Even today there are some communities where the concept of privacy is alien â and I donât mean suppressed countries. Privacy is something one person/group imposes on others. Actually, the only difference between ad firms prying into your personal life and a nosey neighbor/coworker is their motive. I hear all sorts of clamor about people wanting to keep certain groups from obtaining their information, but nothing about any movement to stop nosey people from doing the same thing. Strange. Again it seems to boil down to whoâs doing it. Keep it up and the only ones with access to our personal information will be malware writers/distributers, terrorists, foreign governments, and other nefarious groups.
This is interesting, and my group will look at the links and analyze. However, there is a new awareness dawning, and as stated above, most of the mainstream media, political parties, and fortune 500 companies have their own agenda and must not be trusted. There is a way around the slants and lies. Americans need to learn how to obtain original source data (and be willing to make the effort) instead of blindly following some talking head on the television or a Facebook personality with 3 million likes.
Like him or not (and I never did) Glenn Beck preached going to original source information instead of trusting a media that has lost all sense of journalistic integrity. A good example is Donna Rice, former National Security Advisor. While in office, she made several false assertions about the underlying cause for the attack on the U.S. Consulate in Benghazi â saying it was caused by a YouTube video produced by a lone individual in Los Angeles. The media blindly backed her claim, but it was absolutely false. Subsequent FOIA requests, and reviews of U.S. government message traffic revealed not only that it was a coordinated Al Qaeda attack, but that she knew it was the night of the attack. However, I still know people who adamantly believe the YouTube fable.
We must teach people how to obtain Original Source Information and stop allowing these Corporate Monoliths to shape our thoughts and opinions. They are dividing all of us but our interests are pretty much the same. How could that be? All the information of mankind is at our fingertips today. We must learn to use itâŠ
I find the example of Benghazi not such a good example of something you could confirm. It might be a bit difficult to confirm, as youâd have to go to classified documents to either confirm or deny it. That wasnât possible till much later when the documents were declassified.
I said I wasnât going to add anything more, but just discovered that I left out the most important article (and the most readable one although every long)âŠam including a couple of quotes: (the âmicro-targeting of individuals is the key, as far as Iâm concerned.) Iâm done posting now :)
How the Trump Campaign Built an Identity Database and Used Facebook Ads to Win the Election
https://medium.com/startup-grind/how-the-trump-campaign-built-an-identity-database-and-used-facebook-ads-to-win-the-election-4ff7d24269ac
[Trump campaign] built thousands of different web sources that were âmicro-targeted at different segments of voters.â
âTrumpâs risky bet on micro-targeted Facebook ads to discourage African Americans and young women from voting was handsomely rewarded with a presidential campaign victory. âŠ
âTrumpâs revolutionary database, named Project Alamo, contains the identities of 220 MILLION PEOPLE in the United States, and approximately 4,000 to 5,000 INDIVIDUAL DATA POINTS ABOUT THE ONLINE AND OFFLINE LIFE OF EACH PERSON. Funded entirely by the Trump campaign, this database is owned by Trump and continues to exist.
âTrumpâs Project Alamo database was also fed vast quantities of external data, including voter registration records, gun ownership records, credit card purchase histories, and internet account identities. The Trump campaign purchased this data from certified Facebook marketing partners Experian PLC, Datalogix, Epsilon, and Acxiom Corporation. (Read here for instructions on how to remove your information from the databases of these consumer data brokers.)
âAnother critical supplier of data for the Trump campaign and Project Alamo was Cambridge Analytica, LLC, a data-science firm known for its psychological profiles of voters. âŠ
with the new info that⊠they are now using browsing history to adjust or cretic credit scores.. maybe this should be a time for a revisit of this topic??
Do you have a citation for that claim? Iâd love to read it.
Not happy with them seeing my browsing history or where Iâm posting things at!
Strangely enough Bank of America blocks access via a VPN. On the other hands SSL is more effective than a VPN anyway.
It depends on what it is youâre attempting to be effective at. :-) Using SSL your ISP can still see that youâre visiting your bank.
I live in Europe and have used a VPN for years to get access to content not available in this country. That said, Iâve been harping for a long time on the dangers of a VPN. They have access to everything your ISP would have had access to, and I tend to believe many if not most are more unscrupulous than your ISP. I trust many ISPs more than any VPN. The privacy laws are very strict here, to the point where itâs illegal for a newspaper to mention a suspected criminalâs name (IMO a good thing). When I travel back to the US, my home computer can be my VPN. I can access my computer in Germany via TeamViewer. I havenât used it for that, because I havenât needed to, but if the need presents itself, itâs available.
âIâve been harping for a long time on the dangers of a VPN. They have access to everything your ISP would have had access to, and I tend to believe many if not most are more unscrupulous than your ISP.â â I completely agree. While VPNs certainly have their uses â such as circumventing geo-blocks â they really donât do anything to improve security or privacy. In fact, using a VPN may very well be less secure and private than connecting directly to your ISP.
Leo, thank you for your information. Would my security be improved if I created a separate email address exclusively for accessing bank accounts, IRA and stock trading site accounts, etc. or are unique passwords sufficient? I would never use this separate email address for browsing.
Long unique passwords are your best protection along with second factor authentication if your accounts support that. Separate bank accounts could help a little, to the degree that the email account you use to access your financial accounts wouldnât be circulating.
Email addresses arenât used for browsing to begin with, so this would be unrelated to that.
Having a single account with a strong password is typically enough (as long as you have an appropriate, separate, ârecovery accountâ also in case you ever get locked out). I tend to use a separate email account for âimportantâ things not for security, but to control spam somewhat, and so that I know that anything coming in on that account is ⊠important.
I go to the bank, and since all but one are nice ladies Iâve known for four decades in one case, and itâs nearby, why NOT?
âSocialâ is bugging them in person.
I do 99% of my banking online, as you might imagine. BUT I do periodically show up in person at my local branch just to maintain the contact. Part social (Iâve known these people for years) and part strategic (ya never know when you might need the bank to help w/ something), itâs nice to stop in and say hi. :-)
I like your objective way of approaching this subject. There are way too many scare-mongers taking advantage of society today.
Itâs all about getting people to click on scary headlines, Iâm convinced. See https://askleo.com/how-the-internet-is-breaking-journalism-and-what-it-means-to-you/
They had to send letters to do this before the internet, always telling her that her Social Security would get cut off by some so and sos, unless she sent them money to help fight them.
We, her grandchildren had to explain this to her 30 years ago.
PrivacyâŠsomething that the younger generation does not expect. PrivacyâŠsomething the older generation is so saddened and shocked at losing.
If someone would just hack the ISP records of a few Congressmen trolling p*o*r*n sites, then weâd get our privacy back.
If itâs hack, its unlikely anything would change. What we need is someone to legally gain access to sensitive data like that. Then weâs see the laws change. Iâm not holding my breath.
Leo,
How about an article about how to set up your own VPN? If I could do that
for a few hundred dollars (mostly for a dedicated computer to run the VPN
open source software), that would seem much safer and even cheaper than
paying say $10/month to a commercial VPN whose privacy policies may or
may not protect me.
Honestly, Iâve looked into doing it myself. Itâs amazingly complex, can be expensive, and very easy to get wrong. Honestly, that last item is what worries me the most: thinking youâre protected but because of some oversight, youâre not.
Leo,
Many thanks for the explanation that makes sense. Iâm tired of misleading headlines and you have clarified the issues. I have tried paid VPNâs but the degradation of service is so bad I removed them. Now glad to hear I donât really need an VPN.
I agree with Leo that most info gathered or sold by the ISPâs is mostly a sort of market survey, I guess if they stood in a market or mall with a clip board and asked what sites you visit you would probably tell them, as we all usually search for things we are interested in.
I do feel however that if the government snoop on certain people they have a genuine need to do so in order to keep the public safe, and I for one agree with this, as I have nothing to hide.
Itâs not a matter of having nothing to hide. It is a matter of whether or not you would be willing to have everything about you made public.
âI have nothing to hide.â
To quote Edward Snowden: âArguing that you donât care about the right to privacy because you have nothing to hide is no different than saying you donât care about free speech because you have nothing to say.â
Well said!
Very helpful video.
Thank you Leo.
Great article Leo. Appreciate your valuable time to address this murky issue.
Seconding the last two gentlemen.
I think the most important part of all of this is the AIM of the marketers. They really do want to know the habits of every single person. Sure, maybe itâs an aggregate thatâs collected, but their aim conflicts with my privacy. Their collection of MY data, from what Iâm thinking, to should be forbidden. In a perfect world, nobodyâs data is interesting. In reality, I can see some big money being paid out to reveal the IPs of users of ABC Widget in my town.
The gold (I wanted to type goal, but in a way gold is really what it is. The gold standard of advertising) of advertisers is pure targeted ads; no more shotgun advertising. Thatâs not longer aggregate data. That means they have personal information on you. It may only be accessed via an algorithm, but they still have that info and a different algorithm can be used for less benign purposes.
I somewhat disagree. When we visit a site, all it really sees are our IPs. Targeting then goes to that IP, not actually the individual.
I let my granddaughter use my computer to look for a few items online. Then I started getting ads for those, and related, items. Although it was my IP, it wasnât me. However, the tracking company had no way of knowing that. Also, I got a copyright violation once. It said that someone with my IP [note that it did not say âyouâ.] had downloaded a pirated movie. However, it wasnât me, it was one of the tenants using the Internet service for the house.
As Leo has stated in other articles, they can only see my ISP and possibly track my location to wherever the ISPâs hub is located. [Mine is about 6 miles where I live. Reading Microsoftâs forums, one person was complaining because the location showed 85 miles away, and in a different country.]
You hit the nail on the head. But unfortunately, I donât think the current Congress and President are likely to make any laws to limit data collection and distribution.
âall it really sees are our IPsâ isnât exactly true. If youâve been to that site before it sees the cookies of that prior visit. If youâve been to other sites that use the same advertising network, then the advertising network sees all the sites youâve been to including this one. And if youâve actually LOGGED IN to anything covered in the prior list, then youâve provided specific, personal, identification to the site.
Yes, much âtrackingâ is limited to IP address only, but thatâs not to say thatâs the only level at which tracking can occur.
Tracking IP, cookies, browsing history are trivial matters. The technology exists for someone to search your drives and emails on your machine and send back entire files â if they choose to. And if they do, the âlawâ (now) doesnât consider this as hacking, but normal pursuit of business objectives.
Good morning Leo,
Comment on ânew vid formateâ if I may.
Suggest family pics.and misc memorabilia be removed as only act as a distraction.
Means a lot to you of course but distracts from your message somewhat.
Suggest use blue or green screen and project relevant stuff in the background to
make it a bit more relevant and varied each time. A bit more work but decent film production has never been easy.
Personal opinion.
Johno
Thanks for that nice summary, Leo. One of my concerns is the information that ISPs are not prevent from âsellingâ. This includes sensitive information, specifically social security numbers. While this is, practically speaking, a part of mass effort for marketing purposes, the proliferation of SS numbers into an increased number of databases is just increasing the risk of those SS numbers getting stolen.
The best way to actually see what information your ISP collects and how that is used is by reading their Privacy Statement. Since this is part of the contract between you and them, it is legally binding on them.
My ISPâs Privacy statement tells what they âmayâ collect and what they âmightâ do with it (permission granted, but not necessarily acted upon). It tells specifically what they will not do with that information (unless by legal means, such as a court order).
If you are thinking of using a VPN, make sure to read the Privacy Statement as well as user ratings.
You should also read the Privacy Policy of Google, Yahoo, Facebook, and a host of other services you use. See how they compare with your ISP.
You also need to understand where the VPN is located to understand whether or not the privacy policy carries any weight at all with respect to you and your location. (for example, even if legal everywhere, is it even enforceable across borders?)
Something you didnât mention is the rationale behind rescinding the unenforced requirement. Part of it is the usual party politics: if theyâre for it, I against it â if theyâre against it, Iâm for it.
Another aspect, which Iâve read elsewhere, is more complicated.
The restriction only applied to the FCC, which includes ISPs. Companies like Google, Yahoo, Facebook and many VPNs come under the FTC, which did not have the same restrictions. So, yes, the ISPs had a legitimate complaint â they can, but we canât.
From what I understand, the opponents to the restriction (Democrats as well as Republicans) want Congress to enact a law that will apply to both the FCC and FTC. That would be more effective, and provide better privacy protection, than a one-sided regulation.
I agree that repealing the restriction does tend to send the wrong signal to ISPs. Congress would have to stop bickering over minor issues and actually do something constructive for a change â and do it quickly. Voice your desire for a law that would stop everyone (not just one group) from selling your information. Contact your Congressional members (House and Senate), maybe Speaker of the House, and even the President and Vice President. If we donât do our part and take action, we canât expect someone else to do it for us. Protection of individual privacy is up to each individual â not some group.
This is slightly off topic, but as it relates to privacy, Iâm posting it here. A couple of days ago, I got an email from a friend who wanted me to print a boarding pass. I printed it, and 2 days later, I got this popup on my computer. I know, itâs probably benign, but the process which caught that has the capability of sending that information back to Microsoft and possibly sold to a third party. Somehow I find that worrysome.

Is there any value to getting more than one VPN? I have a lifetime subscription to one, and have had three offers for different VPNs hit my inbox this week.
As long as it works, one should be enough. The only exception I can think of is if you use it to access a site with content unavailable in your country and the site gets wise to your VPN and blocks it. And if you get any offers for any VPNs, be very wary as VPN scams are rampant now.
All of the offers (including the original one) have been through StackSocial/Yummy Software/X-Mirage (which took me an annoying amount of time to figure out were all the same, needing the same username and password). Iâve been happy with the one (Hotspot Shield), so I guess I donât need the rest. Thank you.
Aaaaand now a search for âVPN scamsâ shows I might have been the victim of one, since I bought it through StackSocial. So far so good though. By the prices listed, Iâve already gotten my moneyâs worth. One year anniversary is coming up in June, so Iâll see.
You can use only one at a time.
I think that you are not to the point that âwe-users are not of interest to advertising and marketersâ. I contrary I think that THEY have computing power now to collect ALL and slice ALL of our browsing and other histories etc etc. And In my experience if they CAN they WILL !