EU spooked by US moves to overhaul ISP privacy

6 Apr 2017

Image: Lisa S./Shutterstock

Less than two weeks after US lawmakers made a stunning call on internet privacy, the EU has been forced into action.

In late March, the US House of Representatives voted to repeal rules that protect user privacy. The move, according to many critics, would enable ISPs to sell customers’ private data without their consent.

This includes data on the sites they visit, the apps they use, their search history, their children, their geolocation, the content of their emails and, potentially, health and financial data.

Those in the US are worried, and many in the EU are, too.

Today (6 April), MEPs decided to take a closer look as concerns are mounting that EU citizens will also see their basic privacy rights undermined.

In a wide-reaching resolution, passed by 306 votes to 240 (with 40 abstentions), MEPs are calling on the European Commission to conduct a proper assessment on the protection for EU citizens, to comply with the EU Charter of Fundamental Rights and new data protection rules.

The move was instigated by concerns surrounding the Privacy Shield, the replacement to the drastically ineffectual Safe Harbour agreement, in terms of user privacy.

However, the recent developments in US corridors of power were added to the vote, with those supporting the bill worried about the rejection of rules to protect the privacy of broadband customers.

It eliminates “rules that would have required internet service providers to get consumers’ explicit consent before selling or sharing web browsing data, and other private information with advertisers and other private companies”.

Image: PHAI_YO/Shutterstock

Image: PHAI_YO/Shutterstock

Claude Moraes, chair of the EU’s civil liberties committee, said that current EU plans (including the Privacy Shield) are positive but “there are clearly deficiencies that remain to be urgently resolved”.

In response to the US House of Representatives’ vote, the Electronic Frontier Foundation (EFF) provided a list of steps that users’ should take to ensure their data remains secure, even allowing for the freedom now enjoyed by ISPs.

Its advice is to: pick an ISP that respects privacy (consult this list), opt out of supercookies and other ISP tracking, respect HTTPS everywhere you browse and get a decent VPN.

“Bear in mind that these measures aren’t a replacement for the privacy rules that were repealed or would protect our privacy completely, but they will certainly help,” said EFF’s Amul Kalia.

Last week, it emerged that adult entertainment site Pornhub and sister site YouPorn are to begin encrypting by default to prevent ISPs from tracking what content users are viewing.

The Telecommunications and Internet Federation (TIF) in Ireland is holding fire with regard to its views on the US move.

It claims that it’s “not aware of any proposal for the EU to undertake anything similar to that envisaged in the US”.

“However, it should be pointed out that all TIF member companies adhere scrupulously to all relevant EU and national legislation regarding data,” said a spokesperson.

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com