The FTC just released a report based on data from major players in the mobile Internet market and A Look at What ISPs Know About You: Exploring the privacy practices of six major Internet service providers is revealing. According to the FTC, several Internet service providers collect and share far more personal data than their customers expect, while failing to give customers meaningful choices about how that data can be used.
Under Section 6(b) of the FTC Act, the agency can require companies to submit “reports or written responses to specific questions” about their business practices. In 2019, orders were received by six ISPs, which account for about 98% of the mobile Internet market;
- AT&T Mobility,
- Cellco Partnership (Verizon Wireless),
- Charter Communications Action,
- Comcast Cable Communications (Xfinity),
- T-Mobile US, and
- Google Fiber.
The FTC also issued 6(b) orders to three advertising companies affiliated with those ISPs: AT&T’s Appnexus (now Xandr), Verizon’s Verizon Online, and Oath Americas (now Verizon Media).
You’ll want to read the entire report to learn more about data collection and privacy practices, but here are just a few observations that deserve a closer look:
Many ISPs accumulate large pools of sensitive consumer data. Several ISPs and affiliates collect significant amounts of consumer information on a wide variety of products. Add to that the fact that people use many other services that depend on their Internet access, such as home security and automation, video streaming, content creation, advertising, email, search, wearables and connected cars. The result is the collection of detailed data on individual subscribers. When combined with even more information from third-party data brokers, these ISPs can draw very specific insights and conclusions not only about subscribers, but also about their families and households.
Research shows several ISPs are collecting and using data in ways consumers don’t expect and can harm them. Consumers may expect ISPs to collect some information about the websites they visit as part of their task of providing Internet service, but there is much more. Many providers in the study also collect and combine other highly sensitive data: browsing information, TV viewing history, email and search content, connected device data, location data, and race and ethnicity data, to name just a few categories. That raises the specter of how that information could be used for discriminatory or other harmful purposes.
While many ISPs in the survey purport to offer consumers choice, those choices are often illusory. In the survey, several ISPs claim to offer data collection choices, but how clearly do they explain this to their subscribers? And how much do those ISPs push people to share more data?
Many of the ISPs in the study may be at least as invasive of privacy as the major advertising platforms. Despite the relative size of ISPs in a market dominated by Google, Facebook, and Amazon, the privacy implications of ISPs are growing. Four reasons suggest why. 2) many ISPs can verify the identity of their subscribers; 3) multiple ISPs may track consumers across websites and geographic locations; and 4) a significant number of ISPs may combine subscribers’ browsing and viewing history with a large amount of other information they receive from additional Internet-dependent products, services, and features they offer.
Read on for a look at what ISPs know about you. An examination of the privacy practices of six major Internet service providers for key details.