The Death of Digital Privacy in the US – It’s Official

Ray Walsh

Ray Walsh

March 28, 2017

For US consumers, today’s decision in favor of S.J.Res.34 marks the beginning of a new era of corporate snooping. The prospects are terrifying. The awful decision means that Internet Service Providers (ISPs) are now free to sell consumer data on to third parties. As such, US consumers now live in a country where everything they do online can be sold for profit to anybody who wants it.

ISPs Know Everything

The problem for US consumers is that, if they don’t protect themselves, ISPs know absolutely everything that they do online. Every web visit, every download, every bit of pirated content – it is all easily identifiable to an ISP, which gets to see all of its customers’ web traffic. Rules that had been introduced by the Federal Communications Commission (FCC), meant that the information was to be kept private.

Today, however, the FCC’s ruling was repealed using the Congressional Review Act (CRA). The use of CRA to eliminate the FCC’s ruling means that the FCC can’t reinstate the important privacy regulations at a later date: there is no easy way to backtrack. This is devastating news for US citizens and is an absolute disaster for digital privacy in the US, which keeps going from bad to worse.

Worst of all is that, from today, ISPs can sell consumers’ web browsing histories without consumer consent.

Not Mandatory, but They Will Do It Anyway

In many countries, mandatory data retention of anything from six months to two years is forced on ISPs. In those nations, ISPs must retain data for the government against their will, at a massive cost to themselves (and no real benefit).

In the US, this isn’t the case. ISPs don’t have to retain anything and, until now, citizens were much more fortunate than elsewhere. Now, however, ISPs in the US can sell consumer data to whoever they want, which means that they are bound to start retaining everything.

The Worst Snooper’s Charter of All?

For months and months, I have been warning people that under Trump the US was likely to get a Snooper’s Charter of its own. Sadly, they now have something much, much worse.

Sure, the US hasn’t made it mandatory for ISPs to retain data, like they have to in the UK (under the Snooper’s Charter). However, by giving ISPs free reign to do as they please with consumer data, the US has achieved something far worse. With that in mind, S.J.Res.34. can be seen as a cleverly orchestrated Snooper’s Charter, brought in through the backdoor. A perfectly obfuscated Snooper’s Charter that encourages ISPs to retain and share data indefinitely: with very similar (but more perilous) results as elsewhere.

The fact that ISPs can share data with anybody for a profit makes it inevitable that they will also share it with the government when asked. In the UK, the Snooper’s Charter results in web browsing histories being retained for a year, to be shared with a broad spectrum of government agencies.

In the US, S.J.Res.34. just made it legal for web browsing histories to be kept indefinitely, and to be shared with anyone if they are willing to pay. Mark my words, this legislation seriously trumps the UK’s Snooper’s Charter. The US public just got royally screwed, thanks to the Republican majority in the Senate and the House (by a bill that was strongly supported by the White House and President Trump).

What It Will Mean

In the US, where (unlike in the UK) it is necessary to have medical insurance, this is bound to mean unprecedented levels of corporate snooping. At the moment, lying about being a smoker will make medical and life insurance cheaper. Sure, if a liar contracts lung cancer their insurance will be void.

However, for people who can’t really afford their insurance bills, this may be a calculated risk. After all, the insurance may not cover them for lung related problems (if it is discovered they are a smoker), but it would cover them for loss of hearing, sight problems, or a car accident (where being a smoker would probably go unnoticed).

With ISPs snooping on behalf of insurance firms to line their own pockets, people are far more likely to have their lies uncovered.

Pirates a Likely Target

Copyright pirates are also in serious danger. For years, the entertainment industry has been lobbying governments to ask them to do more about the problem. This new legislation means that ISPs can sell info about pirates to copyright holders. Up to now, it wasn’t lucrative for ISPs to help the entertainment industry. Now, that has all changed, and everyone is going to want a piece of the pie.

Even Netflix – who for a long time was believed to have a different opinion to the rest of the industry – has been showing worrying signs of late. It was thought that the forward-thinking company believed that providing the right content at the right price would naturally stamp out piracy. However, now that Netflix has grown into a large content producer, the company’s priorities have changed.

With that in mind, it seems highly likely that US ISPs will from now on be making business deals with copyright holders. For TV production companies, film production houses, and other content producers (such as Netflix), the opportunity to buy up the IP addresses of every person who has pirated their content is a dream come true. S.J.Res.34,  for the first time, makes it mutually beneficial for ISPs to help stamp out the problem.

The result is bound to be a huge increase in speculative invoicing – the practice of sending out strongly worded letters to pirates asking for sums of up to $250 (with the threat of legal action for those who refuse to pay).

Nor is it just pirates and insurance cheats who need to worry. ISPs can tell where people bank, their political views, and even their sexual orientation as a result of their web history. This data is highly confidential, and shouldn’t be up for sale. Dallas Harris, from consumer advocacy group Public Knowledge, made the following comment:

“The fact that you’re looking at a website can reveal when you’re home, when you’re not home. The level of information that they can figure out is beyond what even most customers expect.”

A Virtual Private Network Is the Only Answer

No matter which way you look at it, the US has just forced its citizens into a corner where a Virtual Private Network (VPN) is the only solution. A VPN service encrypts all subscriber web traffic so that ISPs can’t see what subscribers are doing. In many countries, a VPN is recommended to stop ISPs from unnecessarily snooping on innocent citizens for the government.

Often people say “but I have nothing to hide” (and when it is only the government that gets to see the data for ‘national security’ reasons this opinion holds more weight). Now, however, consumer data has just been given the green light for a corporate free for all.

The invasive nature of this legislation is incredibly far reaching and is incomparable to that of anywhere else – because it is far the worse. The answer? Get a VPN as soon as you can! In fact, if you care about your fellow citizens, feel free to go and stand on the corner shouting about the end time while handing out leaflets about VPN services. I kid you not, it really is that bad.

Opinions are the writer’s own.

Title image credit: enzozo/

Image credit: garagestock/

Image credit: Orhan Cam/

Image credit: Diabluses/

Image credit: Alexander Yakimov/

Your Information will never be shared with any third party.
Enter your email address to receive your Beginner's Guide to Online Security for Free
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the ebook:
Your Information will never be shared with any third party.
Enter your email address to receive your Ultimate Online Privacy Guide eBook!
You'll also receive great privacy news and exclusive software deals!
Enter your email to get the eBook:
Special VPN Deal
Exclusive Offer
Get a Special Deal - 72% OFF!
With a biannual subscription
Exclusive Offer for Visitors!
50% Off Annual Plan
Limited Time Only
Exclusive price of
Exclusive Offer
Get NordVPN for only
Exclusive Offer
Get NordVPN for only