Probable changes in net neutrality and online privacy

Net Neutrality

After the election last November, I commented that based on the incoming administration’s positions, the following outcomes seemed likely—

  • A new FCC chair would move away from net neutrality. With Ajit Pai, the new FCC Chair, it appears we’re headed towards a ‘tiered’ internet in which big service providers will be given preference.
  • On privacy and data security issues, there seems to be less traction for rules and regulations that would inhibit large media corporations from selling private data. In addition, the government, after the San Bernardino terrorist attack asked Apple to give them a ‘backdoor’ to their devices. A renewed push in that direction seems likely.

While over 90% of consumers report they feel they have no control over their personal information, they still have relative confidence that private companies they do business with, including Internet Service Providers (ISPs), will protect their personal data. This, unfortunately, often hasn’t been the case. In reality, internet transactions are transparent to third parties who regularly collect our information based on a range of incentives—from relatively innocent marketing initiatives to a few criminal players who sell our financial and other personal data for profit.

The new FCC Chairman, Ajit Pai

In January, Donald Trump has named Ajit Pai to chairman of the Federal Communications Commission. When Pai was nominated by then-President Obama in 2012, he was following the long-standing convention of letting the minority party pick two commissioners (which the majority holding no more than three seats). Pai has worked in support of conservative policies throughout the federal government as a corporate attorney, including at the FCC and the Department of Justice—as well within the Private Sector, at Verizon.

Net neutrality

Pai has a record opposition to net neutrality and is against industry benchmarking to promote higher internet speeds. In short, he’s a strong proponent of minimal regulation and fewer consumer privacy restrictions on ISPs. Finally, he’s more open to major cable mergers than the previous Chairman. Bottom line–Pai firmly believes that big internet service providers are going to inhibit what we see or do online. Time will tell.

What does this mean for you? The most probable outcome–major telecommunications companies will soon be able to increase the costs of streaming apps like Netflix and Amazon, while favoring content providers with whom they have prior agreements. The popular Netflix and Amazon streaming services will likely pass on resulting cost increases to consumers.

Next, I’ll lay out the case for increasing your personal online security to limit expanding oversight of your private information.

Online Privacy and a recap of recommended security measures

So far, I discussed the probability of the FCC, now under new leadership, would move away from net neutrality. That means major telecommunications companies like Comcast and Charter will be given the green light to put internet-based entertainment apps like Netflix and Amazon into a more expensive internet service tier.

Bottom line-big cable entertainment packages will maintain a more competitive edge over relatively smaller, independent providers of entertainment. In other words, consumers who have now have cable will be more inclined to stick with their current provider and less incentive to ‘cut their cable.’ While these developments seem likely, there are too many variables at play predict exact outcomes.

What new federal legislation means for online privacy

Similar to the above-described dynamic, Congress has already approved legislation to give your cable provider the same access to your transactional history (including purchases, movie and TV selections) that Google and other ISPs already have. Proponents of this change say that this levels the playing field so that your internet provider also can sell your information to third parties. The result is getting ads that better match our psychographic information. On the other hand, a person needs to take it on faith that their information is only distributed to respectable marketers.

Basic security/privacy recommendations remain the same

Even low profile targets (i.e., most of us) need to take basic protective measures to keep our vital personal information private to reduce vulnerability to identity theft. Though a dedicated, skilled hacker can access that anyone’s personal information—consider implementing the following protective strategies to minimize the threat not only of identity theft but also ransomware attacks.

A synopsis of protective measures recommended in previous Insights posts-
  • First and foremost-regularly backup your data to either an external device or a safe offline location, one not linked to your network. You can experience a complete system meltdown for many reasons. -Failure to backup your data is like playing Russian roulette.
  • Update all your software, beginning with security updates. Automate regular updates to your antivirus software, operating system, and web browsers.
  • Frequently create NEW, hard-to-crack passwords using root words with hard to predict prefixes and suffixes. Adopt encryption and two-factor authentication where possible. Consider hiding your passwords with a tool like LastPass.
  • Educate your users about security. If your employees don’t fully understand the threat of unsolicited email phishing, you could be in deep trouble. Train them carefully on this and all other security threats. Hackers have recently gained access to sensitive government data because employees didn’t understand the risk of clicking an innocent appearing link.

> Never open unsolicited e-mail attachments or attachments from people you DON’T know.

> Never open suspicious looking emails, even from people you DO KNOW. If their subject line seems ‘off,’ or strange, their account may have been hacked.

  • Use Internet ad blocking. When online, employees should avoid ‘malvertisements‘ that target individuals based on their online identifiers and browsing history. These attacks are especially dangerous because they are perpetrated by criminals who often gain an accurate idea of the victim’s ability to pay.
  • Create a separate portal for the internet. Workers needing unrestricted internet access should be provided a separate external portal.
  • Utilize stealth malware detection newer ransomware versions stay in a stealthy dormant state while being scanned by security tools. They come to life only when it’s safe to come out of the ‘sandbox.’ Minerva Labs recently introduced a new tool that tricks ransomware into remaining in a limbo-like endless loop.
  • Scan the content of inbound emails to validate their origin. Unfortunately, few corporations authenticate inbound email based on IP address and server domain. Companies having such protection too often only quarantine questionable emails without deleting them completely.
  • Protect your email servers. Establish scanning protection for all your incoming, outgoing, and stored server mail to add another level of protection to your system’s perimeter defenses.
  • Use full disk encryption on your laptop, especially important if your computer is lost or stolen.
  • Subscribe to a Virtual Private Network (VPN) to reduce your wifi vulnerability. For example, VPN Unlimited costs only about $4.00 a month–an absolute necessity for folks who spend a lot of time in hotels or Starbucks.
  • Double check to make sure an email link matches the URL you’re trying to visit (Just hover over it to confirm).
  • Call your major digital service providers and phone company to make sure they never give anyone access to your account details without your PIN or password. This is necessary because of an increasing number of ‘social engineering’ hacks that exploit human weaknesses in the security process (e.g., overly helpful customer service reps).
  • Make sure your social media accounts are private. Posted social media photos, for example, are a treasure trove for serious hackers who want access to your personal information.
  • Give fake answers to security questions. It’s just way too easy to find information online about your mother’s maiden name, etc.
  • Turn off wi-fi and Bluetooth on your phone when you leave the house to save your battery and help protect your privacy.