Day: 28 March 2017

Joint Resolution to Eliminate ISP Privacy Rules Passes in Congress arstechnica.com

Jon Brodkin, Ars Technica:

The US House of Representatives voted Tuesday to eliminate ISP privacy rules, following the Senate vote to take the same action last week. The legislation to kill the rules now heads to President Donald Trump for his signature or veto.

The White House issued a statement today supporting the House’s action, and saying that Trump’s advisors will recommend that he sign the legislation. That would make the death of the Federal Communications Commission’s privacy rules official.

Though this joint resolution does not create nor eliminate any rules already in place, Please see update below. its approval gives a green light for ISPs to track customers’ browsing activity and sell advertising against it without their explicit consent.

The vote was virtually along party lines, with just fifteen Republicans joining the Democrats in voting against the bill. Six Republicans and three Democrats abstained. Because this was passed under the Congressional Review Act, once signed, the FCC will never again be able to create similar rules.

Emmett O’Keefe of the Data and Marketing Association, a lobbying group for advertising companies, reacted to the vote:

If these rules were to be enacted, they would disrupt the framework that has allowed the marketing ecosystem to responsibly use data to develop vital services that consumers now rely upon while also injecting dynamic innovation and growth into the U.S. economy. This framework is backed up by strong industry self-regulation, enforced by DMA and other partners, and continues to protect consumer privacy. Today’s vote keeps that system – and the responsible use of data – in place, and is a signal that the current self-regulatory system works.

What a load of crap. When Verizon and AT&T quietly began tracking mobile users with a non-deletable identifier in 2014, privacy advocates reacted with appropriate outrage. Even after opting out, Verizon continued to track their customers — they simply did not sell ads against users’ history.

After the press began reporting on the use of these “super” cookies, AT&T stopped using them, but Verizon kept going until the FCC fined them $1.35 million.

Julia Angwin, ProPublica:

However, the settlement does not apply to Verizon’s tracking of its customers who visit the 40 percent of websites that use AOL’s ad network. That is because Verizon owns AOL, and therefore it is not considered a third party that requires opt-in.

That means that unless Verizon users opt out, they can still be identified when they use their smartphone or tablet to browse Web pages containing AOL’s tracking code.

The advertising industry cannot self-regulate; it is positively addicted to data collection. They dream of nothing more than creating vast profiles for each of us and targeting them with new advertising products. By visiting practically any website or using any service, we’re assumed to have opted into whatever data collection policy they have in place, and it is becoming increasingly difficult to opt out — even using a VPN is no longer sufficient.

American legislators had the opportunity to restrict that disturbing trend, if only by a little bit. They could have began enforcing the FCC rules drafted last year. Instead, the Republican party elected to put the creepy desires of ISPs over the privacy of their customers.

I wonder if legislators in the porn watching capital of America are aware that their favourite websites probably aren’t secure and, thus, will be part of their advertising profile.

Update: Contrary to what I wrote earlier, the privacy rules were implemented in October though these rules were not considered final. I apologize for my confusion on this. I’ve updated the headline for accuracy.

The Facebook Model of Innovation

The speedy proliferation of Snapchat Story clones across Facebook’s apps is, I think, one of the most fascinating recent case studies of a feature going from invention to ubiquity. Facebook has four of the most popular apps on any ecosystem — as of writing, Instagram, Messenger, and the Facebook app are all in the top ten most popular free apps in the iOS App Store, with Whatsapp just missing the list at number eleven. And, as of today, all four of those apps have a variation of the Snapchat “Stories” feature shoehorned onto their main screens.

It’s news to nobody that Facebook is unapologetically cloning Snapchat. What is noteworthy is how Facebook has updated Microsoft’s infamous “embrace, extend, and extinguish” strategy for the speed at which Silicon Valley now operates.

Consider this: what top-billing user-facing features has Facebook added so far this year to the four aforementioned apps? Aside from Stories, I can think of three: live location sharing and reactions in Messenger, and live broadcasting in Instagram. The Messenger features are lifted directly from iMessage, Slack, and a handful of other messaging apps, while live video in Instagram is pretty much a rebadged version of Facebook Live — itself largely a copy of Periscope, Meerkat, and Ustream.

Facebook’s copying is unsurprising, just as the prior art they’re using as a reference is unsurprising — the most distinctive features in the copied apps are arguably natural extensions of each app’s environment. But, with one-sixth of the world’s population using their services and their complete platform independence, Facebook’s ability to annihilate anything they deem competitive is unprecedented in its scope.

This power has provided Facebook with the luxury of allowing other companies to take the risk of trying new things, and then either embracing the company via an acquisition, or extinguishing them by duplicating their most unique component. It isn’t so much that Facebook can’t come up with these features on their own, but rather that they’ve elected to let other companies build entire business models around singular features that can be duplicated in Facebook’s far more established ecosystems.

That strategy allows Facebook to experiment with greater extensions to their business model: new advertising and tracking methods, drones that provide internet access to developing nations, and the like. Adding users and presence around the world allows the strategy to dig in even deeper, feeding itself.

As Facebook’s strategy becomes even more pervasive, I wonder what kinds of tech companies are safe. My gut sense is that, over time, Facebook’s strategy allows them to build a diversified portfolio of companies, should they choose to do so, with monopolizing power over internet services. But that only works for Facebook so long as users also dig themselves deeper into their ecosystems. The failure of their email and phone efforts indicates to me that users aren’t ready to dig deeper without a meaningful extension of the existing products that Facebook intended to replace with each. My hope is that users continue to limit Facebook’s reach, and not the other way around.