This blog post was co-written by EFF, the Internet Society, and Mozilla.
As people have learned more about how companies like Google and Facebook track them online they are increasingly taking steps to protect themselves, but there is one relatively unknown way that companies and bad actors can collect troves of data.
Internet Service Providers (ISPs) like Comcast, Verizon, and AT&T are your gateway to the Internet. These companies have complete, unfettered, and unregulated access to a constant stream of your browsing history that can build a profile that they can sell or otherwise use without your consent.
Last year, Comcast committed to a broad range of DNS privacy standards. Companies like Verizon, AT&T, and T-Mobile – which have a major market share of mobile broadband customers in the U.S. – haven’t even committed to these basic protections like not tracking website traffic, deleting DNS logs, or refusing to sell users’ information. What’s more, these companies have a history of abusing customer data: AT&T (along with Sprint and T-Mobile) sold customer location data to bounty hunters and Verizon injected trackers bypassing user control.
Every single ISP should have a responsibility to protect the privacy of its users – and as mobile internet access continues to grow, that responsibility rests even more squarely on the shoulders of mobile ISPs. As our partner, Consumer Reports, notes: even opting in to secondary uses of data can be convoluted for consumers. Companies shouldn’t be able just bury consent within their terms of service or use a dark pattern to get people to click “OK” and still claim they are acting with users’ explicit consent.
Nearly every single website you visit transmits your data to dozens or even hundreds of companies. This pervasive and intrusive personal surveillance has become the norm, and it won’t cease without action from us.
In that vein, Mozilla, the Internet Society, and the Electronic Frontier Foundation are individually and collectively taking steps to protect consumers’ right to data privacy. A key element of that is an effective baseline federal privacy law that curbs data abuses by ISPs and other third parties and gives consumers meaningful control over how their personal data is used.
But effective regulatory action could be years away, and that’s why we need to proactively hold the ISPs accountable today. Laws and technical solutions can go a long way, but we also need better behavior from those who collect our sensitive DNS data.
Today we are publishing an open letter calling on AT&T, T-Mobile, and Verizon to publish a privacy notice for their DNS service that commits to deleting the data within 24 hours and to only using the data for providing the service. It is our hope that they heed the call, and that other ISPs take note as well. Click here to see the full letter.
An increase in anti-LGBTQ+ intolerance is impacting individuals and communities both online and offline across the globe. Throughout 2023, several countries sought to pass explicitly anti-LGBTQ+ initiatives restricting freedom of expression and privacy. This fuels offline intolerance against LGBTQ+ people, and forces them to self-censor their online expression to avoid…
It’s a big year for the oozing creep of corporate paternalism and ad-tracking technology online. Google and its subsidiary companies have tightened their grips on the throat of internet innovation, all while employing the now familiar tactic of marketing these things as beneficial for users. Here we’ll review the most…
Legislatures in more than half of the country targeted young people’s use of social media this year, with many of the proposals blocking adults’ ability to access the same sites. State representatives introduced dozens of bills that would limit young people’s use of some of the most popular sites and…
Private communication is a fundamental human right. In the online world, the best tool we have to defend this right is end-to-end encryption. Yet throughout 2023, politicians across Europe attempted to undermine encryption, seeking to access and scan our private messages and pictures. But we pushed back in the EU,…
EFF works every year to improve policy in ways that protect your digital rights in states across the country. Thanks to the messages of hundreds of EFF members across the country, we’ve spoken up for digital rights this year from Sacramento to Augusta.Much of EFF’s state legislative work has, historically,…
Lawmakers, schools districts, educational technology companies and others keep rolling out legislation and software that threatens students’ privacy, free speech, and access to social media, in the name of “protecting” children. At EFF, we fought back against this overreach and demand accountability and transparency.Bad bills and invasive monitoring systems, though…
There’s been plenty of bad news regarding federal legislation in 2023. For starters, Congress has failed to pass meaningful comprehensive data privacy reforms. Instead, legislators have spent an enormous amount of energy pushing dangerous legislation that’s intended to limit young people’s use of some of the most popular sites and…
EFF believes you have the right to have a private conversation–in the physical world, and in the digital world. The best technology to protect that right is end-to-end encryption. Governments around the world are working hard to monitor online conversations, far beyond the bounds of traditional targeted law enforcement. 2023…
Back to top
Check out our 4-star rating on Charity Navigator.
About The Author
More Stories
From Coverage to Meaningful Connectivity: How Kenya Is Leading Africa’s Internet Future
Community Snapshot—April
Anatomy of a Scam