While the spotlight is usually on big tech and social platforms, privacy advocates often argue that the greatest potential for abuse of personal data of internet users lurks in those places that actually know the most about their online activities – their internet service providers (ISPs).
The US Federal Trade Commission (FTC) seems to have suspicions of its own, as it has just announced plans for a comprehensive study of these companies' data gathering habits.
A total of seven firms, including big players like AT&T, Verizon, and T-Mobile, have been ordered to state how they collect, retain, use, and disclose information about consumers and their devices, the agency said.
The FTC would also like to know whether ISPs aggregate, anonymize or deidentify information, and what options their consumers have in accessing, correcting or deleting personal data.
The FTC said its move aims to provide it with better understanding of ISPs' “privacy practices in light of the evolution of telecommunications companies into vertically integrated platforms that also provide advertising-supported content.”
Reporting about the announcement, the Verge noted that the Federal Communications Commission (FCC) rules under which ISPs would have had to ask for “explicit permission” from customers to share their sensitive private data were abandoned a year after they were proposed, in 2018.
It was this brought the issue to FTC's attention and jurisdiction.
ISP giants are coming under scrutiny for their privacy-respecting practices now because they have started making forays into a market that used to be the exclusive playground of social networks driven by the advertising business model, like Google and Facebook, the report suggested.
Meanwhile, ISPs will continue to know everything about their customers' browsing activities regardless of the steps taken to protect privacy at the operating system or browser-level. But there are ways of improving that privacy by taking extra steps, even if they do not guarantee absolute protection.
One is to use a virtual private network (VPN) – which also requires those services not to keep logs recording your every move. Another is to use privacy-friendly browsers like Tor, that make it difficult to track users' data back to them.
Combining the two methods may be the best shot at achieving privacy online.