Iowa Republicans in Congress voted to repeal internet privacy rules

All five Republicans in Iowa's Congressional delegation voted to prevent new privacy protections for internet users from taking effect later this year, with the state's lone Democrat voting against.

In votes taken last week and Tuesday night, the U.S. Senate and House of Representatives approved blocking protections the Federal Communications Commission approved in October. The protections would have put restrictions on how internet service providers, such as Mediacom and CenturyLink, could use consumer data.

Without them, the Washington Post reported, it will be easier for ISPs to collect and sell that information.

President Donald Trump is expected to sign the measure.

Republicans, internet providers and industry groups largely hailed the repeal of the rules, while Democrats and consumer advocate groups criticized the move.

Tom Larsen, Mediacom's senior vice president of government and public relations, said repealing the FCC's rules would put ISPs on a more even footing with companies such as Google.

'It just gets rid of an unbalanced, unfair regulation,” he said, adding that search engines and other websites still could collect consumer data even with the FCC's privacy rules.

Larsen did say Mediacom does not share its customers' information.

Aaron Warner, the founder of cybersecurity business ProCircular in North Liberty, called the vote an 'unfortunate development.”

'We spend a lot of time trying to help our clients to protect our clients' privacy and identities. This is a step in the wrong direction,” he said.

Consumers hoping to better protect their information online, Warner said, could invest in a VPN, or virtual private network, that would encrypt traffic in and out of a system.

Internet users also could use HTTPS sites, which are more secure versions of normal websites. This won't stop data collection completely, though.

'Sen. (Joni) Ernst believes the Federal Communications Commission's privacy rules singled out certain companies within the internet ecosystem, hampering them with new, and extremely narrow rules, while allowing others to operate by a more favorable set of rules,” said Brook Hougesen, an Ernst spokeswoman.

Sen. Chuck Grassley's office said he 'understands the importance of privacy protections for internet users.”

'Unfortunately this last-minute FCC regulation created a false sense of security because it established a double standard for how companies protect personal information,” spokesman Taylor Foy said.

But U.S. Rep. Dave Loebsack, the only Iowa Democrat in Congress, argued consumers need a say in how their online information is used.

'By permanently throwing out the FCC's internet Privacy Rules, Republicans voted to strip Americans of control over how their information is used by certain companies,” he said in an emailed statement.

U.S. Reps. Rod Blum, David Young and Steve King also voted to repeal the rules, but their offices did not respond to requests for comment.

What you need to know

Here's some information from the Washington Post about the bill and what it means for you:

What did Congress vote on?

Congress voted to keep a set of internet privacy protections approved in October from taking effect later this year. The rules would have banned internet providers from collecting, storing, sharing and selling certain types of personal information - such as browsing histories, app usage data, location information and more - without your consent.

Without these rules, could I really go to an internet provider and buy a person's browsing history?

The short answer is, in theory, but probably not in reality.

Many ISPs have privacy policies that may cover this type of information. If an ISP shares or sells an individual's personal information in violation of its own privacy policy, a state attorney general could take the company to court, said Travis LeBlanc, a former enforcement bureau chief at the Federal Communications Commission.

State attorneys general also could sue ISPs whose data practices could be construed as 'unfair” to other businesses.

Meanwhile, the chairman of the Federal Communications Commission has said what's left of his agency's privacy authority still allows him to bring lawsuits against companies - he just won't be able to write rules that look similar to what Congress rejected this week.

If the providers relax their privacy policies or if the FCC chooses not to take action, ISPs conceivably could share detailed information about a person's Web usage that could be used to discover his or her identity.

What does the legislation mean for the government's ability to spy on me?

The measure doesn't give the government any more powers to gather information on people than it already had - although with ISPs getting into the data-mining business, LeBlanc said, that's another place government officials could theoretically go to find information about people of interest.

LeBlanc added that even foreign governments could conceivably buy data from ISPs to find out about people they're interested in.

But gathering information this way may be less efficient than certain tried-and-true methods, Calabrese said.

'If the FBI wants information from AT&T, they're going to get it the way they always have,” he said, 'which is to send them a subpoena or a warrant.”

That's not to say law enforcement officials don't or won't find consumers' internet data useful. What's likely to happen, Calabrese added, is that the new information ISPs collect on their users may find their way into databases that government officials already are mining. And that's how the government could indirectly gain even more information about you.

l Comments: (319) 398-8366; matthew.patane@thegazette.com