Just this week, Congress passed legislation repealing Obama-era rules that prohibited Internet service providers (ISPs) from selling your browsing history to other corporations without your permission. While the law hasn’t been signed by President Trump yet, its approval is a near certainty. If you’re a U.S.-based Internet user interested in protecting your browsing data and Internet history, here’s what you can do.
What Browsing History Is Available For Sale?
The bill, called S.J. Res. 34, repeals FCC regulations put in place by the Obama administration in late 2016. These rules prohibited ISPs from selling customer browsing data and Internet history to third parties without explicit consent from the user. The rules required an “opt-in” system that mandated affirmative user action before such sales could take place.
These rules were overturned using the Congressional Review Act (CRA), which gives Congress the power to overturn federal regulations within sixty legislative days of their imposition. And if a rule is overturned, the CRA prohibits a substantively similar rule from being put in place in the future. This means that ISPs can now sell a given user’s browsing history without the users consent or explicit knowledge.
We don’t know what this will look like yet. Based on how other advertising companies like Facebook and Google operate, we can expect that user data will be sold in large packages to advertisers looking to better target their advertisements based on demographic data. And according to existing FCC rules, the data cannot be “individually identifiable,” though your browsing history is definitely enough to identify you. That promise of anonymity hasn’t kept privacy advocates from outrage, however. Nor has it stopped crowd-funded attempts to buy the browsing history of members of Congress.
How Can I Protect My Internet and Browsing History?
If you’re concerned about the full depth and breadth of your browsing history suddenly becoming broadly available, there are some steps you can take to protect yourself.
Keep in mind, this isn’t a guide to being completely anonymous online. That’s a much more complicated undertaking. Instead, we’re focused on protecting your browsing history from your ISP.
Use a VPN
ISPs can only sell your browsing history if they can see it. Virtual private networks, or VPNs, make that impossible. A VPN sends all your Internet traffic through an encrypted “tunnel,” obscuring what’s inside the tunnel from the outside world. When you’re using a VPN, your ISP only sees meaningless encrypted data that they can’t use.
If you’re interested in signing up with a VPN, make sure to get one with a solid track record. You’ll also want to try and find one that doesn’t keep detailed logs of user activity. Anonymous methods of payment are a plus, and if you can find one based outside the Five Eyes, all the better.
Though they’re U.S.-based, Private Internet Access is an excellent option for getting started with a VPN. Their service is easy to set up through their macOS and iOS apps, and they have a long track record of user satisfaction. They also don’t keep meaningful logs: FBI investigators subpoenaed the company’s logs in 2016, but they discovered they contained no useful information.
I personally use Private Internet Access, and I’ve found their service to be reliable, fast, and easy to use. Their iOS app is especially great, automatically connecting your iPhone or iPad to the VPN every time the device wakes up. Yearly subscriptions are $39.95 for an unlimited number of devices, and monthly subscriptions are $6.95.
A word of warning: avoid free VPNs. They’re typically slow, and they might even sell your browsing data themselves. Remember, if you’re not paying for the product, you are the product.
Use HTTPS Everywhere
HTTPS will also hide some of your browsing data. And whether or not you care about privacy, you should be using it.
HTTPS is a secure version of HTTP, one of the technologies that computers use to communicate with websites. When you’re using HTTPS, your ISP can only see what domain you’ve visited, not which pages. For example, they can see that you’ve visited reddit.com, but they can’t see what subreddits you accessed. This still leaks some information, but HTTPS can protect you from more invasive investigations of your browsing history.
HTTPS also protects users from a wide array of online attacks as well, and whether or not you care about privacy, you should be using it. While many major websites use HTTPS by default, you can use the Chrome and Firefox extension HTTPS Everywhere to force all compatible websites to give you HTTPS pages instead of insecure HTTP pages.
Use the Tor Browser
If you’re deeply concerned about hiding your browsing history, Tor is another excellent option. It’s a service that hides your identity and location on the Internet, randomly bouncing your Internet traffic to servers around the globe before spitting it out, anonymized, at your final destination. It’s extremely secure, but it’s not perfect.
Tor is frustratingly slow: all that bouncing traffic around increases latency significantly. And if you want to send non-web browser information over Tor, it takes some more setup. Both of these downsides make Tor a poor fit for everyday use. But if you’re doing something that must stay hidden, it’s a good tool to have in your tool belt. Of course, just using Tor won’t make you completely anonymous. It does help quite a bit, though.
Tor Browser is a great way to get started using Tor. The browser automatically connects to the Tor routing system to anonymize your browsing data.
If you’re serious about protecting your privacy, there are more steps you can take. However, using a good VPN and HTTPS Everywhere will be enough to make your browsing history useless to your ISP. And you can use the infographic below as a quick reference for our recommendations above.
You might also like: