To be honest, I'm not so concerned about them looking at my packets. Well, more specifically, I take it as a given of the modern web that any data which people can mine they will mine.
What is more concerning is how AT&T actually serves those targeted ads. Are they injecting ads into pages and modifying HTML? That seems like an incredibly disastrous procedure which would hopefully get them into trouble with content providers and even the FCC. I surely hope that's not the case.
More likely than not, they are talking about selling your browsing history to major ad networks that already have ads embedded on the sites you use rather than injecting their own ads into others' content. I assume this to be the primary difference between the "snooping" and "non-snooping" plans, because many ISP's already internally keep some amount of browsing history but don't sell it to third parties.
If they are doing ad injection, it is unclear whether or not they could be successfully sued. Some browser plugins with very large user bases inject/modify ads, and although some have received cease and desist letters from content providers, and some have been sued and settled out of court before trial, I don't believe any have gone to trial and lost. The law is murky at best on that issue, and as the ISP, odds are that AT&T would be in a far stronger legal position than even the browser plugins that have been doing this for years.
Not only can they sell your browsing history, they are in the unique position to associate your current IP address with your browsing history, and sell real-time access to that information. If I open up an Incognito window right now and go to a site I've never visited before, they couldn't serve me targeted ads, because without cookies they'd have no reliable way of knowing that I was the same 111.222.111.222 that connected a few days ago. But now, AT&T could set up a server that ad networks can call out to, that can return a browsing profile if queried with an IP address. You've given them permission to do that. As far as I know, Tor is the only way to circumvent this... and with the forthcoming FCC rules, Tor traffic could be significantly rate-limited. This is a pretty big deal.
This highlights the importance of obfsproxy development for tor. Not only can it allow tor's use in regimes that employ deep packet inspection to prevent tor traffic, it could also prevent throttling of tor traffic, as it would look just like normal traffic.
I actually think that AT&T would be in a weaker position than the browser plugins.
AT&T is a message relayer, while the browser plugin is a specific program installed by the user to modify the messages they receive.
There's no legal question I could hire a secretary to open my mail for me, and white-out the lines I told her I didn't want to see, but it would be a little strange for a mail carrier to open messages and insert ads.
Without consent, you're absolutely right. But if (as in the case) the ISP not only obtains consent but also gives significant discounts in exchange for it (and owns the pipe through which the content is delivered, which may give them rights to modify data that a browser plugin company doesn't have), my guess is that AT&T would be in a better position.
The only redeeming feature is that AT&T is giving a discount for the service. I suspect they'd run in to more lawsuits about their monopoly status if they forced that decision on all consumers.
However, the plugin companies aren't in an ambiguous situation at all: someone who requests the page is explicitly requesting it to use the content to run a program which renders an image from it, and is under no contractual obligation (from merely making an HTTP request) to view the entirety of the content. They can neither complain that it's being processed (the browser inherently does that, to make an image from the text), and they can't complain that the end-user is failing to uphold their end of an agreement.
Because it's a user chosen process, and because of how content on the internet is relayed, there's no reason that the plugins are on any kind of shaky ground. (One notable exception would be interacting with dynamic content to bypass a paywall. There likely are other exceptions, but these come down to bypassing some kind of mechanism, not merely failing to load or render a particular portion of the sent content.)
In the article there's a screenshot that strongly implies the ads will be coming via email ("this consent supersedes any prior email unsubscribe notification I may have with AT&T")
So are you saying that you lack the ability to discern AT&T's GigaPower ads from other ads, or are you saying that AT&T's ads are indiscernible from other ads?
Or you could pay an additional $5/month for a decent VPN. In fact, I have a number of close contacts who work in the industry who tell me that this type of practice is of heavy interest and routine on the wireless end of things. Companies are tracking not just your browsing habits but your location data based on cell tower triangulation.
This is why we need to decentralize the ISPs and move to local mesh networks.
You can certainly expect it -- and not just because technical users could use VPNs to end-run traffic shaping.
You can expect it because VPNs are overwhelmingly used by technologists and 'business' users. In general, these people have an ability to pay (much) more, so ISPs would like to charge them more.
A standard VPN doesn't try to hide, and will look like a VPN to the ISP: all packets contain encrypted material, destination doesn't vary, etc. This is what I mean by "unobfuscated", and this would be easy for an ISP to throttle.
One can imagine ways to tunnel VPN traffic over ISP-approved traffic, but that arrangement might have other drawbacks.
Putting it over HTTPS won't necessarily stop them. The caveat mentioned in the article is that they won't track your HTTPS web browsing. But they can still slow it to a crawl if they don't like you doing it.
No worries! Actually I wonder if just tunneling over TLS would be enough if the ISP were determined. I mean, after they see me pushing and pulling GBs from the same host for an hour, they might just GET it themselves. If they see a "how to configure your VPN" page, that address could go on a slow-list.
This made me smile. I would like to imagine that there were consensus on this point.
Now, let's talk solutions.
I think the effective solution for much of the nation will be wireless, but FCC and affiliated interests have been postponing the liberation of enough unlicensed spectrum to make that feasible. The dominant regulatory scheme creates scarcity where none should exist, and that's how all of these bastards keep the gravy train rolling. They rue the day they decided to just let the microwave ovens have 2.4 GHz, because now that frequency is proof that there is no physical reason to "license" electromagnetic radiation. If we can just pry a few more spectrum slices from their grasp, including those better suited to slightly longer ranges, that's the hole in the dike that will eventually create a market in telecom.
I used to work precisely on the sort of technology that would make this possible, and I support liberalizing FCC regulations, but I think your comment is off-the-wall. At the time FCC licensing was instituted, there were no cognitive radios that could listen for free channels before transmitting. Heck, frequency-agile radios didn't exist. Even today, whitespaces technology isn't so well-developed that we could just get rid of the licensing regime. Remember the wireless mic debacle? http://gizmodo.com/287736/microsoft-google-dell-coalition-wh....
My reading of the "debacle" was more that a fringe industry had been squatting on a particular band for a really long time, and was able to frighten a bunch of churches into complaining to Congress that they didn't want to have to buy new gear. I would understand that sort of excuse for AM broadcast, but why the hell don't wireless microphones run over more modern radio tech anyway?
Of course I don't suggest that cognitive radio could have existed in the 1930s. Instead I suggest that it should be given more room to operate now. So they had a problem demo seven years ago: what has happened since? Is it "off-the-wall" to wonder why licensing hasn't changed in response to the invention of the integrated circuit?
EDIT: I'm talking about opening specific, limited bands ("a few more spectrum slices") to unlicensed use, in precisely the fashion in which 2.4 GHz is currently open, although at higher power. Though I do dream of the FCC folding (in much the way I dream that of the DEA or CIA), I realize that in serious conversation with serious people one must focus on the tenable.
Fringe or not, it illustrates why we have licensing. People bought cheap, dumb equipment, and it was fragile. All predictable. But at the same time, very expensive and sophisticated technology couldn't figure out how to protect the cheap dumb equipment. Its a very hard problem. And "Sucks for them" isn't a practical response when you're trying to change the status quo.
It might have been one bad demo, but it was also a very simple, controlled experiment. The spectrum environment without FCC licensing would be orders of magnitude more challenging. The technology just isn't there yet to replace the FCC across the whole spectrum. The FCC certainly could move faster to allow the technology to develop, but your characterization of the situation and aspersions are inaccurate and unwarranted.
You're also ignoring how expensive this equipment is. Simple white spaces devices are pretty cheap, but the kind of radio that would could freely operate over a large part of the spectrum is still very expensive. Just the analog frontend capable of tuning to a wide range of frequencies is expensive. Retrofitting existing devices with the technology, at the scale that would facilitate deregulation, would be quite impractical right now.
It's a really interesting space, and I think it has tremendous potential, but there is a lot of development to be done before the technology lives up to the libertarian fantasy. I think we're at the stage where it would make sense to have an unlicensed band that allowed "smart" devices only, which followed a minimum set of rules. The challenge here is getting someone to give up their spectrum.
I think we're at the stage where it would make sense to have an unlicensed band that allowed "smart" devices only, which followed a minimum set of rules.
Then we agree on the only point that matters.
The challenge here is getting someone to give up their spectrum.
That is indeed a challenge. In one case, this effort included updating every television in the nation. Yet still, five years after the digital transition, from the WIA Spectrum Policy [0] page:
Rural areas continue to be the most underserved market in terms of wireless reach and innovation. However, the abundance of white spaces in these regions provides a unique opportunity for rural wireless providers to use this unused spectrum to promote coverage through high-capacity service. While the advantages to expanding this expansion remain undisputed, firm action has not been taken as of yet in order to allow the operation of higher powered spectrum in these areas. At present, TV band devices are not permitted to operate at power levels greater than 4 watts EIRP, even though expanding this power limit would pose virtually no threat of interference to current broadcast bands. The delay in the advance of power limits only serves to hinder wireless progress in rural areas of the country.
That seems wasteful: usable white space was one of the selling points of the digital transition, and yet giant blocks remain unusable for no publicly-acknowledged reason. I mean, I hesitate to even ask what the military are doing with all their spectrum while this is still going on.
The "virtually no threat of interference" claim needs to be taken with a grain of salt. Digital TV receivers are pretty dumb devices that aren't very good at rejecting interference.
I'm a big proponent of having minimum interference tolerance requirements for receivers, and there's work happening on that front: http://transition.fcc.gov/bureaus/oet/tac/tacdocs/WhitePaper.... But we'd be talking about another round of updating every television in the nation...
The "virtually no threat of interference" claim needs to be taken with a grain of salt. Digital TV receivers are pretty dumb devices that aren't very good at rejecting interference.
When I enter "Los Angeles CA" on the FCC reception map site [0], there are 23 green/strong broadcasters listed. When I enter the location of my home, there are two. Are we to believe devices that can handle the presence of 22 "competing" signals in one situation will be completely overwhelmed by the presence of one or two extra signals in the other situation?
Those 23 broadcasters are all on different channels. We're talking about devices that could potentially be on the same channel as an exiting TV station. This is not a trivial problem to solve, because you need very sensitive detectors on the "smart" device to ensure that it correctly detects when there is an active station on a given channel: http://www.sharedspectrum.com/wp-content/uploads/2008-10_SSC....
One of the most complex aspects of doing this sort of thing is various permutations of the "hidden node" problem. Essentially, the problem is that a "smart" transmitter may not hear a dumb one, and use an in-use channel, interfering with a dumb receiver, which otherwise could hear the dumb transmitter. This tends to happen because geographic obstacles can cause individual nodes to have a different view of the spectrum environment.
Good point, but devices don't have to be able to sense broadcasts on a channel in order to avoid using that channel. Alternatively, the WISP WAP could just continuously broadcast (on known safe channels, as a part of the normal SSID etc. beacon) the list of currently safe channels, as configured and maintained by WISP personnel, and consumer devices could simply not transmit until they received the list.
Even if we were limited to listen-before-talk, the linked study recommended 10 W rather than 4 W, and that was in the urban context of Baltimore-DC, rather than out here in the hills where we rural people would like a choice in ISPs.
>They rue the day they decided to just let the microwave ovens have 2.4 GHz, because now that frequency is proof that there is no physical reason to "license" electromagnetic radiation.
What do you mean by this? 2.4ghz is used for low-power, short range communication, so of course there are fewer issues with interference. You can't say the same about the FM radio bands, for example.
See sibling note by 'rayiner. FM as broadcast now is really old tech. Car radios would have to be updated to have cognitive radio capability, if this regulatory regime were extended to that band. But that doesn't have to happen soon; the spectrum is vast and could certainly accommodate more unlicensed use without inconveniencing this particular use.
EDIT: In case this is still unclear: I'm talking about opening specific, limited bands of spectrum to unlicensed use. I would not nominate FM radio as the first such band. Just as wifi chips today are capable of not interfering on bands they don't use, super-wifi transmitters would not interfere on bands they don't use.
Everyone run some fiber to your nearest neighbor in each of the 4 cardinal directions. Go to MIT, find one or more of the kids that already figured out to make all that work, and read their theses. Launch an open-source project for the required network hardware and its firmware, and manage to sell as many as you can produce at $30 each.
A five-port gigabit fiber router sounds more like $300 in volume, and most Americans would rather pay $299/month than $300 one time because it's cheaper.
I was actually referring to the [implied] part where the person installing it doesn't need to know anything other than how to plug everything in. You're not going to get a usable network out of this if it requires the people using it to know anything at all about their hardware, or if they have to get their own identifying numbers from ICANN.
It really needs to be something where they plug in a box and hot and cold running Internet comes out when they open the faucets. And if you thought disruptions were bad when some country "misconfigures" their BGP to route the entire Internet through their spy agency's offices for 15 minutes, wait until a thousand Joe Bagadonuts are doing it truly accidentally, all the time.
I don't get why people are pushing folks towards VPN. If you use one, you shift your endpoint from Provider A to Provider B. And you have absolutely no guarantee ever, that the upstream link of provider B or that provider B itself (accounting, user association etc etc) is not rigged...
True, a VPN in hostile environments might be a good idea. If the termination endpoint is secure, is another question.
I think it has more to do with the network peering arrangements of the VPN host more than privacy. At least that would be the benefit from my point of view.
If my ISP has a poor path to (for example) Netflix, but my VPN provider has a good (unsaturated) path, it could be advantageous. But this requires my ISP to have a good connection to my VPN provider.
I have a Plex server in Canada with OVH and on my local connection it worked fine for years to stream movies and TV. Even 1080p stuff worked fine. Then it appears that CenturyLink started shaping port 32400. So I got a 5 dollar droplet on Digital Ocean (SF) and now use that for a VPN. Plex works fine. I can switch the VPN on and off and it makes a huge difference. Without the VPN it is constant buffering.
I had a discussion about this with one of the guys from PIA VPN...you can pay via bitcoin and the info required for sign-up is kinda uhm spartan.
No chance of pushing any serious traffic through a VPN though unless you control it.
Unfortunately, in my case a VPN would probably put me on weaker legal ground. My ISP is not legally entitled to monitor my traffic...once it hits the VPN provider the local laws apply & I can do without US laws on the privacy front.
Personal (non-company) VPN still doens't fully work on smartphones. It needs to be manually activated each time, making 'all-traffic-behind-vpn' impossible for now. It is possible for coporate VPN's so we know iPhones can do it. A choice by Apple HQ?
Works fine for me with OpenVPN on Android (4.4.2 on a Galaxy S4 and Nexus 7). It will only prompt to accept the VPN the first time it's run. If you leave it running in the background it will re-establish the connection whenever it needs to.
That being said, I also have an Xposed module to get rid of the confirmation prompt entirely (I use Tasker to enable the VPN automatically when my phone connects to unsecured wifi networks).
I can't speak to how Apple does it, so maybe it's just an OpenVPN vs IPsec thing. If you setup your own IPsec VPN you could possibly have it activated automatically. There was a post on HN a few months ago with a script to basically setup an IPsec VPN automatically for you.
I don't know how they're accomplishing it technically, but http://getcloak.com manages to auto-enable my VPN on my iPhone every time I connect to a non-whitelisted wireless network.
I'm a Cloak user. Connect on Demand in iOS has a great design, but unfortunately it's buggy. About once a week, I will catch it not using the VPN (and not blocking traffic nor trying to reconnect). I even connected my iPhone to Apple's desktop utility that allows reading the device logs and I correlated the behavior to certain log errors. This problem started in iOS 7.0 and remains up to 7.1.1 (iOS 6 was fine).
As a result of this bugginess, I'm no longer willing to use untrusted wi-fi networks even with VPN. It's really too bad that Apple is not fixing this, because it renders the Connect on Demand feature useless from a security point of view, and it nullifies the functionality of Cloak. Cloak is otherwise an awesome app and service, and it's not their fault as they can't control this code.
iOS 7 opened up some APIs for it. GetCloak's app uses it (and has a lot more niceties, I read), and so does the ugly but generic OpenVPN app. I'm guesses that they're not able to block all traffic before the VPN is set up though. I'm not sure. And I'm certain the OpenVPN app doesn't fail safe/closed.
Anyone know of a portable, travel wifi router that supports VPN and fails closed?
As a recent Austin subscriber to AT&Ts GigaPower, I opted to let them snoop on my traffic for the discount. I really didn't see the difference in what they were doing versus Google or any other search engine. That, along with the significant price reduction ($320/mo versus $140/mo - they didn't let me bundle any services without the deal) led me to allow this.
As another poster mentioned - if I get really paranoid, I will eventually set up a VPN, and tunnel all of my traffic through that.
I did want to add that once Google Fiber comes to my neighborhood, I will be jumping ship though. We have had two significant outages in the first month of GigaPower.
The most obvious difference is that they get to see all your traffic, not just those websites which integrate google analytics (which can be a sizeable chunk).
If your smartphone also uses AT&T they see that traffic also. The only place where you are hidden from them is at work.
Even if we had a more competitive market, what could really be done about this? It seems people tend to flock towards lower price, particularly when the difference is something that's not immediately tangible. I worked retail years ago and I know that people would sometimes come in, get help from our staff, and then go to Walmart to buy the same printer a few bucks cheaper. In the end, the incentive is for the retail outlets to have as little service as possible.
Is AT&T really making $30/month from people's browsing histories? I suspect that data is worth dramatically less, so in a competitive market the premium for not being spied on ought to drop.
I think its better to look at this another way: that they are making $30/month from the privacy concerned and that the higher price would not hold as their only price if they got rid of the "privacy plan". $150/month seems comparable to what other companies charge for similar services, while $180/month for that same service seems high. To me this feels like a trick to get most users to opt in by artificially increasing the price of their "standard" plan.
It may not be a discount. The higher fee is to discourage the more expensive service. We're assuming that the baseline cost is the lower one, but what if it isn't?
I was going to ask that same question but decided to read all the other comments first. That practice should be illegal IMHO. That is altering content. Creating derivative works? It'd clearly be anti-competetive if the replaced others ads with their own.
IANAL but it seems they could lose safe harbor protections provided by DMCA and be liable for ALL copyrighted material going over their system:
"Section 512(a) protects service providers who are passive conduits from liability for copyright infringement, even if infringing traffic passes through their networks. In other words, provided the infringing material is being transmitted at the request of a third party to a designated recipient, is handled by an automated process without human intervention, is NOT MODIFIED IN ANY WAY, and is only temporarily stored on the system, the service provider is not liable for the transmission."
Our common network software should be designed with the expectation that the middlemen (including your ISP) are actively hostile, and include defenses against their attacks. Making the html stream inaccessible to them is a first step in that direction.
That mandates copyright holders suing for copyright infringement and/or the statutory fees they are due from the creation of derivative works.
I would suggest that an argument could be made for some sort of fraud as well, for not delivering "the internet" (would have to consult with a lawyer to be sure).
Throwing protocol changes and such will not work in the long run, because you're trying to fix this in the wrong problem domain. This is a legal and political issue, not a technical one. If there is a desire to fix this idiocy, time is best spent where it is most effective.
/I suggest political action towards hitting the big ISPs with the Sherman & Clayton Antitrust Acts. These ISPs are patently abusing monopoly power in various ways.
Switching to HTTPS everywhere means that we have to drop the traditional CA model; certificates from CAs are just too expensive. (Replacements are either DANE, which depends on DNSSEC, or Namecoin, which replaces the DNS system entirely and has many problems of its own.) Expect all this to be fought tooth and nail.
What is this, 2005? StartSSL offer free SSL certificates that are trusted by all browsers. If that's too cheap, you can get a Comodo certificate through Namecheap for $10 a year...
If you can afford a domain, you can afford an SSL certificate...
Have you not been paying attention to the Heartbleed thing? StartSSL is a scummy company that breaks the rules they've agreed to with browser vendors. I would not trust them if I had a choice in the matter.
I have a bunch of domains which, frankly, I don't care enough about to pay money for an SSL certificate for.
They're probably selling the opportunity to ad networks. IOW, the site operator 'O' contracts with ad network 'A', and A uses data from the ISP to decide which ads to serve to which clients via O's site.
So the ISP is not necessarily interfering in O's contract with A by replacing ads or such -- at least, it doesn't necessarily work that way. I really don't know, some ISPs have been caught replacing content or injecting ads, but in principle the scheme could be managed without doing so.
(My description is from descriptions a few years ago when ISPs were sneakily trying a DPI setup)
The US chose to deal with telecoms differently than the EU, thinking it would incentivize investment and create copetition for better networks. What it's done is the opposite. Planet Money ran a great episode[1] about it. It's worth a listen!
I live in a "rural" place on one of the nation's fiber backbones, one of the top in the country due to nearby military/government facilities, and we don't even get the full 7Mbps bandwidth we pay for. And that's still $30-40/mo.
And all that is because Verizon won't upgrade their equipment to handle the congestion that happens at night. It's not that they can't, but that we're "rural".
I live on a farm in Texas. We pay $100/mo for 5mbps internet and rarely get one. (Our landline is bundled with it) Our whole internet has gone down for days multiple times.
Hrm, not sure why they used Magnet as an example for Dublin, there; you can get the same service for cheaper from other providers, if you're willing to take out a contract (Magnet is month-to-month) and UPC's 120mbit service is also cheaper.
I would love to see sensible comparisons of available bandwidth for different countries. This would have to include some weird kludges of average pricing over cable, dial-up, satellite, and mobile. (And maybe wifi plans too).
Also, extremely regional. For instance, I currently get a 12mbit/sec service for 30 euro a month. In my old apartment, less than a mile away, I got 120mbit/sec for 40 euro a month (and could have gotten 200mbit/sec for 45). Assuming that the telecom gets a move on with its VDSL rollout, in a couple of months, I'll get 100mbit for 35 euro a month. And that's in a city; it gets a lot messier in many rural areas, where the only plausible non-wireless providers can be fixed microwave.
That said, there's no consumer service remotely as expensive as that AT&T one here.
Sounds like they gather your full browsing history, and then assist 3rd-party ad networks in targeting their ads at you. Or, worse yet, just hand over your browsing history for ad networks to process. Their marketing materials don't seem to make this clear.
> Who thinks that their browsing habits are hidden from the ISP (without using a VPN)?
Who thinks their browsing habits are hidden from anybody? The internet is a packet-switched routed network that sends almost everything in clear text. Anybody who receives or forwards a packet can mine it for data.
I'm guessing this is just giving them a legal justification to do whatever they want with your data and making that the new standard agreement at the same time, by providing a false benefit to the consumer. They also get to make extra money off the people who prefer privacy in this setup.
AT&T never says they will not inspect the packets nor keep the Government from inspecting the packets. They just give a lower priced option where they target you with ads/or sell your browsing history, etc. NSA is splitting off the packets 100% at the major uplinks regardless of what AT&T or any other provider does.
I'm sure most corporations suck (it's inherent in their size, structure and purpose). But I know AT&T sucks. I've loathed them, ever since their backing of the Clipper Chip.
I'm currently using tethered wifi cellphone as my only home internet because I refuse to give money to either of my only two broadband options, AT&T or Time Warner.
I don't like this whole trend of collecting user data, but at least AT&T offers a way to pay extra to opt-out of targeted advertising, unlike, well, nearly ever other entity on the internet. I'd happily pay $62/month for spyware-free Facebook.
No, protection money is when someone threatens to do something illegal. This is offering a discount in return for viewing targeted ads, which is something, e.g. Amazon does with their Kindle, among many other companies.
This is not offering you a discount in return for your viewing targeted ads, because nothing here actually requires you to view ads in the first place. This is more like saying, "Pay us more and we won't sell your browsing history to whatever company offers us money."
That's BS. First off, AT&T already has a business model! And they're making billions from it, too. It's like Facebook charging you $50 a month, then starting to collect all of your data, too, and then saying "if you want us to stop doing it, then you'd better give us an extra $50 a month".
> I'd happily pay $62/month for spyware-free Facebook.
You'd pay $744 per year to use Facebook? You don't say.
My airline charges me for the flight, then prints out an ad on the boarding pass. I wasn't aware that businesses had to pick one way of monetizing users. I don't like that this has become the way the internet is bankrolled, but all my data is being snooped the minute it leaves AT&T's network, so what do I really care if AT&T gets in the game too?
> And they're making billions from it, too.
I don't find this argument wildly compelling in light of Facebook's 25% profit margin, versus AT&T's 11% margin.
> You'd pay $744 per year to use Facebook? You don't say.
As a 30-something with a kid, I have to admit my primary use of Facebook is sharing pictures of my daughter and my friends' kids. But Facebook benefits from powerful network effects. It's the only site my parents, my wife's parents, and my family in Bangladesh regularly check, and they demand regular baby updates. As a practical matter, I have more ISP choices than social-networking choices.
Profit margin is very important in this context, because it's indicative of how much of the money you pay as a customer turns into profit in some shareholder's pocket. If you're using profits as justification for the claim that some company is gouging you, profit margin is a much more relevant metric than total profits. HP is much more profitable than Facebook, but I don't think anyone would argue that they're gouging customers. They sell products at razor-thin margins in an insanely competitive market.
That's BS. First off, AT&T already has a business model! And they're making billions from it, too.
Google already "snoops" on you, FB snoops on you, so why not AT&T for a discount? Google and FB offer "free" services as long as they snoop on everything you do, AT&T offers a discount. Capitalism at its best. Don't like the cheaper snooping offer? Pay more. Or don't choose AT&T.
The average users stands no chance of avoiding Google between the search, Youtube, Analytics, Adsense, Doubleclick, Android etc etc...More or less, 100% of sites have one of those installed. So why shouldn't AT&T make you an offer too? Take it or leave it. Surely Google would still be wildly profitable if they tracked you 30% less and /or if they showed less ads.
I'd say it's pretty naive to think that they won't store the data and sell it at some point anyway. Why wouldn't they? There are little, if any, legal ramifications for them. By paying extra for 'privacy', you're just encouraging the bad behavior to begin with. Talk about social engineering..
If they've been giving a copy of our packets to the NSA for years, this isn't really that big of a deal with all things considered.
Personally, I would never use AT&T for broadband at home again. I'll always go with their competitor and I wish other people would do the same. Their motto should be: monopolize and do evil whenever possible.
Difficult situation. I've already decided I will never move to any location, anywhere, where AT&T, Verizon (even FiOS), or Comcast are my only viable options. I hate all of those companies and will never, ever give them a single penny.
Even CenturyLink (my current ISP, who happens to be the only choice here besides Comcast) is starting to piss me off lately, but what the hell am I going to do about it...
comcast charges netflix for interconnects, not prioritization, and everyone is up in arms, but AT&T performs NSA-style deep packet inspection to fuel ads, unless you pay a ransom, and everyone is basically ok with it.
This is why I don't think we're ready to pass net neutrality legislation.
While I'm not a fan of the telecoms, AT&T shouldn't be getting flak for this. Google is snoop-by-default (not holding it against them, they are a company looking for profit just like any other), at the very least, AT&T is making the choice here clear.
It looks like the same snooping that's in all the other google apps (whether to serve you ads or otherwise). I'm glad that it's out in the open, and hopefully it causes people to think about the value of their privacy (and feel a little bit more paranoid about their lack of it)
I'm not sure who said it first, or where I heard it, but the belief that "everything google does is a loss leader for adwords" holds true here -- this is why I believe they're going to snoop-by-default, and not think twice about using your data as it flows through their fiber.
I agree that it's ok to give users a discount for giving up privacy. The problem, in this case, is how hard to tell: what level of privacy you're giving up, how they'll deliver the ads and that there's "private" option. Google does not have to meet the same standard as they do not have a "private" version (except google apps).
If AT&T presented this as $179 + $50 for normal, or $150 + $0 "with special offers" (think kindle model), I think people would be much less worried.
So unless you win the Google lottery you have a choice between having AT&T watching your every packet or Comcast's Standard "Oil" Cable monopoly in progress. No Google for me so it's essentially a Hobson's choice for me.
I don't know why people think Google will be any better.
Sure, now they're all about unicorns and rainbows, and talking the good game to get into what is a very capital heavy market. I can easily see Google switching to this exact same model to inject Adwords and extract even more money from subscribers once they're hooked. The difference is Google won't let you opt out.
I'm not even clear on whether ATT lets subscribers opt out. Does the offer say you can opt out of the wiretapping or that you can opt out of only the targeted ads? If you care about privacy, the DPI is the enemy, and the ad-targeting is irrelevant (you already have the ability to not retrieve ads, just blacklist the ad servers). But if what ATT offers for the higher price is only to not target ads, they'll trick most people into thinking they still have privacy, while the DPI is applied to everyone.
It's the difference between tracking only by server/client tricks (IP, cookies, hit logs etc.) vs. tracking by the ISP. The former can be avoided by client config, the latter only with a VPN.
Even if they let you supposedly opt out of the DPI, who trusts a corporation like this? And as adestefan notes, where do people get the assumption that Google is not doing the same?
It says that if you don't opt out they collect " webpages you visit, the time you spend on each, the links or ads you see and follow, and the search terms you enter" - but there is no statement that they're not collecting that info if you opt out. All they promise for opting out is not targeting ads with that data.
Yeah, but you'd pay about the same price for gigabit ethernet from a company that isn't trying to kill net neutrality. I'd much rather google spy on my web browsing (they probably do with chrome anyway), than Comcast.
Unless you're part of the minority that doesn't use Google for search, you're pretty much saturated with AdWords. I mean, maybe they'll add more ads on search result pages, knowing you can't switch away?
Google dominance in the ISP market will probably have its own share of problems for consumers, but I hazard that they will be different and less infuriating problems than what we get with the current status quo.
Or you can just not subscribe to AT&T. Austin's a great example of a place where customers have choice. Cable provider(s?)/AT&T/DSL/Google Fiber/LTE/LTE/LTE/LTE.
Google might be doing the same thing to everyone with Google Fiber. The solution is to encrypt everything. Smother this business model in the crib by making packet inspection worthless.
What is more concerning is how AT&T actually serves those targeted ads. Are they injecting ads into pages and modifying HTML? That seems like an incredibly disastrous procedure which would hopefully get them into trouble with content providers and even the FCC. I surely hope that's not the case.