The Hidden Costs of Connectivity: Big Corporations Profiting from Your Data

In today's digital age, our personal data is more valuable than ever. Internet service providers (ISPs), telephone companies, and other big corporations profit from our data without our explicit consent. This practice raises serious concerns about privacy, transparency, and consumer rights.

Today, the Federal Communications Commission (FCC) imposed fines on the nation's largest wireless carriers for unlawfully sharing customers' location information without consent and failing to protect it from unauthorized disclosure. Following the investigation, Sprint and T-Mobile, which have since merged, face fines exceeding $12 million and $80 million, respectively. AT&T has been fined over $57 million, while Verizon faces a fine of almost $47 million.

“Our communications providers have access to some of the most sensitive information about us. These carriers failed to protect the information entrusted to them. Here, we are talking about some of the most sensitive data in their possession: customers’ real-time location information, revealing where they go and who they are,” said FCC Chairwoman Jessica Rosenworcel. “As we resolve these cases – which were first proposed by the last Administration – the Commission remains committed to holding all carriers accountable and making sure they fulfill their obligations to their customers as stewards of this most private data.”

Current practices

ISPs and telephone companies collect a vast amount of personal data from users, including browsing history, call records and location data. This data is then monetized through targeted advertising and other means, often without the user's knowledge or consent.

Concerns and risks

The unauthorized sharing of personal data poses significant risks to consumers, including identity theft, fraud, and invasion of privacy. Additionally, the lack of transparency in how companies use and share data makes it difficult for consumers to protect themselves and make informed choices.

Legal and regulatory framework

The Federal Communications Commission (FCC) has established rules and regulations to protect consumer privacy and data security. However, these regulations have gaps and shortcomings, allowing corporations to exploit loopholes and profit from user data without facing significant consequences. The FCC's approach to regulating data privacy and security has been criticized for being reactive rather than proactive. The agency typically only takes action against companies after a law has been broken and significant harm has already occurred to consumers. This reactive approach means that companies often escape regulatory scrutiny until after the damage has been done, leaving thousands of consumers vulnerable to privacy violations and data breaches. Critics argue that the FCC needs to take a more proactive stance, enforcing stricter regulations and penalties to deter companies from engaging in harmful data practices in the first place. The author agrees!

Other notable examples

Most service providers collect data in order to provide services, but this article focuses on what they do with that data and if any transparency exists for the typical user in the US. Corporations like Google, Facebook, Amazon, and Microsoft have control of massive amounts of very personalised data in real-time. Companies that control significant amounts of personal data often prioritize the temptation to sell that data over the goal of being a responsible social entity.

Google, once known for its slogan "do no evil," has faced criticism for its data practices. Despite changing its slogan to "do the right thing," Google's data collection and usage policies continue to raise concerns about privacy and transparency.

Apple, on the other hand, has positioned itself as a champion of user privacy and security. The company uses the idea of security as a major selling point for its products, emphasizing its commitment to protecting user data from unauthorized access.

EU vs. US Laws:

The European Union has taken a more proactive approach to data privacy with the implementation of the General Data Protection Regulation (GDPR). The GDPR provides stronger protections for consumer data and requires companies to obtain explicit consent for data collection and processing. In contrast, the United States lacks comprehensive federal data protection laws, leading to a more fragmented approach to data privacy regulation at the state level.

Fixing data protection in the US

The future of personal data protection in the US is likely to be shaped by several key factors, including technological advancements, regulatory changes, and evolving consumer expectations.

There is a growing awareness of the need for stronger data protection laws in the US, similar to the European Union's General Data Protection Regulation (GDPR). Several states have already passed their own data protection laws, such as the California Consumer Privacy Act (CCPA), and more states are likely to follow suit. Federal legislation may also be introduced to create a unified framework for data protection across the country.

Consumers are becoming more aware of how their data is being used and are demanding more transparency and control over their personal information. Companies will need to be more transparent about their data practices and obtain explicit consent from users before collecting or processing their data. Brand damage is a big concern on social media and typical chat groups and in news and headlines such as the fines above.

There will be an increased emphasis on data minimization, which involves collecting only the data that is necessary for a specific purpose, and implementing strong security measures to protect data from breaches and unauthorized access.

The concept of privacy by design, which involves considering privacy and data protection issues from the outset when designing products or services, is likely to become more prevalent. Companies will need to integrate privacy considerations into their product development process to ensure that data protection is built into their products and services. This keeps the power in the hands of the manufacturer, gaining recognition today versus waiting for a legal framework to force the issue.

The emergence of new technologies like artificial intelligence (AI), the Internet of Things (IoT), and biometrics presents novel challenges for data protection. AI-driven data collection is often rapid, sometimes overlooking copyrights, trademarks, and other legal protections that would typically require consideration before data use. However, AI training models may not be designed to differentiate these nuances. Regulators must tackle these challenges and update data protection laws to mitigate the specific risks posed by these technologies.

Overall, the future of personal data protection in the US is likely to be characterized by stronger regulations, increased transparency and control for consumers, and a greater emphasis on data security and privacy by design. Companies must take this into their own control and no longer risk public backlash or legal challenges by simply adding transparency to their policies, assuming there is nothing to hide!