What Can You Do to Protect Your Data from ISPs?

In April 2017, President Donald Trump signed a resolution, S.J.Res.34, that repealed FCC online privacy protection rules forbidding internet service providers from doing what they wish with internet users’ browsing histories (online activity or search history), including shopping habits and location.

“The cancellation and withdrawal of these rules put all of us at serious risk,” says Michael Bien, an attorney at Rosen Bien Galvan & Grunfeld in San Francisco. “The rules were designed to limit and restrict what companies could do with your personal data.”

What Are Internet Service Providers?

When you connect to the internet, you use an internet service provider (ISP). These providers are most often cable and telephone companies.

“Basically,” says Bien, “everything you do to access the internet goes through their system before it gets to Google or Facebook or wherever you’re going to. They have 100 percent access to all of your information—every keystroke, every website, every financial transaction, every email that you send.”

What Were the Proposed Privacy Protections?

The proposed FCC protections that President Trump repealed weren’t going to limit access to information for the companies but rather make sure they were being transparent about what data they were using. “People have gotten used to a lot of invasions in privacy,” Bien adds. “I think that these regulations were designed to at least make this transparent. You could at least choose not to let a company use your information.”

Among many other things, the regulations ensured that ISPs were keeping up to date with proper security measures and alerting the government and their customers if they experienced a data breach from hackers.

“Any time a government agency or a private entity is collecting mass amounts of information about us, we all should be concerned,” says Bien, “because no matter how well-intentioned they are and how wonderful the purpose may be, that information can be accessed by somebody— whether it’s a government entity or private party or a foreign government. Once the information exists, it can be tapped—with or without a court order.”

Options To Protect Your Internet Privacy

A virtual private network, or VPN service, is one option to protect your internet activity. Essentially, a VPN protects your internet data by acting as a firewall, and it replaces your IP address with that of the VPN provider. “They have their own risks,” says Bien. “It’s not a perfect solution, but does provide some protection.”

Another option is individual action: “I think, as a customer in California, you should demand that your company tells you what they’re doing with your data,” says Bien. “A tool we have as consumers is to organize and respond… Find out what your company is doing and protest. We’ve seen some of this recently, where companies reacted to a strong attack against some corporate practice on [X, formerly Twitter], Facebook, or in the media.”

Ongoing Developments in Data Privacy Laws

Meanwhile, data privacy and internet laws have continued to evolve in California and at the federal level. In 2020, the California Consumer Privacy Act (CCPA) went into effect. In April 2024, the FCC reinstated net neutrality rules it had repealed under the Trump administration, while Congressional negotiations over a comprehensive federal data privacy law resumed.

Find Experienced Legal Help

If ever you feel your rights are being violated or an internet provider is doing something illegal, it never hurts to reach out to an experienced and reputable attorney. To learn more, see our articles on data collection and cybersecurity and our overview of consumer protection law.