Don’t let internet service providers sell your browser history

Support HB 230, which would reinstate protections on your internet browser history recently repealed by the FCC

This bill would force internet service providers (ISPs) to be clear with you about what information they’re collecting, and to notify you and seek your permission before providing your personal information to advertisers or any other entity.

HB 230 would make it an illegal for ISPs to treat you any differently as a customer if you decline to allow them to sell the information on how you use your cell phones, computers, laptops, and tablets.

These are the basic minimum protections.  Using the internet does not provide your ISP with free rein to own information about your searches, your browsing habits, your likes and interests.

Some telecom companies are claiming that they don’t sell your personal information.  If that’s true, why are they working so hard here in Alaska to lobby against it?  And although they claim these should be regulated on a nationwide basis, good Alaska privacy law will help the country by raising the standard.  We’ve been a frontrunner on privacy rights for decades. It is time for us to rise up and call on the Alaska Legislature to stand up for what we Alaskans have made clear since before statehood: It’s our data, let us know what’s being done with it.

If you’re interested in this issue, you should also look at HB 328, which would require private companies to notify you before they use or collect your location data or your fingerprints, face images, or other physical characteristics.

What can you do?

  • Call your Representative and your Senator and tell them to protect Alaskans’ privacy by supporting HB 230.
  • Get notified when there are hearings on HB 230.
  • Testify and tell the Legislature that you want them to ensure that you have control over your browser information by supporting HB 230.

Subscribe to get updates.

Protect Net Neutrality

Information and communication are the life blood of our democracy. Over the past several decades, the internet has exploded and become most Americans’ primary source of information sharing and gathering, whether it’s in their work, watching videos or streaming entertainment, chatting or skyping with friends, or sending email.

In December 2017, the Federal Communications Commission struck a death blow to that system as we know it. The FCC eliminated rules that would have prevented telecom companies and internet service providers (ISPs) from selecting certain content for faster speeds, or from offering it at all. Under this new regime, it is now is the companies’ decision whether to slow down access to certain websites, to charge more for some content, or to block them altogether.

These are not just risks, these have actually happened. In the absence of net neutrality protections, both in the United States and abroad, we have seen content slowed or blocked based on political views or corporate interests of these companies:

  • AT&T censored a live Pearl Jam concert stream in response to criticisms of President George W. Bush by the band’s lead singer Eddie Vedder;
  • Verizon blocked text messages from the pro-choice advocacy group NARAL because Verizon deemed them to be “controversial”;
  • Telus, a Canadian Telecom company, blocked the website of a union with which it was engaged in a labor dispute;
  • AT&T limited its customers’ use of FaceTime to coerce them into buying more expensive data plans; and
  • AT&T, Sprint, T-Mobile, and Verizon all blocked mobile wallet applications, like Google Wallet, that competed with their own mobile wallet application.

This new regime threatens to give totalitarian control over the largest information sharing platform that we know in 2018—the internet—to telecom companies. Net neutrality would restore the system that we have enjoyed for many years: a free and open internet. Despite overwhelming bipartisan support for net neutrality, Lisa Murkowski and Dan Sullivan have expressed opposition to it, while receiving $66,250 and $10,550 in campaign donations from telecom industry.

On February 1, 2018, the ACLU of Alaska called on Governor Bill Walker to join the governors of Montana and New York in ordering internet service providers with state contracts to protect net neutrality.

There are three separate bills now before the Alaska Legislature. House Bill 277, would require telecom providers to follow net neutrality rules. The other two, House Joint Resolution 31 and Senate Joint Resolution 12, would call on Congress to reverse net neutrality.

What can you do?

  • Join the ACLU by calling Governor Bill Walker and asking him to enact an Executive Order restoring net neutrality in Alaska.
  • Call your Representative and your Senator and tell them to restore the free and open internet by supporting HB 277, HJR 31, and SJ12
  • Get notified when there are hearings on HB 277, HJR 31, and SJ 12.
  • Testify and tell the Legislature that you want them to stand for a free and open internet by supporting net neutrality

Subscribe to get updates.

Location Data and Fingerprint or Facial Recognition Privacy

House Bill 328 would protect Alaskans’ privacy right by requiring any person or company to notify an individual before collecting information about their travel habits through location data gathered in their cell phone (even if they are not using maps applications), and physical characteristics about you like your fingerprints, voice, iris or retinal images, for example.

While this would not limit law enforcement or the DMV from conducting facial scans of drivers license photos, it would prohibit private entities from collecting, using, or selling this information about you without your permission.

What kind of location data would this protect about you?  If you have a Google account, you can log in and find out some of the ways Google has tracked your location here.  But it’s not just Google and Facebook that track our data. 76% of websites now contain hidden Google trackers, and 24% have hidden Facebook trackers, with news sites having the most trackers.  This gives these companies the ability to amass huge data profiles on each of us, including our interests, purchases, search and browsing histories, and much more.

If you’re interested in this issue, you should also look at HB 230, which would prevent ISPs from selling this kind of data about you without your permission.

What can you do?

  • Call your Representative and your Senator and tell them to protect Alaskans’ privacy by supporting HB 328.
  • Get notified when there are hearings on HB 328.
  • Testify and tell the Legislature that you want them to protect your sensitive data by supporting HB 328.

Subscribe to get updates.

Protect Your Online Information

While we can’t achieve the kind of privacy that Alaskans would expect without real legal change, there are a few things that you can do to improve your online privacy.

Please note that although we mention a few services below, we don’t endorse any particular services or products as they can change rapidly.

  • Install software updates.
    One of the most common ways hackers attempt break-ins is by exploiting known flaws or bugs in the various applications that are installed on a computer. When responsible application designers learn about such vulnerabilities, they issue a patch to fix the matter. That’s why it’s important to keep all of the software on your devices as up-to-date as possible.
  • Use search engines and other services that don’t track you.
    Not all web services are created equal when it comes to privacy. Many major search engines (including Google, Yahoo and Bing) store both your IP address and all the search terms you’ve used — an extremely revealing and usually sensitive set of data. As an alternative, consider using a search engine that doesn’t track your activities, such as DuckDuckGo,Start Page, or Disconnect.
  • Use a password manager.
    With password crackers able to try billions of passwords a second, strong unique passwords for every account you use are a key part of good security. But strong passwords are very hard to remember, which is why people often make the understandable mistake of using the same password for multiple accounts. If you reuse any password across two accounts, then a compromise of one service can lead to a compromise of the other service. Thankfully there’s an easy solution. Experts suggest that everyone use a password manager that will automatically create and keep track of strong passwords for the many sites and services that we use. Various password manager options you might consider are included in this list.
  • Use “Two-factor authentication.”
    Strong, unique passwords for each site are a good start toward protecting your personal information, but your account can still be hacked if someone can obtain your password, for example, by sending you a phishing link that trick you into revealing your password. One of the best ways you can protect your account from hacking and your emails and other private data from theft is by turning on “two-factor authentication,” which requires an additional source of verification besides the password before granting access to your account—typically each time you log on from a new computer. Often this second source of verification takes the form of a code sent to your phone, a popup you have to click on from your phone, or, most secure of all, a $10 USB token that you insert into your computer. A growing number of online services offer two-factor authentication, including most of the big providers such as Google, Facebook, Dropbox, Apple iCloud and Twitter. If you haven’t turned this on yet, do it.
  • Don’t sign into your web browser or web service.
    Signing into a browser or web service, such as Gmail or Facebook, while you surf allows that service to easily track what you do and where you go online. Sign in only when you specifically need to do so.
  • Delete cookies and browsing history.
    Cookies are small files saved on your device by your browser so it will remember things about you. They are useful for many things but are also used by advertising networks to track you. By deleting all of your cookies as well as your browsing history, you can reset the memory of the systems that track you. Use the help menu of your browser to find out how to delete your cookies and browsing history.
  • Use encryption.
    By using encrypted messaging communications where possible, you eliminate numerous sources of surveillance and tracking. Consider using Signal for encrypted cellphone and text message communication and using Tor to surf the web. An added benefit of surfing the web with Tor is that it defaults to using a privacy-preserving search provider.
  • Use free and open source software.
    Open-source applications are typically not-for-profit, and their computer code is open for anyone to inspect. This transparency reduces the incentives and ability of companies or others to turn seemingly innocuous software into a mechanism for spying.
  • Don’t use strange internet-connected devices — computers, laptops, tablets, smartphones, etc. — to connect to your personal accounts.
    Typing your password into a public workstation at a hotel, an internet cafe, or even a friend’s house means that anyone who has taken control of that machine now knows your passwords.
  • Make use of browsers’ “private browsing” or “incognito” mode.
    Using this setting where possible won’t protect you from all tracking by services you use within the session (or from tracking by your network provider), but it will avoid leaving traces on your local machine. Using a private browsing mode also means that identifying yourself to a service during that session is less likely to be linked to your activities in other sessions. Look in the help menu of your browser to find out how to browse privately.

Remember: You will never achieve absolute security from privacy invasions, but you can make great gains in fighting surveillance by government, companies, or hackers with some of the steps above.

Urge Alaska to Adopt an Electronic Communications Privacy Act

Federal laws protecting Americans’ electronic communications date back to the mid-1980s. Developed before computers and cell phones, these laws are so antiquated that they simply are not up to the task of protecting Americans’ privacy. For example, because of the methods by which email was accessed in the 1980s, under federal law, any emails that are more than 180 days old are considered “abandoned” and law enforcement does not need a warrant to read them. Today, emails in our inboxes grow by the day. A state Electronic Communications Privacy Act (ECPA) empowers states to provide reasonable privacy protections for their citizens’ emails and other electronic information where federal law has failed to do so.

Existing privacy laws require the police to get a warrant before searching the file cabinet or computer in your house or the letters your mailbox; now that technology has advanced, state laws need to be updated to require the same warrant protections when the police want to track or search your phone or read your emails, text messages or other digital documents.

Would it bother you if a government official entered your home, found and accessed your smart phone and personal computer and then searched through all the emails, texts and instant messages you sent from both devices? Of course it would. And you should feel exactly the same way about the government doing that secretly from a distance.

We encourage the Alaska Legislature to adopt an ECPA to ensure that blanket data gathering by law enforcement agencies without a warrant does not happen in Alaska. Alaska residents should no longer have to choose between using technology and keeping their personal lives private.

What can you do?

Call your Representative and your Senator and tell them that you encourage them to create an Electronic Communications Privacy Act, to require warrants before police access your sensitive electronic information.

Subscribe to get updates.

Make Your Personal Voter Registration Info Confidential

Right now, for $20 anyone can buy Alaska’s voter file and with it your personal information including your name, personal and mailing addresses, party affiliation, and voting history.

Senator Anna MacKinnon has introduced Senate Bill 192 (SB 192) which would allow Alaskans to bar the state from sharing their personal and mailing addresses by simply checking a box when they register to vote.

The sponsor statement states:

Article I, Section 22 of the state constitution states, “The right of the people to privacy is
recognized and shall not be infringed.”

Senate Bill 192 proposes to strengthen the privacy rights of Alaskans by providing an opt-out
provision that ensures confidentiality of their physical and mailing address and increases the fee
charged by the Division of Elections for the voter registration list and the list of individuals who
voted in an election.

Currently in Alaska, anyone can request a voter registration list from the Division of Elections
for a nominal fee of $20. That list includes a voter’s full name, residence or mailing address,
party affiliation, district, precinct, gender, and a 10-year voter history. In some instances, this
information is being used to track individuals and placing them in unsafe situations.

This legislation aims to protect all Alaskans, especially vulnerable citizens, survivors of domestic
violence and sexual assault, individuals serving the public such as healthcare providers, law
enforcement officers, military service members, judges and court personnel, and elected officials
from potential threats, stalking, or even violence. Certain local, state, and federal government
agencies will continue to have access to this information to maintain specific programs and
services.

Thirty-nine other states have varying forms of protection for their voter information. Alaska
state statute allows for a physical address to remain confidential if a separate mailing address is
provided, such as a post office box. However, a post office box can still indicate a voter’s
community of residence, further hindering some of your constituents and mine from registering
and exercising their right to vote to protect their privacy. Senate Bill 192 seeks to address this
issue by providing Alaskan voters an opt-out provision to keep their physical and mailing
addresses private.

Thank you in advance for your support of this important legislation.

What can you do?

Call your Representative and your Senator and tell them that you encourage them to support SB 192.

Subscribe to get updates.

“The right of the people to privacy is recognized and shall not be infringed. The legislature shall implement this section.”

Article 1, Section 22 of the Alaska Constitution.