Comcast Insists It's An Innocent Little Daisy On Consumer Privacy

Privacy

from the zero-credibility-left dept

Both Mozilla and Google have begun pushing encrypted DNS via their respective browsers, making it more difficult for outsiders to monitor and/or monetize your daily browsing habits. Not too surprisingly the broadband industry, which has a long, proud history of covertly collecting and selling this data, isn’t particularly happy about this evolution. With the help of unskeptical news outlets, telecom lobbyists have been trying to convince the government that what Mozilla and Google are up to is somehow nefarious, going so far as to (incorrectly) claim the move is even an antitrust violation.

Last week, Motherboard published Comcast documents highlighting how Comcast has been also trying to convince gullible lawmakers that the move to encrypt DNS traffic somehow poses a threat to national security and the sacred DC tech policy pixie dust that is 5G:

“The unilateral centralization of DNS raises serious policy issues relating to cybersecurity, privacy, antitrust, national security and law enforcement, network performance and service quality (including 5G), and other areas,” Comcast said in the presentation. “Congress should demand that Google pause and answer key questions,” a section of the presentation reads. “Why is Google in such a rush?” reads another.

But Comcast’s claims are false. Neither Google nor Mozilla are forcing their browser users to do anything. Users are simply being presented with the option to encrypt their DNS traffic — if their current DNS provider supports it. The move would not switch users to Google’s DNS servers by default, either, so the centralization claim is false. In short, you’ll be surprised to learn, Comcast is lying about what the proposal will do. Why? It makes it harder for the telecom sector to spy on — and monetize — your daily browsing behavior.

In the wake of the leak, Comcast published a new blog post attempting to frame itself as an innocent little daisy on consumer privacy issues, going well afield to pretend that it doesn’t actually monetize its users data:

“We play an important role as an Internet Service Provider in connecting you to whatever you want to do online. Whether you?re browsing the Internet or managing your connected home, we?re always working to protect your privacy and keep your information secure. We?re in the business of giving you a great Internet experience with products and services like xFi?s parental and WiFi control features; we are not in the business of selling your information.”

The blog post is painfully careful with word choice as the company attempts to pretend it doesn’t monetize user data. For example throughout the post Comcast carefully insists it doesn’t track the websites you visit “through your broadband connection,” though it’s possible to track that same data at the heart of Comcast’s network (technically not “your connection”). Similarly, Comcast insists it “deletes the DNS queries generated by our Internet customers every 24 hours,” even though 24 hours remains plenty of time to monetize that data. And the company insists it doesn’t “sell information that identifies who you are to anyone” — an obvious nod to the fact that Comcast anonymizes this data first before selling it (researchers have long noted this data isn’t really anonymous).

As Comcast attempts to vilify efforts to secure DNS, it’s attempting to lean on privacy credibility it doesn’t actually have. If Comcast’s such a big fan of privacy, why did it lobby ferociously to eliminate modest and popular FCC broadband privacy rules in 2016? Comcast has also expressed interest in charging users more money to protect their privacy, in effect making privacy a luxury option. Privacy has long been the last thing on the mind of most major telecom players, who’ve historically seen zero real oversight as they repeatedly lie about what they do with subscriber data.

Even if Comcast was being honest here (which researchers, Google, Mozilla, and consumer groups all say they’re not), between the privacy and net neutrality fights, the company has made it abundantly clear it no longer has serious credibility on policy issues. Meaning that even if Comcast engineers had legitimate concerns with how encrypted DNS is being implemented, the company’s repeated policy falsehoods have ensured nobody’s going to be believing them anytime soon.

Filed Under: dns over https, doh, encrypted dns, isps, privacy
Companies: comcast