The Federal Trade Commission (FTC) found that the six largest internet service providers (ISPs) in the U.S. collect and share customers' personal data without providing them with info on how it's used or meaningful ways to control this process. "Many internet service providers (ISPs) collect and share far more data about their customers than many consumers may expect—including access to all of their Internet traffic and real-time location data—while failing to offer consumers meaningful choices about how this data can be used," the FTC said. This was found as part of a study, started in 2019, into the privacy practices of U.S. broadband companies and related entities and how they collect, retain, use, and disclose info about consumers and their devices. The six broadband providers included in FTC's report are AT&T Mobility, Cellco Partnership (aka Verizon Wireless), Charter Communications Operating, Comcast (aka Xfinity), T-Mobile U.S., and Google Fiber. The FTC also included in the study three advertising entities affiliated with these companies: AT&T's Appnexus rebranded as Xandr, Verizon's Verizon Online, and Oath Americas rebranded as Verizon Media. Together, the six companies currently control roughly 98 percent of the nation's mobile Internet market, according to the FTC. The FTC also noted that these tech giants have expanded beyond fixed residential internet and mobile internet services into other areas. By including voice, content, smart devices, advertising, and analytics services, they could further increase the volume of customer data they can collect and share with third parties. Troubling data collection, protection, and sharing practices "The report identified several troubling data collection practices among several of the ISPs, including that they combine data across product lines; combine personal, app usage, and web browsing data to target ads; place consumers into sensitive categories such as by race and sexual orientation, and share real-time location data with third-parties," the FTC said. As the FTC further discovered, the ISPs amass huge pools of sensitive consumer data and use it in ways their customers do not expect and could cause them harm, primarily when classifying them by demographic characteristics, including race, ethnicity, gender, or sexuality. Although many ISPs claim to offer consumers choices, the choices they provide are often a sham, at times nudging them toward even more data sharing. "Even though several of the ISPs promise not to sell consumers personal data, they allow it to be used, transferred, and monetized by others and hide disclosures about such practices in the fine print of their privacy policies," the FTC added. "For example, several news outlets noted that subscribers' real-time location data shared with third-party customers were being accessed by car salesmen, property managers, bail bondsmen, bounty hunters, and others without reasonable protections or consumers' knowledge and consent, according to the report." Furthermore, because of their problematic privacy practices and protections, they can be at least as privacy-intrusive as large advertising platforms, given that they have direct access to their consumers' entire unencrypted internet traffic. Even when connecting to sites that encrypt their traffic or using VPNs, ISPs can still collect the domains their customers connect to and analyze their browsing behavior. Turn to OUR FORUM to learn more.