The biggest beneficiary of any changes to rules and regulation pertaining to how Internet service providers (ISPs) can resell the data they collect about the browsing habits of their customers may very well turn on out to be providers of virtual private network (VPN) services.
The U.S. Congress recently voted along party lines to revoke rules created by the Federal Communications Commission (FCC) that if implemented would have required ISPs to get explicit permission before selling customer data to brokers that in turn sell that information to companies that want to better target their advertising.
That bill also goes a step further in that it prevents the FCC from making any similar regulations. Instead, all rulings relating privacy will now be in the hands of the Federal Trade Commission (FTC). That agency has been tasked with setting up privacy policies dating back to the 1970s. The similar bill to the one the Senate passed is now winding its way through the U.S. House of Representatives. If passed then a committee would meet to resolve any inconsistencies between the two versions, which would then be sent to the president for his signature. Assuming there is no veto, the law could be in place before the end of this year.
That should result in about six months of free marketing for providers of VPN services that create encrypted tunnels that prevent most ISPs from seeing what someone is doing on the Internet. They may still be able to infer some things, but by and large, it leaves the ISP blind. Usage of VPNs is not as widespread as it might be because there often viewed as being difficult to implement and manage. Most large corporations, however, have them in place. Many smaller companies, however, do not. Because of the complexity associated with deploying and managing VPNs, there’s a natural tendency among individuals and smaller businesses to rely on a VPN service.
There’s no shortage of free and commercial VPN services. Of course, there’s no substitute for implementing a VPN that your organization controls. After all, no one can be sure what a VPN service might be doing with the data it collects. But in the absence of having the IT staff needed to implement and maintain a VPN many organizations will consider a VPN service the best option.There’s no substitute for implementing a VPN that your organization controls. Click To Tweet
Of course, the biggest benefit of this controversy over privacy might wind up being better IT security. The more organizations that implement VPNs the better their overall IT security posture becomes. There’s no such thing as perfect security. But a VPN goes a long way towards improving the overall state of IT security.
IT security has always required striking to a delicate balance between protecting the end user and not becoming so intrusive that it gets in the way of what end users are trying to accomplish online. Many IT security professionals have long contended that balance given the nature of threats involved is far too skewed toward end user convenience. As the controversy surrounding privacy regulations continues to grow, it may very well turn out that a lot more end users will start to lean more towards the views held by most IT security professionals.
Mike Vizard has covered IT for more than 25 years, and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb and Slashdot.Mike also blogs about emerging cloud technology for Intronis MSP Solutions by Barracuda.