Where are the actual documents? The reasons Masnick gives in the comments are extremely unconvincing: that there's "non-newsworthy" stuff in them (ok, and?) and that he doesn't want to do to a Verizon lobbyist what the Intercept did to Reality Winner.
If he'd just included a link to the documents, I'd have been interested in his interpretation. But after making a point of how long the 12-page document was, and then getting only a few quotes, I'm wondering what he's "editorializing" out of them.
From his comment: "There was other info in the document that I don't think is newsworthy and probably is not worth releasing publicly."
He doesn't literally say it, but I think the implication is that the information is in some way sensitive or private. I suppose he could have written that sentence and it would be technically true if the "info" was like, the weather that day, but I doubt that's what he meant.
"Well, it could happen, you see, if the President of the United States were to use the power of his office to help us mold public opinion and help us get that legislation."
--Arlington Hughes
Hmm. Companies doing business all over USA like federal regulations: no need for patchwork compliance. No wonder scaled-up IP packet routing companies want to prevent states and municipalites from imposing their own regulations.
Masnick took what could have been a great piece to use against telcos, and turned it into an embarrassing attempt to defend Google/Facebook at all costs. His claim that Google and Facebook know less about you than your ISP would require you to pretend that encryption and Google Analytics / Facebook's "pixel" don't exist.
It's worth nothing that the vast majority of Americans have their internet setup as defaulted. So, every DNS request goes to the ISP's DNS servers (your ISP knows every single domain you visit regardless of association with Google/Facebook) and every domain name that doesn't exist winds up at the ISPs own search/not found landing page. Plus if you use your ISP's email server (like my mom) who knows if they're reading your email, too.
For some stats behind this, the most recent estimate of websites with Google Analytics is around 40 million (1). A rough estimate of the number of websites would be around 1.5 billion (2).
Not sure if you're trying to be intentionally misleading to "win" an argument here, but look at the stats for the top 1M, 100k, and 10k sites if you want to be honest about the portion of actual web traffic Google is able to capture detailed data on.
The fact that "Uncle Joe's Fishing Blog" with a total of 5 hits that weren't crawlers or Uncle Joe doesn't include GA, doesn't really mean much in the context of this discussion. The vast majority of traffic on the web goes to a very small portion of those 1.5B sites.
I was simply providing context for the point. It's also worth pointing out that quite a few of the top 1M, 100k, 10k sites do not use Google Analytics or Facebook.
DNS requests only give the hostname. Google/Facebook's analytics services get them pretty much everything about the users' interactions with sites that include them.
I'm not arguing that ISPs aren't a privacy risk or that they shouldn't be fought. I'm pointing out that Masnick damages his own credibility by making stupid claims that, in order to be believed, would require either a technically unskilled reader or one who is willing to pretend the modern web/internet works differently than it does.
Masnick attempts to frame this debate in a way where everyone who doesn't join him in ignoring/defending the privacy violations of Silicon Valley tech companies is "on the other side". It's a dishonest and shitty way to frame things, and doesn't reflect reality in any way.
ISPs have plenty of black marks against them. Lying in order to pretend ISPs are the only ones we should be fighting isn't helping anything.
It's a shame you're getting downvoted because you are correct. The dramatic acceleration of TLS adoption means that your ISP is getting less and less info about their customers' behaviors.
But if your browser has ever logged into something like Facebook or Google, then any site with embedded content will be sending info about your behavior back to them. A LOT of sites carry pixels from those companies, but anything can do it: an embedded tweet, a YouTube player, a "like" button, etc. This is on top of the info they collect from your direct interactions with them.
He's not correct which is why he's being downvoted. As TLS rolls out further I suspect you'll see more ISPs move from firewall/router devices being deployed with their service to an edge proxy under the guise of additional security, "our new routers terminate all connections before they reach your computer directly allowing us to block malware and other dangerous packets" -- while that statement is 100% true what it doesn't say which is also true is "...and allows us to see all of the information on all of your sessions and process that per the terms of our privacy policy".
Your argument is that I'm wrong because of some theoretical situation which hasn't happened, and would be near impossible for ISPs to implement without massive backlash from pretty much the entire internet/world?
You are debating a different argument than the comment you replied to makes. The argument is not "who is worse? they're both bad", it's a numerical analysis positing that the number of websites without domain names is smaller than the number of websites without Google Analytics. Your ISP tracks you every time you visit a website with a domain name. Google Analytics only tracks you when you visit a site that's enabled Google Analytics.
Then again, with Chrome, there is at least the technical possibility of Google tracking every single website you visit just as well (including http, https and now even sites that just sit on your LAN and don't hit the ISP at all)
I don't say they do, but my trust in Google not to do this isn't that much higher than ISP s not doing this.
(Though, to be fair, code doing this would probably be found rather quickly in the Chromium code. So they'd have to add it to the Chrome binary directly.)
Well they do, in point of fact. I was debugging our corporate proxy and tailing the logs for a particular site- when using chrome I matched the site string despite it being directed to bypass proxy- but not going to the site, but to google, despite putting a full url in.
Anyone wanting to truly understand what chrome is doing should run an ssl decrypting proxy on their web traffic for awhile- it is eye opening.
Masnick has a pretty severe critic of both Google and Facebook for years and it would be pretty difficult to bend his words here to try to support your claim.
Do you think an internet lobbyist would be so brazen to attempt to redirect onto Google & Facebook a discussion thread talking about the way the telcos want to redirect discourse to place blame on Google and Facebook?
If he'd just included a link to the documents, I'd have been interested in his interpretation. But after making a point of how long the 12-page document was, and then getting only a few quotes, I'm wondering what he's "editorializing" out of them.