Federal regulations designed to give you more control over your web browsing history and other personal information may soon be eliminated.
There are steps you can take to protect yourself — but you’ll have to do more than set your browser to private mode. And there is no perfect solution, experts agree.
The House of Representatives voted Tuesday to repeal Internet privacy protections that were approved by the Federal Communications Commission in the final days of the Obama administration, following a Senate vote last week to roll back the rules.
The protections would have required internet service providers, such as Comcast ( or CenturyLink, to ask for permission before tracking and selling users’ information. The resolution now goes to President Trump’s desk, and the White House said Tuesday it “strongly supports” the repeal. )
The information in question includes everything from where you are to what you’re looking at online. A provider could infer that you’re sick, for example, because you looked at WebMD.
The FCC approved the rules in October, and they had yet to go into effect. If the House also votes to eliminate them, any provider will be able to track and sell your data without telling you.
The steps in Congress would remove an extra safeguard at a time when people are using more and more internet-connected devices and providers are investing more in targeted advertising.
You probably already know that companies like Facebook (Tech30) and , Google ( use your data to target their ads. There are a number of tools, including )Privacy Badger and Disconnect, that prevent advertisers from tracking your activity. But they will not block your service provider from collecting your data.
Further, browsing in “incognito” or private mode does not prevent your internet provider from knowing which sites you visit. Private mode only prevents the browser you are using from storing your internet history. (Comcast will still know when you view adult content, even if Chrome forgets.)
The technology to get around the providers is complicated.
“There are pretty easy and free ways to stop tracking online from advertisers,” says Jeremy Gillula, senior staff technologist at the Electronic Frontier Foundation. “The technical ways to stop your ISP from tracking you are limited and cumbersome.”
So what can you do? Using a tool called a virtual private network, or VPN, will protect your online activity from anyone who might want to look at it, including internet providers.
But do your research before you pick a VPN. Sometimes they claim to cloak your traffic but their privacy policies allow them to track and sell your information to advertisers. That’s how many free VPNs make money. (Privacy is easier for those who can afford it.)
Read the fine print: Does the company promise not to log your activity? Does it include information about selling your activity to advertisers?
Kenneth White, an internet security engineer and director of the Open Crypto Audit Project, says to avoid tools that use terms like “NSA-proof,” “hacker-proof,” “military-grade encryption” and “total anonymity” in their marketing.
“There is a long history of ‘free’ VPNs that prey on innocent consumers’ concerns about security and cynically make them less safe,” White says. In 2015, a VPN called Hola was found to be turning customers’ computers into a botnet, or a group of hijacked devices that can be used for hacking.
Another option Gillula suggests is privacy software called Tor. It makes your online activity anonymous, meaning it can be collected, but not associated with you.
Nothing is unhackable, but the code for Tor is open and transparent, meaning that many people have analyzed it, and you can be sure it does what it promises to.
Editor’s Note: This article has been updated from its original published on March 24.
CNNMoney (San Francisco) First published March 29, 2017: 9:48 AM ET