Even if you’re not a “news” person, you have probably been made aware of the recent decision in Congress to allow internet service providers (ISPs) to snoop your online life. In effect, your privacy is now up for sale. Every action or activity you perform on the internet is now freely accessible for use by your local phone company, cable company, or whoever else you are paying to provide your internet service.
What is changing?
Functionally…not much. ISPs have always had access to information regarding your online activity if they really wanted it. But before now, the law required them to get permission from you to see it or use it without a court order. After this week, ISPs no longer need permission from you to use this data in any way they see fit. Most likely it will be sold for marketing purposes, but there are no restrictions in place regarding how your personal data can be used.
What (specifically) can ISPs see?
In a nutshell, ISPs can see what websites you visit, what services you use, and in some cases what you type, click, and see on a specific website. Going to zappos.com? Expect to see more shoe ads…possibly even in your physical mailbox. (Remember, your ISP has your mailing address.) Were you playing XBox Live well into the night? Don’t be surprised when your kids see more video game ads creeping into their YouTube viewing. (They’re using the same ISP you are.)
These things may not bother you much, but what about specific information you type into a browser, like passwords and other personal information? That’s visible now unless the site you’re visiting is SSL secured.
How can you tell if a site is SSL secured?
When a site is SSL secured, the box where you type the URL will have an icon (usually a green lock) followed by “https://”…not just “http://”. If you don’t see a security icon followed by “https://” then your entire activity on that site is accessible to your ISP. This includes passwords, credit card numbers, and text entered into forms. It also includes information you receive such as text and pictures.
If you DO see a green lock icon, then your activity is safe from your ISP’s prying eyes. They can still tell if you’re on a specific site, but if the site has a green lock icon and begins with https://, then your activities on that site are hidden.
If I run a website, how can I get that green lock to show up?
You’ll need to contact the company that’s hosting your site. Most hosting companies offer SSL encryption for a fee, but it’s something that has to be set up on the server. Unless you have access to the back end of your server, it’s not a DIY process.
What if ThirdSide is hosting my site?
Then you’re all set. In order to ensure the customers of our clients have the highest possible level of privacy, we are doing the following:
- Beginning April 1, 2017, all new ThirdSide-hosted sites will be launched as https:// secure sites at no additional charge.
- Between April 1, 2017 and May 1, 2017, all ThirdSide clients who are hosted and maintained by us will be migrated to https:// secure hosting at no additional charge.
- If we provide maintenance for your site, but not hosting, please contact us. We will coordinate with your hosting provider on your behalf to have SSL encryption set up. Please note your hosting provider may have additional fees for this.
We don’t want any of our clients’ site visitors to feel unsafe visiting any of our sites. We believe the internet was created for commerce and freedom of expression…not as a tool for ISPs to peek into our personal lives or the lives of our clients.
If you have any questions regarding the security of your website, please feel free to contact us.
