Corporate Accountability News Highlights is a regular series by Ranking Digital Rights highlighting key news related to tech companies, freedom of expression, and privacy issues around the world.
India, U.S. mull net neutrality rules
India’s telecommunications regulator is pushing for stronger net neutrality protections, including prohibiting internet service providers (ISPs) from throttling or offering paid traffic prioritization. In 2016, the regulator banned differential pricing for certain types of internet content, which effectively prohibited “zero-rating” programs like Facebook’s “Free Basics.” The new recommendations go a step further in advocating for stronger net neutrality protections, and will be considered by the Ministry of Communications before potentially being enforced through executive orders.
In contrast, the U.S. is considering rolling back net neutrality protections put in place in 2015, sparking a new round of public debate and warnings by digital rights advocates that doing so poses a threat to the free and open internet. On November 21, Federal Communications Commission (FCC) Chairman Ajit Pai announced plans to undo the FCC’s net neutrality rules, which were adopted in 2015. The rules classify U.S. internet service providers as “common carriers” under Title II of the Communications Act, giving the FCC the authority to enforce strong net neutrality protections preventing ISPs from blocking, throttling, or offering paid prioritization for certain types of content. In an op-ed announcing his proposal to repeal the current rules, on which the FCC will vote on December 14, Pai claimed that “the FCC simply would require internet service providers to be transparent so that consumers can buy the plan that’s best for them,” but did not specify how the FCC would define or enforce transparency requirements.
Telecommunications companies should not prioritize or block certain types of network traffic, and should clearly disclose such a commitment to their users. However, findings from the 2017 Corporate Accountability Index showed that telecommunications companies often fall short on doing so. Of the ten telecommunications companies evaluated, Vodafone was the only one to clearly disclose that it does not prioritize, block, or delay certain types of traffic, applications, protocols, or content for reasons beyond assuring quality of service and reliability of the network. Net neutrality regulations are therefore an important tool for ensuring that telecommunications companies are giving equal access to all users, particularly since telecommunications companies often offer limited disclosure on the matter to their users.
Study indicates most Android apps track users
New research shows that most Android apps are likely to contain a third-party tracker. The research, conducted by French research organisation Exodus Privacy and Yale University’s Privacy Lab, looked at more than 300 apps in the Google Play Store, and concluded that more than three quarters included at least one of 25 known trackers. These trackers range from advertising trackers to tools that could be used to track users’ physical locations. Researchers also noted that several apps handling potentially more sensitive data, such as financial or health information, contained advertising trackers, but that it was unclear exactly what data was being shared.
App developers should be transparent about the information they collect from users, and should follow the principle of data minimization, limiting such collection to what is directly relevant and necessary to accomplish the purpose of their services, as well as disclosing what user information they share and with whom. Mobile ecosystem companies should also commit to evaluate the content of privacy policies of third-party apps, and require third party apps to disclose what information they collect and share with third parties. Of the three mobile ecosystem companies evaluated in the 2017 Index—Apple iOS, Google Android, and Samsung’s implementation of Android—none disclosed whether they examined the privacy policies of third party apps in their app stores to ensure they disclose what user information the app collects. Additionally, none of the mobile ecosystem companies disclosed whether they evaluate what types of user information the apps shared or with what third parties.
Website blocking request in New Zealand raises censorship concerns
Satellite television provider Sky Television is asking a New Zealand court to order telecommunications companies to block websites that host pirated content, raising censorship concerns from telecommunications companies and advocacy groups due to its potentially broad scope. The company submitted an application to the court requesting that New Zealand telecommunications companies Spark, Vodafone, Vocus, and 2degrees block target websites within 10 days. The application raised concerns from telecommunications companies and advocacy groups both over its seeking to block entire sites, and also because the section under “target websites” was left blank, making it unclear the target and scope of the company’s request. Non-profit InternetNZ called the demand an “extreme step in response to a problem of limited scale.” At least one of the telecommunications companies, Spark, has stated that it intends to oppose the blocking request.
It is important that telecommunications companies are transparent about the third party requests they receive to restrict content, and commit to push back against overly broad requests. Companies should also publish data on the number of requests they receive and with which they comply. However, the 2017 Corporate Accountability Index findings show that telecommunications companies disclosed little information about the requests they receive to restrict content. Only two out of ten telecommunications companies—AT&T and Telefónica—disclosed any data about government requests to they received to restrict content.