It seems like a no-brainer that an Internet Service Provider (ISP) should have to get your permission to snoop on and use the private information you generate as you browse the Internet. In 2017, pressure from the telecom industry led to Congress and the president rolling back protections for broadband privacy, but there are many ways EFF was and is still fighting this battle.

Late in 2016, the FCC passed rules to protect your privacy from invasions by your ISP. The rules—which prohibited things like selling your personal information to marketers, inserting undetectable tracking headers into your traffic, or recording your browsing history to build up a behavioral advertising profile on you without your consent—were a clear victory for privacy. Unsurprisingly, ISPs wishing to profit even more off of their customers were not happy about the restrictions and began lobbying hard to overturn the rules.

The telecoms’ lobbying relied on easily disprovable myths that also echoed the rhetoric they offered during the debate on net neutrality. (In particular, the incorrect claims that the Federal Trade Commission (FTC) would be an adequate safeguard and that companies are unable to compete under the current laws). EFF provided a memo to congressional staffers to rebut these misconceptions. Despite the obvious benefit the rules provided, in March, Congress rushed through and passed S.J.Res.34, which overturned the hard-won protections issued by the FCC the previous year.

The fight for privacy didn’t end with the federal government. By the end of 2017 at least 21 states had introduced proposals to restore the legal rights to privacy for broadband Internet users that Republicans in Congress stripped away. EFF has supported many of these efforts and submitted testimony for California, Oregon, and Minnesota and Hawaii while supporting privacy advocate efforts in many other states. EFF continues to make the legal and technical arguments as to why we need these privacy protections restored.

The fight in California foreshadows how these state-by-state battles could go. Despite strong support and a willingness by the bill’s supporters to negotiate for a reasonable, balanced set of privacy protections, including support from small ISPs, California’s bill stalled at the end of the year when Google, Facebook, and the large ISPs started spreading misinformation, claiming that privacy rules would somehow help terrorists and hackers. However, you can only fool legislators for so long. It's hard to imagine any state legislator looking at the current landscape for broadband Internet—after Comcast, AT&T, and Verizon have successfully eliminated crucial protections for competition, policy, privacy, and net neutrality—and thinking that the new status quo is just fine.

With overwhelming public support for these consumer protections, those who care about online privacy have a lot of grassroots power to compel change—power we’ll continue to use to win back the protections lost in 2017.