NSFW

How Trump Is Putting Your Porn Privacy in Jeopardy

The President is set to sign a bill allowing ISPs to collect and sell your personal and financial online data to third-parties—and the adult industry is worried.

04.01.17 8:07 AM ET

It’s hard to imagine life without the internet; these days it’s almost as essential as electricity. Yet unlike utility companies, our internet service providers currently have unlimited access to our web browsing history and personal data. If Trump signs recently proposed legislation, which has already been voted through by Congress, ISPs will have the freedom to collect and sell consumer’s personal and financial data to third-parties without consent. This would effectively repeal the FCC’s October 2016 ruling that granted consumers the choice to “opt in” and share their sensitive information—including “precise geolocation, financial information, health information, children’s information, social security numbers, web browsing history, app usage history and the content of communications.”

In short: our online habits would be laid bare for the world to see, and corporations to take advantage of. Even worse, internet service providers will no longer be obligated to protect “customer information against hackers and thieves,” according to The Washington Post.

While some may shrug their shoulders and call this the price of safety, others see it as a violation of privacy. Either way it’s a slippery slope for online freedom—and one that could cost the adult industry. Many adult sites frequently rely on the speedier but less secure delivery methods of HyperText Transfer Protocol (HTTP), and switching to HyperText Transfer Protocol Secure (HTTPS) when requesting personal data such as logins or billing information. (The difference between HTTP and HTTPS is security: on HTTP the page contents are visible to anyone on that network, whereas HTTPS keeps information on the page safely hidden by using a separate protocol, Secure Sockets Layer (SSL), to transport and encrypt data.) As consumers become more aware of online security, porn companies will need to shift to encrypting every page of their site in order to keep what few consumers are left. The popular tube site PornHub has already made the change to HTTPS and more XXX sites are expected to follow.

A pioneer in online adult films, Sssh.com founder Angie Rowntree launched the porn site for women in 1999. Though the site’s tour pages are not encrypted, it’s never been an issue, and any time customer information is required it’s on a secure server. Concerned that this legislation may negatively impact the adult industry by feeding into the paranoia that porn sites are harmful, Rowntree is quick to point out that unlike numerous mainstream sites “we don’t sell customers’ information or our email lists and neither does anyone we associate with.” However, if having an HTTPS tour page eases consumer’s fears then, as Rowntree says, “if something makes my customers feel better then that’s what I’m going to do.”

Even with a secure connection, ISPs will still have the ability to aggregate health information, sexual orientation and personal preferences inferred from an individuals web browsing, listening and viewing history. Unfortunately, that secure feeling the padlock emoticon elicits on HTTPS sites doesn’t mean it’s completely secure: HTTPS doesn’t prevent your ISP from seeing what websites you spend time on; it merely keeps them from viewing the contents of your visit. That is why Colin Rowntree, founder of the porn site Wasteland.com, calls the focus on HTTPS a red herring.

“The significance being, if your ISP is allowed to sell your information, even if you’re on a secure connection they can still sell your information,” says Colin. “In my opinion, general porn sites and blogs don’t need SSL because they’re not collecting any information; people are just looking at the internet. When you get into anything that involves a form, signing up for a mailing list or joining a porn site then, yes, that needs to be secure.”

According to Colin, porn companies don’t actually harvest that much data. “The adult industry does not have the infrastructure or the funding to do that kind of deep data mining, so that should be the least of anyone’s concern,” says Colin. “Frankly, porn is broke at this point.”

Frustrated with the data mining of big search engines, Angie and Colin Rowntree partnered with developers to create Boodigo, an HTTPS-encrypted adult-oriented search engine that doesn’t gather identifiable user information. The anonymity and security of search engines like Boodigo may become increasingly important, as corporate harvesting of user information becomes an inescapable future.

Paying a Virtual Private Network (VPN) company to encrypt your web traffic is one solution to maintaining privacy—if it’s a trustworthy company that doesn’t log your data anyway. Your ISP will see that you are using a VPN but shouldn’t see the sites you visit while using the VPN (unless you have a DNS leak, which is an entirely different story). Whereas the HTTPS connection provides a more limited security, your ISP will know which websites are visited but will not be able to see what you are doing on those HTTPS-encrypted sites. (Yes, that incognito mode on your browser only keeps your significant other from snooping; your ISP still sees everything you do.)

“It’s safe to say porn users are very concerned about privacy, which is why the vast majority flock to tube sites despite the fact that content quality on such sites is inferior to pay sites,” says Xbiz founder Alec Helmy. “I believe repealing privacy protections will make users borderline paranoid, pushing them to secure sites over non-secure favorites.”

Alas, yet another hurdle for the struggling adult industry.