Comcast is Watching You. Isn’t it Time To Fight For Our Data Privacy Rights?
Most conversations about data privacy focus on the activities of social media companies. We’ve all felt the sting of realizing that everything from our search history to comments on our family photos is being used to show us ads designed to manipulate us to purchase products we don’t need. It’s a use of our personal information that we all know should be off limits.
But the commodification of personal data by data-devouring behemoths like Facebook and Google is not the whole story. The truth is worse. When it comes to abuse of personal data — including personal data that is legally protected — the most unrepentant, aggressively deceptive data swindler on the planet may be your local cable provider. It has detailed data on who you are, what you watch, and when you watch it — along with data about your purchasing behavior purchased from Experian or other sources.
Consider: Your ISP or cable provider has the ability to scan, collect, analyze, store, and sell every byte of data you send or receive over your home connection. They can store it indefinitely, and they can sell that data in any way they like, to whomever they like. If you demand details about the data it’s collected, it can — and apparently will — refuse to share it. (Try to sue them for this information, and you’ll be promptly reminded that you signed away that right as part of your service contract. Your only option is arbitration with a private arbitrator who won’t be getting much business if he angers big customers like Comcast or AT&T.)
This should be illegal. And it is. But that doesn’t seem to stop it.
Let’s Talk About The CCPA
This isn’t a new fight. As the cable TV industry took root across the country in the mid-1970s, it became clear to lawmakers that these companies could easily collect an extraordinary amount of “personally identifiable information” about their subscribers. It was obvious, nearly 50 years ago, that cable companies shouldn’t just be trusted with your sensitive personal information.
Throughout most of the early 1980s, cable company lobbyists did all they could to delay, diminish, and defang any proposed regulation of their rapidly growing industry. The cable industry won many of those battles, but one they lost was the fight over customer privacy. It’s right there in the Cable Communications Policy Act (CCPA) of 1984, Sec. 631, “Protection of Subscriber Privacy.”
The CCPA specifically forbids all cable operators from collecting, using, or disclosing personally identifiable data without the consent of the subscriber. It also requires all cable operators to notify subscribers of how long their data will be stored, requires that subscribers be given access to any data collected about them, and limits the kind of data that can be collected to only the “legitimate business activity” related to a cable service or other service provided to the subscriber. The act also provides for liquidated damages of $100 per day of violation. If you’ve been a subscriber for years, that could mean you have a claim for tens of thousands of dollars or more against a cable company that, we know, can afford to pay it.
Cable companies make so much money on the data that this doesn’t stop them. They don’t just collect legally protected information on the sly, they actively bundle and sell the private information, or at least its valuable use for marketing purposes (again, information that they have illegally collected and maintain about their subscribers) to advertisers. It has become an essential part of their profit model. It’s openly advertised on their websites and touted in their annual reports.
One of the most troubling details about cable providers’ illegal collection and storage of private consumer data is that we don’t even know its full. According to one lawsuit, Comcast refuses to comply with the Cable Act’s requirements that it provide subscribers with a copy of the data it keeps. Collecting anything beyond what’s required to provide the service violates the law. Thanks to research done by Experian, we know that cable companies collect and sell the use of personally identifiable data about the specific shows their customers watch, allowing for one-to-one targeting even on live TV broadcasts.
Case In Point: Comcast
There’s also no technical reason that a major cable provider — Comcast, for example — couldn’t capture metadata about every single scrap of data that flows through their subscribers’ internet connections. Every video your kids watch on their tablets, every gift you’re thinking about buying your spouse, every home grocery delivery you make, and every time you use an app to check your bank balance may well be considered fair game.
While some of this data may be encrypted, there’s still a staggering amount of personal, private, and legally protected information in that metadata. That’s what makes it so valuable to companies like Comcast, AT&T, Charter, and others.
Comcast actually published its intention to sell the use of customer information in its own Customer Privacy Notice in place from August 1, 2015. The company openly admitted that it would be using the subscriber’s “Comcast account number or device identifiers, or from third parties, to deliver better and more relevant products, services and advertising.” This is just one example from one company. The real problem is much bigger, and is by no means limited to Comcast.
How do they get away with it? Forced arbitration clauses in their customer contracts.
Once you sign a contract with Comcast, the company immediately begins the process of illegally collecting, storing, and selling your personally identifiable information to the highest bidder. This is decidedly illegal, violating both the CCPA and some state laws, but this hasn’t stopped companies like Comcast from acting as if those laws simply don’t apply to them. If there’s a problem, they simply force the customer into an unfair arbitration process safe from legal scrutiny by the courts.
In many places in the country, cable providers are effectively local monopolies. If you want to use the internet, you have to sign a service contract that you have no power to amend or negotiate. And one of the clauses almost all of these contracts include is an agreement for all disputes with the service provider to be settled through arbitration, rather than through the courts.
Let me reframe that for you: To get basic cable, phone service, or home internet, companies like Comcast require that you sign a contract waiving your fundamental right to take them to court. They have done this specifically to avoid the massive penalties and damages that can otherwise come from intentionally breaking the law.
It’s no secret that arbitration tends to favor these huge companies. They hold all the cards, they pay for the services of these ostensibly neutral arbitration firms, and they aren’t bound by the strict rules of evidence that would apply in a civil case. If they conceal damaging documentation, give misleading testimony during the arbitration, or even accidentally admit to breaking the law, they face few meaningful penalties.
And, of course, no class action is possible — so if they lose it’s just one small claim. They avoid accountability for the millions of other identical wrongs they’ve committed. These Arbitration agreements have also gotten a lot of support from The U.S. Supreme Court in recent years, which currently has a very pro-business majority. This allows companies like Comcast to openly violate privacy protections, failing to meet even the low bar of notification and consent required by the Cable Act.
It’s time to do something about this. Tens of millions of cable subscribers have had their data privacy rights violated. We need to do more than just sound the alarms. We need to use every tool we have at our disposal — from boycotts to class action lawsuits — to push back against this blatant abuse of our data. At a bare minimum, we need to force these companies into the courtroom so that we can reveal the exact scope of their illegal and predatory data-collection schemes.
Fortunately, there’s at least one group of lawyers out there fighting this battle for consumers against Comcast, or at least for those who timely opted-out of Comcast’s arbitration clause. These lawyers are making some headway in court in California in a case called Hodges v. Comcast, where they’re using some favorable California law to try and get around the arbitration clause. (You can get a copy of the complaint and more about that lawsuit here.) But they’re also reporting that the case law in the First Circuit (which includes Main, Massachusetts, New Hampshire, Rhode Island, and Puerto Rico) may be most favorable for liability. Comcast has numerous subscribers in Massachusetts. If you’re one, it sounds like your claims is particularly strong.
Of course, most consumers don’t stand up for their rights. So wrongs like this just continue. But there’s a chance for people to profitably stand up for themselves here. Comcast gives consumers 30 days to opt-out of arbitration, starting from their subscription activation date. So it’s possible to get out of arbitration and get a fair hearing. And apparently numerous others are already doing it.
If you recently subscribed to Comcast and still have time to opt-out (here’s the link — be sure to print your confirmation screen as proof), or if you already timely opted out, you might be very interested to learn that the Cable Act provides for liquidated damages to Plaintiff and each Class member computed at the rate of $100 a day for each day of violation of 47 U.S.C. § 551 or $1,000, whichever is higher, pursuant to 47 U.S.C. § 551(f)(2)(A). For longtime subscribers, that could add up to tens of thousands of dollars. For California subscribers, according to the lawsuit there is also, statutory damages of $5,000 per violation of Penal Code § 637.5 for Plaintiff and each Class member pursuant to Penal Code § 637.2(a)(1).
If you’re a Comcast Cable Subscriber, it looks like your rights have been violated by Comcast
Under federal law, you decide whether to share your personal data with your cable company. If your cable company keeps and uses your personal data without your knowledge or consent, you lose control over your private information, risk its disclosure in a data breach, and are exposed to manipulative, personally targeted ads. Fortunately, as noted above, some subscribers are suing to enforce their federally-legislated privacy rights under the federal Cable Act, along with others like you, you may be able to recover up to thousands of dollars in statutory damages and make a stand for privacy.