I'm having a hard time imagining a compelling case that the lobbyists could present though. Are most of these representatives just willfully corrupt? I hate to vilify people unduly but it is becoming hard to understand the thought process here.
I suppose you could pitch it as making the internet more efficient economically. I don't think that increased consumer purchasing is necessarily high value, but it certainly has economic benefits to spending.
You can easily attribute it to laziness. They don't research a topic themselves so whoever makes the best presentation gets the vote. Usually that's lobbyists because they have more money and time and are hired as excellent communicators. Dinner invitations and paid flights in private jets help too.
Right, and the lobbyists are hired, not because the corporations that hire them are inherently evil, but because they are mandated by their shareholders to change costly laws rather than comply with them. I'm not blaming our elected representatives, they are just part of a failing system.
Actually you should blame the representatives. They should be there for ALL citizens and have the greater good in mind not just the narrow interests of some.
> Are most of these representatives just willfully corrupt?
Yes, but they prefer the terms "lobbying" and "campaign contributions".
While theoretically they are concerned with their constituency so they can keep their job, the big problem with our system is the expense of running campaigns. While serving in congress, our representatives a massive amount of time is spent "dialing for dollars". The parties even require ("encourage") spending time "fundraising".
This makes lobbying easy. Constructing a compelling case isn't necessary. Just promise to free up their time by making various donations to their campaign and/or their party. This is legal as long as there isn't specific quid pro quo, thanks to McDonnell v United States.
The telecommunications industry employs hundreds of thousands of people. It does so not just in California and New York, but in every state. And it creates the kind of middle class jobs states are desperate for. A unionized Verizon field tech can make six figures (with overtime), has generous benefits, and can get the job without a college degree. How many jobs do Google or Facebook create in Tennessee? How many blue collar six figure jobs do Google or Facebook create?
If you're a telco, you can walk into the office of a politician in Alabama and say: "Hey, we employ 5,000 people in your state. Google employs 100. Why the hell would you support legislation that allows Google to make money this way but bans us from doing it?"
(This is, incidentally, why the conventional wisdom about money ruling politics is bunk. Tech is one of the richest industries that exists. But it's relatively politically ineffectual because it employs so few people, and it does so primarily in a handful of rich, coastal states.
A professor of mine once pointed out to me that in the environmental area, it's the environmental groups that need to do lobbying. The power company can just call up a Congress-critter and remind them of the thousands of jobs in their district that are tied to that company's well-being.)
If you do talk with your representatives, remind them this essentially means their browsing history, and the histories of their families, their constituents, and their constituents families will be available for sale at best, or once collected and sold are highly likely to be in a databreach before long. The aggregate of that information will be used to treat those people differently in some aspect or another.
> How big a difference is this to what Google and Facebook are doing currently?
ISPs' and carriers' data would cover every single person with a phone or Internet connection. It would be a universal database of locations, and a virtually-universal database of browsing habits tied not only to an IP, but an address and social security number. Will all of that be disclosed? Unlikely. But with an incentive to warehouse it, more ISPs and carriers will, and that makes for a juicy target.
Well, Facebook doesn't have access to your browsing history. At least not most of it, though it's probably still, you know, more that enough to cause a lot of pain.
Google does have access in some situations (chrome + linked profile), but as far as I know they don't sell that access.
Of course, both offer some subset of information for users.
Unless you are using an ad-blocker to block the rather commonplace facebook widget, and their other tracking mechanisms, they may well have more of your browsing history than you realize.
Hell, I do use ad-blockers and block assets coming from known Facebook domains, and they probably still have more information about my browsing history than I realize.
While there are similar practices that Google and Facebook have (eg. tracking your activities outside of their website), this is much more problematic and sinister for a couple reasons:
Access: Many people in this country do not have a choice as to which ISP they use. They are locked in due to anti-competitive practices, rural homes, or some other reason. You can make the choice much more easily not to use a certain website that tracks your behavior.
Cost also comes into play here, as you pay your ISP to deliver service. Google and Facebook are free, because they subsidize their services by selling and collecting data. Your ISP charges you a large amount of money already, and are increasing their own margins through this practice. It would be different if they did something akin to what Amazon did with their Kindles, where you provide the same service with and without tracking, and charge appropriately. The way things are now, you don't have a choice.
Lack of notification: Your data is being collected and sold through an implicit agreement with your ISP, likely entombed in a bunch of fine print that no one ever reads, nor anyone but a lawyer could decode. While this is the case with Google and Facebook, it's pretty much common knowledge that they do this. The carriers and ISPs implemented their tracking under-the-radar, and provided no way for anyone to opt-out.
I'm sure there's a lot more arguments out there, but that's what I have on top of my head right now.
While not quite accurate... if you imagine what Google/Facebook might know, then imagine a carrier who watched you enter/leave those pages, and potentially interact with any of those pages. The network footprint of a modern webpage interaction is more like an event stream than people realize.
You can choose not to use any particular site or service. However, there's little to no effective market for ISPs in many localities, so if the one or two ISPs in your area don't provide effective privacy, then you're screwed.
In a market where everyone has a wide variety of ISPs available and people can start one without massive infrastructure work (for instance, with widely available fiber infrastructure and a choice of who to light it), then we don't need as many restrictions on ISPs can do; people can handle that by selecting an ISP that meets their requirements.
But until we can make ISPs less of a monopoly, and make it possible for others to easily enter the market, then it's reasonable to restrict what those monopolies can do.
Google and Facebook's privacy policies put fairly strict limitations on how your data will be used, and shared.
If their privacy policies change to something that you are unwilling to tolerate, the cost to you of switching to a competitor is... Neither low, but not insurmountable.
These companies are well aware of this - which is why they care about how they use your private information.
For most Americans, if their ISP, (Or their ISP, and their only competitor) adopt anti-user policies, there is nothing that they can do.
I can put up with some discomfort by switching to DDG for my websearches. I can't afford to be a peer to a T3 ISP.
Note that the NSA openly claims authority to actively snoop on (i.e. not just incidentally record, but deliberately examine) your communications in this case, as your connection appears to be a foreign one. The FBI also has a legal strategy around hacking anyone whose actual location is obscured and has some kind of nexus in the US (as they could be presumed to be "crossing state lines" and thus subject to Federal jurisdiction); I'm not sure exactly how the execution of that shook out so far, but I doubt the story is over in any case.
How necessary is the not keeping logs thing(unless of course they too sell the data)? Sure if someone is hunting you down and the VPN keeps logs, then they can easily figure it out. But if you're just trying to avoid your ISP selling your browsing data, do you need to be concerned about what the VPN provider knows? Would the ISPs go to the lengths of trying to get that info from the VPN?
Some VPN providers "get it," and make a point to not keep logs (so if someone asks for them, they can in good conscience say: "sorry") - NordVPN comes to mind.
I've been shopping around for VPN routers and provider in light of this, and I expect others are too. I've used Tor in the past, but I expect for all of the devices in our house, that might get a bit cumbersome. I'd also like someone to hold accountable for QoS issues.
(1) Don't bet on many of them understanding their vote. It was billed as a removal of an unfair restraint on the free market.
(2) Oddly silent were folks like Google, Microsoft, etc. I fully expect to have to pay for privacy, or to have to choose whom I trust with my data: Comcast or Google.
All that is required is that they do not spend money to match the telecom's interest here. I don't see what Google, Microsoft or Facebook have to gain from telecoms getting datasets large enough to compete with their ad buisinesses. I think they probably just figured hey had little to lose and would not fight very hard.
It looks like all this does is undo an FCC rule from Dec 2, 2016. My understanding is that if this passes, our internet privacy will be the same as it was on Dec 1, 2016.
Worth reading this: https://www.eff.org/deeplinks/2017/03/three-myths-telecom-in... -- essentially, there was a court decision that moved privacy enforcement of ISPs from the FTC to the FCC. The FCC took up the mantle with the new rule. Now Congress is undoing the FCC regulation, ISP privacy won't be governed by either the FCC or the FTC.
Actually, privacy rules continue to be the same as before Trump (since Obama pulled the FTC's authority over broadband, anyway).
No element of that rule change, implemented weeks after the election, could possibly have taken effect before next December. (There are complex notification requirements that could push parts of it out even longer).
If the bill becomes law, the existing Obama-era rules stay in place, but the one difference is that the limitation is encoded in statute law as opposed to just an administrative rule... so another act of Congress (another passed and signed bill) would be necessary to override it.
Prior to August 2016, the FTC regulated all aspects of consumer protections. Unfortunately, the FTC has a specific call-out ceding authority to the FCC for certain parts of the regulation of 'common carriers', which ISPs fell into.
AT&T sued and said that the FTC carve-out for common carriers means that the FTC can't regulate any part of their business, not even consumer protections like data privacy. In August, the US Court of Appeals ruled in favor of AT&T, which meant that the FCC would have to enact new rules and would have responsibility for consumer protection with regards to common carriers.
The FCC passed consumer protection rules in October (which came into force in December). The FCC has authority on rulemaking unless there's an explicit congressional action saying otherwise. So along comes the new Republican Senate and they pass this bill to nullify the FCC rules. It's written ambigiously enough that you'll likely need another act of congress to undo it, which would require a Democratic congress / senate / President.
In summary: before August, the FTC protected your data. Since last winter, the FCC was protecting it. If this passes, nobody will be protecting it.
I read into it a bit more. The original FTC suit was brought against AT&T in 2014, but in 2015 the FCC reclassified ISPs as common carriers under Title II. So the 9th Circuit's August ruling just reflected that reclassification by the FCC.
The FCC's new consumer protection rules from last year are much harsher for ISPs than the previous FTC rules, so now there is a two-tiered system of data protection.
Senator Flake suggested in the WSJ that he wants the FCC to come up with consumer protection rules for ISPs that use the FTC's framework. (Source: https://archive.is/hKz0a)
To protect consumers from these harmful new regulations, I will soon introduce a resolution under the Congressional Review Act to repeal the FCC’s flawed privacy rules. While the resolution would eliminate those rules, it would not change the current statutory classification of broadband service or bring ISPs back under FTC jurisdiction. Instead, the resolution would scrap the FCC’s newly imposed privacy rules in the hope that it would follow the FTC’s successful sensitivity-based framework.
This seems pretty reasonable, but we still need Congress or the FCC to come up with another system that will fill the regulatory gap left by the 2015 rule change.
It should be pretty clear that privacy against government agencies is protected by the Constitution. Of course our government ignores that and tramples all over the spirit of the Bill of Rights, if not the letter.
As far as corporations? Not unconstitutional, but I don't think passing laws in the interest of the People's privacy against corporations would be unconstitutional either, so if our government had our best interests in mind, then they'd pass those laws instead of repealing them.
>so if our government had our best interests in mind, then they'd pass those laws instead of repealing them.
That is still a debatable issue though. I completely agree with you, but there are possible world views in which one might think allowing ISPs to sell your viewing data will provide a better product to the end user. Of course this assumes trust that these corporations will act ethically with your data (i.e. anonymize the data before selling and not allowing any leaks of non-anonymised data). That's a dream world to me, but a lot of people seem to be living in dream worlds to me these days.
Well Smith v. Maryland, Third Party Doctrine, etc. holds that a warrant is not needed if you share data willingly with a third party. In this case, you give up your reasonable expectation of privacy. So... If you're sharing with Comcast, you're sharing with Uncle Sam.
Grouped By Vote Position is most useful for this question, they don't offer a by-party grouping but it's pretty easy to scan all 50 YEAs and see every one is followed by an "R." All the NAYs are from Democrats or independents. Senator Isakson (R) didn't vote because he's recovering from surgery, I don't know why Rand Paul (R) didn't vote.
Rand Paul cosponsored the bill, so he was an effective yes. I don't know all of the rules of the senate, but apparently it is common to abstain on your own bill.
Here's the roll-call vote [1]. Find your Senator. If they voted in agreement with your views, call and congratulate them. If they didn't, call and explain why you're disappointed. Then immediately call your Congressperson.
I won't be surprised if AT&T revives its "Internet Preferences" targeted ads program[1]. Most customers apparently didn't care and were willing to put up with it for a $29/mo discount. AT&T never indicated why they canceled it, but my money is that it was due to the FCC regulations that were put in place.
At least some people used NetZero not because they were willing to tolerate ads, but because it was some way, any way, of getting a net connection. Hell, I tried find way to keep that annoying ad setup from even loading. I thought I was very clever that summer I used an independent PPP program under Linux to get the net connection, but no ads. Of course, that was detected and blocked after a while.
You appear to be another victim of "divide and conquer", and like many of them, perpetuate it. Life is not as simple as you like to believe: Trump/republican supporters may not necessarily think this is a good thing.
I would have preferred them to vote the other way, but I'm trying to do a reality check here. Given that on HTTPS sites it's just the domain name + timestamp, and that more and more sites are transitioning to HTTPS, is the mere domain name and timestamp really that useful? I can imagine it being useful to know you order pizzas at 7pm Thursdays, but how useful is it actually to know you e.g. browse Amazon 2pm Mondays, or use YouTube 10pm Saturdays, or send emails with Gmail every hour of every day? They have no idea what you're buying or watching or sending. (eBay seems to be the major exception since it's HTTP.)
How much of it would be devastating if (1) your closest friends and/or family members found out? (2) more distant acquaintances found out? And how likely is it that each of those would happen under a data breach? (Since presumably most people don't go looking inside illegal data dumps trying to find out the most intimate secrets about their friends' or family members' life for no good reason.)
Let's give a few examples of information they could find about you:
Visits nytimes.com, huffingtonpost.com and cnn.com: user is interested in current events and is probably liberal
Visits webmd.com and kaiserpermanente.org: user is probably sick
I'm sure you can extrapolate further. Now let's say I'm a gay person growing up in a conservative house and ads start popping up for all the family members on our shared IP for gay dating sites. That might be problematic for certain people.
1. You fall in the category of, "What if <my closest family members or friends> find out private information XYZ about me, based on which domain names I visit? My life would be ruined."
2. You don't fall in that category.
Group 1 has real fears. For some of them, even knowing whether they're home might be a life threat, and I understand that. But I don't imagine ISPs are fighting so hard just for the sake of targeting group 1; I imagine they might even avoid them if they could, for legal fears. They must be reaping immense benefits from gathering domain name browsing history about group 2 as well, and I assume those in group 2 are still terrified at the thought personally (as opposed to only because they're terrified of what would happen to group 1).
So let's leave the first group aside in this discussion. I'm trying to figure out what the most serious (but realistic) things are that people in group 2 are risking, and how ISPs are reaping profits from them. For example, ID theft or burglary is something that can happen to anybody. How much is your ISP recording & selling when you're home increasing the risk of burglary? etc.
Also: if you think group 1 is the vast majority of people and group 2 is the real minority hear, I'd be interested in hearing that argument as well, since I really don't have data on this (data would be welcome). My current instinct is group 2 is the majority.
For the record while I'm for protecting online consumer privacy, I'm not terrified of it being violated either. I was simply giving examples of how it might be problematic.
I work in ad tech, so as a matter of principle I don't have any ad or privacy blockers turned on. But even in my personal life I always keep my blinds open, I don't care if my neighbors see me living my personal life. I also keep all my Facebook posts public, etc.
But I realize that there are all kinds of situations I can and can't imagine where people need more privacy. My own life situation could even change such that I feel the need for more privacy. That's why I believe that people should by default have a right to privacy, but give it away only if they so chose.
We need good p2p mesh network applications! Relatively slow, asynchronous, person to person flow of information was, and arguably still is, the foundation of society, and the technology must be capable of fluidly falling back to this capability without dependence on unstable centralized networks!
Help out here please. Is the house doing something different/worse than the senate to gut our privacy protections? Not that I'm ok with this crap (and I'm looking into a vpn now) but I hear they could already sell our data to whoever because they gutted Tom Wheeler's plan.
84 comments
[ 3.5 ms ] story [ 155 ms ] threadIf I were them:
Look how much money Google and Facebook make doing this. Doesn't make sense to prevent AT&T, Verizon, and Comcast from doing the same.
Yes, but they prefer the terms "lobbying" and "campaign contributions".
While theoretically they are concerned with their constituency so they can keep their job, the big problem with our system is the expense of running campaigns. While serving in congress, our representatives a massive amount of time is spent "dialing for dollars". The parties even require ("encourage") spending time "fundraising".
This makes lobbying easy. Constructing a compelling case isn't necessary. Just promise to free up their time by making various donations to their campaign and/or their party. This is legal as long as there isn't specific quid pro quo, thanks to McDonnell v United States.
John Oliver's overview of the problem: https://www.youtube.com/watch?v=Ylomy1Aw9Hk
I'm sure you're familiar with the numerous ways corporations (and others) add indirection when donating. Especially in the era of "Super PACs".
If you're a telco, you can walk into the office of a politician in Alabama and say: "Hey, we employ 5,000 people in your state. Google employs 100. Why the hell would you support legislation that allows Google to make money this way but bans us from doing it?"
(This is, incidentally, why the conventional wisdom about money ruling politics is bunk. Tech is one of the richest industries that exists. But it's relatively politically ineffectual because it employs so few people, and it does so primarily in a handful of rich, coastal states.
A professor of mine once pointed out to me that in the environmental area, it's the environmental groups that need to do lobbying. The power company can just call up a Congress-critter and remind them of the thousands of jobs in their district that are tied to that company's well-being.)
ISPs' and carriers' data would cover every single person with a phone or Internet connection. It would be a universal database of locations, and a virtually-universal database of browsing habits tied not only to an IP, but an address and social security number. Will all of that be disclosed? Unlikely. But with an incentive to warehouse it, more ISPs and carriers will, and that makes for a juicy target.
Google does have access in some situations (chrome + linked profile), but as far as I know they don't sell that access.
Of course, both offer some subset of information for users.
Hell, I do use ad-blockers and block assets coming from known Facebook domains, and they probably still have more information about my browsing history than I realize.
Access: Many people in this country do not have a choice as to which ISP they use. They are locked in due to anti-competitive practices, rural homes, or some other reason. You can make the choice much more easily not to use a certain website that tracks your behavior.
Cost also comes into play here, as you pay your ISP to deliver service. Google and Facebook are free, because they subsidize their services by selling and collecting data. Your ISP charges you a large amount of money already, and are increasing their own margins through this practice. It would be different if they did something akin to what Amazon did with their Kindles, where you provide the same service with and without tracking, and charge appropriately. The way things are now, you don't have a choice.
Lack of notification: Your data is being collected and sold through an implicit agreement with your ISP, likely entombed in a bunch of fine print that no one ever reads, nor anyone but a lawyer could decode. While this is the case with Google and Facebook, it's pretty much common knowledge that they do this. The carriers and ISPs implemented their tracking under-the-radar, and provided no way for anyone to opt-out.
I'm sure there's a lot more arguments out there, but that's what I have on top of my head right now.
In a market where everyone has a wide variety of ISPs available and people can start one without massive infrastructure work (for instance, with widely available fiber infrastructure and a choice of who to light it), then we don't need as many restrictions on ISPs can do; people can handle that by selecting an ISP that meets their requirements.
But until we can make ISPs less of a monopoly, and make it possible for others to easily enter the market, then it's reasonable to restrict what those monopolies can do.
If their privacy policies change to something that you are unwilling to tolerate, the cost to you of switching to a competitor is... Neither low, but not insurmountable.
These companies are well aware of this - which is why they care about how they use your private information.
For most Americans, if their ISP, (Or their ISP, and their only competitor) adopt anti-user policies, there is nothing that they can do.
I can put up with some discomfort by switching to DDG for my websearches. I can't afford to be a peer to a T3 ISP.
It's software vs hardware.
I've been shopping around for VPN routers and provider in light of this, and I expect others are too. I've used Tor in the past, but I expect for all of the devices in our house, that might get a bit cumbersome. I'd also like someone to hold accountable for QoS issues.
Is there no party that values privacy, individual liberty, or the constitution?
I thought these "Senators" took an oath to protect the constitution. From the way they vote, it seems they never even read it!
(2) Oddly silent were folks like Google, Microsoft, etc. I fully expect to have to pay for privacy, or to have to choose whom I trust with my data: Comcast or Google.
Its a shitty time for privacy, period.
Here's the text of the bill (it's pretty short): https://www.congress.gov/bill/115th-congress/senate-joint-re...
It looks like all this does is undo an FCC rule from Dec 2, 2016. My understanding is that if this passes, our internet privacy will be the same as it was on Dec 1, 2016.
Am I wrong? Why is this so bad?
No element of that rule change, implemented weeks after the election, could possibly have taken effect before next December. (There are complex notification requirements that could push parts of it out even longer).
Prior to August 2016, the FTC regulated all aspects of consumer protections. Unfortunately, the FTC has a specific call-out ceding authority to the FCC for certain parts of the regulation of 'common carriers', which ISPs fell into.
AT&T sued and said that the FTC carve-out for common carriers means that the FTC can't regulate any part of their business, not even consumer protections like data privacy. In August, the US Court of Appeals ruled in favor of AT&T, which meant that the FCC would have to enact new rules and would have responsibility for consumer protection with regards to common carriers.
The FCC passed consumer protection rules in October (which came into force in December). The FCC has authority on rulemaking unless there's an explicit congressional action saying otherwise. So along comes the new Republican Senate and they pass this bill to nullify the FCC rules. It's written ambigiously enough that you'll likely need another act of congress to undo it, which would require a Democratic congress / senate / President.
In summary: before August, the FTC protected your data. Since last winter, the FCC was protecting it. If this passes, nobody will be protecting it.
I read into it a bit more. The original FTC suit was brought against AT&T in 2014, but in 2015 the FCC reclassified ISPs as common carriers under Title II. So the 9th Circuit's August ruling just reflected that reclassification by the FCC.
The FCC's new consumer protection rules from last year are much harsher for ISPs than the previous FTC rules, so now there is a two-tiered system of data protection.
Senator Flake suggested in the WSJ that he wants the FCC to come up with consumer protection rules for ISPs that use the FTC's framework. (Source: https://archive.is/hKz0a)
To protect consumers from these harmful new regulations, I will soon introduce a resolution under the Congressional Review Act to repeal the FCC’s flawed privacy rules. While the resolution would eliminate those rules, it would not change the current statutory classification of broadband service or bring ISPs back under FTC jurisdiction. Instead, the resolution would scrap the FCC’s newly imposed privacy rules in the hope that it would follow the FTC’s successful sensitivity-based framework.
This seems pretty reasonable, but we still need Congress or the FCC to come up with another system that will fill the regulatory gap left by the 2015 rule change.
As far as corporations? Not unconstitutional, but I don't think passing laws in the interest of the People's privacy against corporations would be unconstitutional either, so if our government had our best interests in mind, then they'd pass those laws instead of repealing them.
That is still a debatable issue though. I completely agree with you, but there are possible world views in which one might think allowing ISPs to sell your viewing data will provide a better product to the end user. Of course this assumes trust that these corporations will act ethically with your data (i.e. anonymize the data before selling and not allowing any leaks of non-anonymised data). That's a dream world to me, but a lot of people seem to be living in dream worlds to me these days.
https://en.wikipedia.org/wiki/Third-party_doctrine https://en.wikipedia.org/wiki/Smith_v._Maryland
"The Senate" didn't vote for this. The Republicans did.
Scroll down to "Grouped by Vote Position".
EDIT: Better link
https://www.senate.gov/legislative/LIS/roll_call_lists/roll_...
Grouped By Vote Position is most useful for this question, they don't offer a by-party grouping but it's pretty easy to scan all 50 YEAs and see every one is followed by an "R." All the NAYs are from Democrats or independents. Senator Isakson (R) didn't vote because he's recovering from surgery, I don't know why Rand Paul (R) didn't vote.
[0] https://www.congress.gov/bill/115th-congress/senate-joint-re...
The democratic party is greedy and selfish, but their positions on many issues are far less anti-human.
[1] https://www.senate.gov/legislative/LIS/roll_call_lists/roll_...
[1] https://arstechnica.com/information-technology/2016/09/att-t...
Visits nytimes.com, huffingtonpost.com and cnn.com: user is interested in current events and is probably liberal
Visits webmd.com and kaiserpermanente.org: user is probably sick
I'm sure you can extrapolate further. Now let's say I'm a gay person growing up in a conservative house and ads start popping up for all the family members on our shared IP for gay dating sites. That might be problematic for certain people.
1. You fall in the category of, "What if <my closest family members or friends> find out private information XYZ about me, based on which domain names I visit? My life would be ruined."
2. You don't fall in that category.
Group 1 has real fears. For some of them, even knowing whether they're home might be a life threat, and I understand that. But I don't imagine ISPs are fighting so hard just for the sake of targeting group 1; I imagine they might even avoid them if they could, for legal fears. They must be reaping immense benefits from gathering domain name browsing history about group 2 as well, and I assume those in group 2 are still terrified at the thought personally (as opposed to only because they're terrified of what would happen to group 1).
So let's leave the first group aside in this discussion. I'm trying to figure out what the most serious (but realistic) things are that people in group 2 are risking, and how ISPs are reaping profits from them. For example, ID theft or burglary is something that can happen to anybody. How much is your ISP recording & selling when you're home increasing the risk of burglary? etc.
Also: if you think group 1 is the vast majority of people and group 2 is the real minority hear, I'd be interested in hearing that argument as well, since I really don't have data on this (data would be welcome). My current instinct is group 2 is the majority.
I work in ad tech, so as a matter of principle I don't have any ad or privacy blockers turned on. But even in my personal life I always keep my blinds open, I don't care if my neighbors see me living my personal life. I also keep all my Facebook posts public, etc.
But I realize that there are all kinds of situations I can and can't imagine where people need more privacy. My own life situation could even change such that I feel the need for more privacy. That's why I believe that people should by default have a right to privacy, but give it away only if they so chose.