In October of 2016, during the Obama administration, Congress passed new internet privacy legislation. Internet Service Providers, or ISPs, like Comcast and Verizon, were required to obtain user permission before sharing private data. This was the first time that the Federal Communications Commission (FCC) stepped in and created new policies regarding the internet. The new policies were set to go into effect in December of 2017. It was a considered a big victory for those concerned about internet privacy.

In March of 2017, during the Trump administration, Congress decided they had done enough in that regard and scrapped the FCC’s policies regarding internet privacy, and the U.S. legislative branch, in a party-line vote (215 to 205), decided to overturn the FCC’s rules and allow private user information to be sold to companies. The President is due to sign the resolution in the upcoming weeks, making it common law.

Behind the legalese, the new policy makes one simple, yet drastic change. Generally, it seems that everyone agrees that private information should not be distributed to companies without any oversight. What the recent upheaval has changed is what constitutes “private information.” The FCC’s previous stance from last year’s legislation was that information like browsing history, app usage, and location all fell under the definition of private information, and thus, was not allowed to be distributed without consent. The current administration has come out on the other side, agreeing that while we shouldn’t give private data away, browsing history and the like don’t really count as private data, and can be sold to corporations without permission.

If you’re concerned about mega corporations buying your personal internet history and data, the big question is what can be done about it? Is there any way we can protect what remains of our privacy, or is it already too late?

The answer to that question is a little messy, mostly because this new legislation is still in its infancy, and only time will tell if there are any viable solutions. But people are already working on the problem, with solutions from the old-school and the new.

One of the most immediate things you can do is also one of the oldest of American traditions. You can always speak to representatives who voted for the bill and voice your dissatisfaction. The Verge has published a list of everyone in Congress who voted for the bill, and how much they were bought for.

There are more measures you can explore with this information. In addition to voicing their complaints, some have taken it a step further. Adam McElhaney, from Tennessee, has started a GoFundMe to buy all the browsing data of members of Congress. As a form of protest, he is raising enough money to buy all of their histories and make it available to the public for viewing. And Max Temkin, creator of Cards Against Humanity, has pledged to do the same thing.

Similarly, there’s the capitalism approach, where you can take your business to an ISP that won’t sell your private data. This is arguably effective, and more so on a personal level, but you might run into trouble finding a provider that is willing to keep your privacy secure. Carriers in the U.S. don’t have much competition, and the money they can get from selling info might offset the loss in customers if it isn’t significant.

Virtual Private Networks (VPNs) are networks you can use to “mask” your browsing data. By adding a third party server, all the data you create while online is reduced to bits of information from a random source instead of yourself. This seems like a good solution to the problem, but VPNs are essentially unknowable by design, so in using one you don’t know what’s happening to your data or how secure the network will be with it.

There’s no simple solution or magic trick that can be used to protect your private data from ISPs that want to sell it. Newer solutions are in the works, but for now, mixing new technology with old fashioned protests and resistance are the best bet.