What does your ISP know about you and why should you care?

ISP spying on youAs the virtual mailman of the Internet, your Internet service provider (ISP) knows the addresses on everything sent and received by your computer.

Depending on where you live and the specific rules of your ISP, they could know a lot, lot more. In fact, they are even being positioned as the new ‘bouncers’ of the Internet, enforcing the rules on what content you can look at.

Just imagine the Internet as a global postal service. Your ISP has the role of the local mailman – making sure you get your incoming mail, then sorting and sifting what you put in the mailbox so it can successfully arrive at its destination.

To do so, the ISP has your Internet Protocol address (better known as the IP address) and the IP address of whomever you have been exchanging packets of data with. This permits each device using the Internet to be identified and located and is the bare minimum of your information which the ISP requires to play mailman.

But, there is more. ISPs can pair IP address data with a time stamp of when and for how long the specific computer was online. They also may keep track of the volume of packets sent out and received by your computer.

Think of each packet as a registered letter in the hands of a postal clerk: The ISP knows the sender, the recipient, and number of letters mailed. It is all theoretically autonomous because the ISP tracks activity by the specific IP address of each device in their network – not the person behind the machine.

But, since the ISP also knows each subscriber and the IP addresses of their computers, it’s not so difficult to connect the dots.

Just a question of time for your data

Yes, since ISPs already have data on your Internet activities, the question is for how long they should keep it. The time varies by individual company and by country.  In the EU, the Data Retention Directive requires telecom companies to keep data logs for up to two years. This includes data on the source, destination, date, time, and equipment used for emails, phone calls and text messages. The European Commission has concluded that “retained telecommunications data play an important role in the protection of the public”.

This has raised the hackles of a few member countries, most notably Germany, who consider it an invasion of privacy. Not only did the German Constitutional Court throw out the law, the Germans also have not implemented a reasonable substitute, at least according to the EC. Last May, the EC even asked the European Court of Justice to levy a daily fine of € 315,036.54 (almost $428,000) on Germany for not falling in line. Stay tuned for more details.

The transformation into a bouncer

In the United States, the friendly ISP is about to be transformed into a bouncer, thanks to the new Center for Copyright Information, a group made up of the Motion Picture Association of America (MPAA), the Recording Industry Association of America (RIAA) and five of the biggest ISPs: AT&T, Cablevision, Comcast, Time Warner Cable and Verizon. The Center’s goal is to cut the rate of Internet piracy and do it in a more organized fashion than happened with the scattered litigation used previously.

The Center will “sniff” the Internet for packets of copyrighted materials and the IP addresses of the sender (visible on open P2P file-sharing networks). Then they will tell the ISP that they have noticed some potentially illegal activity from one of their IP addresses. This sets off a six-strike set of warnings from the ISP to the IP address which could culminate in the subscriber losing his or her Internet connection.

While this is a kinder,gentler approach than the French “Three strikes and you’re out” policy against Internet piracy, it has some people worried. Douglas Rushkoff, a media theorist and CNN columnist, thinks the Center will put ISPs in a new role of monitoring content as well as punishing offenders, removing subscribers’ fast dwindling expectations of privacy from their ISP.

Just do it in a tunnel

Since your ISP already knows the IP addresses  – and is poised to know even more – is it worth fighting for your privacy? Many will argue, Yes. One way to cut the information available to your ISP is to use a virtual private network (VPN) such as Hotspot Shield.

With Hotspot Shield Free VPN turned on, the ISP can only see that you are communicating with an Hotspot Shield proxy server – not the IP assigned to you by Hotspot Shield or those you are communicating with. The ISP can only see the volume of encrypted data flowing to and from your computer – without the ability to read it or identify the type of data being sent. This is, afterall, not such a revolutionary idea.  In the analog world, reliable mailmen can be trusted to just deliver the mail, not read it.

Learn more about Hotspot Shield VPN

Lyle Frink on

, , , , , , , , , ,

5 Responses to What does your ISP know about you and why should you care?

  1. Dave November 29, 2013 at 5:46 pm #

    Excellent article! Personally I am not much of a techie but i find everything related to internet security and privacy fascinating. Its amazing how new rules are put into place for one reason but are usually just one small part of a bigger picture. I cant stop reading about it

    My question is.. would it be possible/legal for an isp (or whom ever) to buy the information automatically collected from independent online companies to combine into one profile?

    Or would this not even be necessary given the amount of information an isp already has on its client?

    • Peter Nguyen
      Peter Nguyen December 3, 2013 at 3:29 pm #

      Your ISP already has lots of information on you..such as your IP address, your browsing activities, and which websites you visited. The question is how long does your ISP retain those data on its servers. If a law enforcement agency were to ask your ISP for the data, your ISP would need to comply and hand over the data.

  2. Handal Morofsky January 25, 2014 at 5:14 pm #

    As our privacy rights are being increasingly threatened, another step we can take is to be vocal with ISP’s that have policies that intrude on our privacy. Let them know the reason you’re deciding on another ISP is because of their privacy policy.

  3. karan August 16, 2014 at 3:43 am #

    is it possible that my isp can read my msgs on hangout and gmail and viber and whats app ?? and is it possible that my isp can tell which emails i am using to tok to my friends or family or colleague ??

    • Levent Sapci
      Levent Sapci August 25, 2014 at 5:23 pm #

      Peter: Your Internet service provider can track which websites you visits and your location. If the site you’re using is not encrypted (HTTPS), then they can read the content.

      Gmail uses HTTPS so the content is encrypted. Messages sent on Viber and Whats app are also encrypted. But it’s not easy for your ISP to read them. But if they really want to, there are ways. But it’s rather difficult if the messages are encrypted. If you use a VPN, then that gives you another layer of protection.

Leave a Reply