Do you know your Internet Service Provider (ISP) can track your Internet browsing activity?
Internet Service Providers (ISPs) facilitate our connections to the digital world. However, did you know they track your browsing activity and log everything you do online? They know everything, from the online stores you visit up to the forums on which you post.
These actions are perfectly legal in most cases. Governments have even passed laws expressly to grant this permission. In the US, for example, the former Trump administration facilitated legislation making it easier for ISPs to collect and sell your information.
1. Use a Virtual Private Network
While there are many ways of avoiding ISP tracking, the method I favor most is using a Virtual Private Network (VPN) service. VPNs allow you to connect to their secure servers before routing all your data to intended destinations.
Because of this, you’re essentially adopting the VPN server as your “device” – which is what everyone else will see. The VPN hides your device and encrypts all data sent via the connection for added security.
VPNs for Privacy Protection
Besides, VPNs also offer other benefits like avoiding ISP bandwidth throttling, helping block tracking cookies, bypassing geolocation blocks, and more. You can sign up with a highly reputable VPN like X for as little as a few dollars each month.
Also, check out our best VPN picks for different usages.
2. Use The Onion Router
The Onion Router, or TOR network, is a complex network of distributed servers and nodes that your data passes through when using a TOR browser. Because of the long, random routes your data traverses, tracking your device becomes a challenge for any ISP or website.
TOR routing paths aren’t standardized, so even if a website or your ISP tries to track a data trail, the route shifts before this can be accomplished. The downside is that this complex data path also slows down your Internet browsing experience.
Still, using TOR is free if you’re willing to put up with that. If you’re serious about your Internet privacy and preventing ISP tracking, some VPNs can work with TOR for even better privacy and security.
TOR doesn’t work with all browsers. To use TOR, you’ll have to download a particular browser called the TOR Browser, a modified version of Mozilla Firefox.
3. Change Your DNS settings
Domain Name Systems (DNS) are how browsers match user-friendly URLs with Internet addresses. For example, when you type www.google.com, your browser will match that name to the IP for Google, 18.104.22.168.
The problem is that when you sign up with an ISP, it typically sets your default DNS server to one that it controls. This control means your ISP can log all your browser requests. Every action you take that needs a DNS resolution passes through your ISP-controlled DNS server.
To avoid this, switch to an alternative DNS provider. Some standard DNS servers that are popular include;
- Google – 22.214.171.124 / 126.96.36.199
- Cloudflare – 188.8.131.52 / 184.108.40.206
- Cisco OpenDNS – 208.67. 222.222 / 208.67. 220.220
It’s important to note, though, that changing your DNS server may provide some additional privacy, but your connection is still unencrypted. This lack of encryption puts you at risk, especially when sending sensitive data like usernames and passwords.
4. Stay Clear of Common Web Browsers
Web browsers make it convenient to surf the Internet, but commercial organizations release the most common web browsers. Because of the value these organizations place on your data, it’s risky to use them, plus they tend to cache a lot of information.
Instead, opt for a privacy-focused web browser like the TOR Browser, Brave, or Vivaldi. While they may not offer the same bells and whistles as Google Chrome, at least they won’t be using your data against you.
5. Force HTTPS Connections
This final point isn’t so much about privacy as it is about security. The web is an increasingly dangerous place, and everyone is trying to grab all the data they can. From legitimate websites to hackers and scammers, your data is the new oil.
In the past, most websites used HTTP as the data transport protocol. It’s fast and convenient but has become unsafe due to data theft. That’s why many websites are shifting to secure HTTP, otherwise known as HTTPS.
What is an SSL Certificate?
An SSL Certificate is digital proof of identity for all websites. Aside from identity verification, it also encrypts data sent between your device and the website. These digital certificates are becoming increasingly common today.
Due to the increased security provided by SSL Certificates, search engines prioritize search results to websites equipped with one. Today, most major web browsers will also warn users if there are SSL certificate problems with the websites they attempt to visit.
There is also noticeable identification of SSL websites in most major web browsers. These take the form of padlock icons next to website addresses on the browser navigation bar. This icon makes it easier for users to tell if a website is safe.
To force HTTPS connections, you can use a browser connection called HTTPS Everywhere. While it won’t stop your ISP from knowing what websites you’re visiting, it will at least encrypt the data, so the ISP won’t know what you do there.
How Governments Are Legalizing ISP Data Collection
Every country has its legislation regarding Internet use and data. However, an increasingly common theme is that governments want ISPs to collect comprehensive data from their users. The purpose of this varies from commercial to more sinister reasons.
In the US, newer laws abolish the need for ISPs to obtain user permission before collecting data. That makes it easier than ever – and perfectly legal – for ISPs in the US to collect every bit of information they want from your web browsing sessions.
Residents of the United Kingdom have things a little better. If you want, you can ask your ISP to remove all your personal data under the “right to erasure” provision. However, ISPs can’t remove everything as specific data retention is mandatory as well.
Like the UK, the EU has a “right to be forgotten” clause you can leverage to get ISPs to remove some data. The EU offers some of the highest privacy regulations globally, but it is by no means perfect either.
As many of us know, China – and many other Asian countries – aren’t big on user privacy. While some have perfunctorily implemented data protection laws, most countries in the region heavily rely on ISPs as part of their policing efforts on society.
What Data is Collected and Why
There are many reasons why ISPs collect data, so we’ll start with the most basic. Most governments work closely with ISPs to regulate Internet usage within the country. ISPs are ideal for this since all data needs to flow through their infrastructure.
Depending on the country, governments use the data for various reasons.
For example, the Malaysian government uses ISPs to censor political and adult content. ISPs in the country are handed lists of domains to ban, blocking user attempts to access these websites.
Studies show that various ISPs in the US, including AT&T, Verizon, and Comcast, collect massive amounts of data in the US. This data is for marketing and advertising purposes, and in some cases, sold or transferred to third parties.
The overall effect is that there’s no limit to what ISPs can do in most cases. Even with data protection laws in place, governments don’t want data collection to stop. It goes against the theme that knowledge is power, and ISPs grant governments, companies, and themselves, much of this power.
If you’re curious about precisely what data is collected, here’s a shortlist;
- The domain name of websites visited.
- The exact web pages loaded.
- The length of time you viewed those web pages.
- All emails sent and received.
- Anything you search for on search engines.
- Type of data transmitted (e.g., video streaming, P2P activities)
- Devices used, including the type, operating system, and more.
- Your browser and all extensions installed.
- Your approximate geographic location.
And MUCH more.
The concept of governments protecting our privacy is something that’s become a joke. Not only are they using ISPs to enforce their will, but they provide the laws to support ISPs in exploiting that same data.
While it may not be the identical case everywhere, the general trend is clear. Unless you’re prepared to take privacy into your own hands, everything is fair game on the Internet today. Even if you aren’t concerned about commercial exploitation, doesn’t it give you the creeps that ISPs know so much?
What’s worse is that this discussion is on the legal side of the coin. How about websites that try to steal your data surreptitiously or hackers wanting to do the same? Are you prepared to have all your digital activities become the window to your life?
Stay safe and private online today.