Home / Security / How-To
Answer Line

Is Your ISP Spying On You?

Answer Line
By Lincoln Spector, PCWorld Sep 3, 2012 7:42 am PDT

Arcticsid asked the Answer Line forum if his ISP can “sit back…watch a screen, and see everything you are doing at any given time?”

Not quite, but it’s frightening close. Your Internet service provider tracks what IP addresses you contact, which effectively means they know the web sites you’re visiting. They can also read anything you send over the Internet that isn’t encrypted. Whether they actually do that is an open question.

According to Dan Auerbach, a Staff Technologist for the Electronic Frontier Foundation, what they mostly collect is metadata–things like IP addresses and port numbers. With a little bit of work, this information can tell them who you’re communicating with and help them make an educated guess about whether you visited a Web page or sent e-mail. As Auerbach told me in a phone conversation, they’re tracking “who you’re sending mail to but not the content.”

So what about content? Can they see what pages on that Web site you visited, and what you wrote in that e-mail? Yes, they can, if they choose to do so. But that’s a lot of work with very little return for them. And there are legal limits. For instance, in the United States, ISPs can only share content with the government (I’ll let you decide if you find that comforting). On the other hand, there are no such restrictions on with whom they can share your metadata.

There’s “a lot of opacity surrounding what they actually do,” says Auerbach. “It’s difficult to know what a given ISP is doing with the data.” Privacy policies, of course, are seldom written to be clear and understandable.

How long do they retain the information? “Roughly between six months and two years,” estimates Auerbach.

And how can you protect yourself?

HTTPS on Chrome
HTTPS in Chrome
First, embrace any technology that encrypts the data for its Internet travel. If you need privacy, use Secure Socket Layer (SSL–secure web pages with URLs starting with https) or a virtual private network (VPN).

If you’re really paranoid, you might want to consider Tor, a free program and service that makes it much more difficult to track where you’re going online. For more information, see Tor Network Cloaks Your Browsing From Prying Eyes.

Read the original forum discussion.

Contributing Editor Lincoln Spector writes about technology and cinema. Email your tech questions to him at answer@pcworld.com, or post them to a community of helpful folks on the PCW Answer Line forum. Follow Lincoln on Twitter, or subscribe to the Answer Line newsletter, e-mailed weekly.

Coupon Codes