To sum it up briefly, no, they don’t care, not as a principle in itself. Most ISPs would happily sell your data if they thought it constituted a solid business decision, and it would be unwise to entirely trust an ISP to do right by your data. It’s far too valuable for that, especially when it’s combined with the data and browsing habits of millions of other users. There might be exceptions when it comes to small municipal providers that are run locally, but they often have a different setup, motivations, and don’t have as large of a data set to provide.
Yet now that that’s settled, there’s plenty more to talk about on the subject. What would make them care, and what is preventing them from breaching your privacy right now? Also, how can you better protect yourself and your privacy should ISPs get more aggressive? We’re going to look into the answers to these questions and perhaps get into the reasoning of some ISPs for their practices.
They Track Everything
In the economy of big data, you can be certain that any major ISP is tracking you, and even the smaller may keep records as a matter of course to potentially comply better with courts. There is no legal requirement currently (this may vary by country), but cooperation with law enforcement (and other entities) can become common.
Additionally, and perhaps more notably where your privacy is concerned, ISPs might work with marketers to use your browsing habits either directly or indirectly. While they might be less likely to sell your data directly, they might create campaigns or profiles and then sell those. It is part of an alarming trend alongside social media practices and companies like Amazon and Google collecting massive amounts of data. Effectively, you are not only being sold a product, but you are the product.
They Probably Don’t Care About You as an Individual
Most of what you do will not interest your ISP. If you’re like most internet users, you’re probably rather boring to them and just another number on a spreadsheet. They aren’t actively reading your chat logs and they aren’t listening to your video calls. They don’t have the resources to do that for everyone and the would have little to gain compared to the cost. Your value lies more in the metadata that you and other users provide for marketers both internal and external (more on that later).
They might care about and be on the lookout for the following:
- Potentially highly illegal activities or activities that your government may not approve of (this can depend on your country, as in some countries governments will work with ISPs to root out dissidents). Many ISPs will keep records just in case they are subpoenaed by the courts at various levels.
- A massive use of data far beyond what the average person uses, especially if you have a normal plan. They might react to this through throttling or more active monitoring of your online activity.
- A pattern of downloads that signals that you are regularly downloading and distributing copyrighted content illegally. This monitoring is how they can send out notices and warnings to people doing so.
This isn’t an exhaustive list, and they might be interested in other things such as when you are online, how long you are active for at a time online, how long you stay on certain sites and pages, and what devices you and other household members use to access the internet. Most of this metadata collection is for marketing purposes and doesn’t necessarily pose a threat, but it can still be intrusive for many.
They Do Care About Potential Liability
If you keep track of the news regularly, you can probably get an idea of just how devastating a major data breach for a company is. Yahoo had to decrease its sale price to Verizon by $350 million over a single data breach. Even with lesser numbers, any ISP is going to take every precaution they can to prevent liability. Outside of the US where the regulations might be stronger, a full breach would cripple the company.
To summarize, ISPs are surely protecting your data quite well, since the consequences of not doing so would be a PR and potentially a financial disaster. Not only do they want to protect their assets, but they also want to protect their reputation in the market. Would you sign up with the ISP who lost everyone’s data if there were other options available?
They Might Care that You Care
Just because they may want and use your data doesn’t mean that your data is their top priority. Their top priority is the bottom line, and enough customers that get angry about the situation might mean that they change their tune on the matter, at least at a surface level (you can expect at least some ISPs to pay lip service to the idea and then just be more subtle in their efforts to use your data in the future, unless protections or guarantees are in place). If enough people threaten to switch providers to a more privacy-friendly option, you can expect the market to adjust.
It should be noted, however, that this won’t work for many people if only for the fact that there is only one real provider in a region, and the ISP can simply tell users to accept their policies or get no internet service. Privacy protection at that point would require government intervention, which would be no easy task to organize.
The Situation Can Change
It is very important to note that anything about this situation can change, as laws and regulations regarding the internet are not set in stone and change with every administration. For example, in 2017 privacy protections were repealed by the FCC, leading to many of the problems we see today. Debates happen constantly about the issue and lobbyists are hard at work for both sides to influence future legislation. Combine this with the many interests involved with online privacy and you can see that it might be difficult, but worthwhile, to follow the news on this matter.
How to Protect Yourself
In truth, there might not be any perfect method to protect your privacy from ISP intrusion other than to entirely cut the cord, and that’s for the most part unacceptable in today’s world. However, you can make it more difficult for ISPs and you can minimize the potential intrusions. We recommend the following practices and tools for this purpose:
- A Virtual Private Network (VPN) can help mask your browsing activity to your ISP (and everyone else) and is a common security and privacy measure used by millions. If your ISP wants to check to see what you’ve been up to, all they’ll see if your connection to the VPN. You’ll want to use one whenever possible, and you’ll also want to get a fast enough internet speed to make up for the VPN slowdown. Make sure you use a premium VPN as well, as the free ones might sell your data or are astonishingly slow.
- ISPs are limited in the content and URLs they can see when you use only HTTPS sites, although they can usually see the sites you are going to. It is a better form of protection than nothing, even if it is quite limiting.
- Limit the information you voluntarily share as a rule. How many services and apps really need your location data for you to live a normal life? Does everyone need to know your emails or your phone number? Your ISP will ask for information, often trying to trick you in the process. Be wary and provide them with as little as possible.
- Not all ISPs are equal in their invasion of your privacy. Some are less apt to cooperate with governments for fear of angering their user base. If you have a local provider or another available, you may wish to switch to them in order to protect yourself.
- You can just wait in some cases. You can check ISPs as to their data retention policy. That being said, how trustworthy each of them is when it comes to this can certainly come into question.
This is a constantly evolving issue, so we would also like to encourage people to stay on top of it in order to make sure that they know their current rights and are aware of what ISPs are able to do (both politically and technologically). Additional protections and technologies might also come out to help users maintain their privacy in the coming months and years.
Chances are that your internet service provider doesn’t care the least bit about your privacy, but thankfully it probably doesn’t care about what you are doing either. Yet this doesn’t necessarily give them any right to many people to invade your habits either, in the eyes of many. You may want to switch providers, make your voice known, or use some of the protective measures listed above. And we hope you do, as ISPs will listen to people (and their wallets).
Bio: Kevin Conner is the founder and CEO of Vast Bridges, a customer acquisition and lead generation company in the home services arena. Since 2011 more than 10M consumers and businesses have used Vast Bridges' web properties to search for Internet and TV service. Most recently he and a small team have launched broadbandsearch.net, the U.S.'s leading home services (broadband and TV) search engine.