What Your ISP Knows About Your Internet Usage
Your internet provider might know more about you than you realize.
One of the most common concerns people have when using the internet is whether their internet service provider (ISP) can monitor their activity. From surfing the web to playing games online, internet activities are on the rise more than ever before, based on recent usage statistics. It’s possible for any ISP to see, collect, and use data from users for their own business needs.
The short answer is yes, ISPs are capable of gathering information about user activity on the internet, but not without a policy regulating where and how they use it. Here are a few things your ISP knows about your internet usage and what it may do with the data it collects.
Types of Data Collected by ISPs
Understanding what ISPs know about internet usage starts with knowing the types of data they collect. An October 2021 report by the Federal Trade Commission (FTC) found that several major ISPs offered only internet services when the businesses began, and therefore they held information relating only to internet usage. The ISPs, however, gradually expanded their businesses to include services for smart devices, advertising, and more. By offering services other than internet plans, the ISPs were — and still are — capable of collecting large amounts of varied data, including but not limited to:
- App usage
- Billing information
- Web-browsing data
- Customer information (e.g. name and date of birth)
- Real-time location data
Metrics such as app usage may not be all that harmful, but tracking a customer’s real-time location or collecting information about their background could potentially breach privacy policies required of the ISPs themselves.
Privacy Policies and Personal Data
Recent data privacy statistics prove the existence of valid concerns about collecting and using consumer data, but some of the data collection is actually necessary to create personalized experiences for consumers. Fraud detection, product development, and complying with legal obligations are considered legitimate reasons for collecting consumer data, but transparency is important for consumers. Not only is it vital for ISPs to be explicit about their data-gathering practices, but it’s also important not to leave out critical information for potential customers.
ISPs offer customers the option to opt out of data collection, but there are sometimes cases of legal fine print that works in ISPs’ favor. Assuring customers their information will not be sold, for example, does not protect their data from being bought or used in other ways. Some ISPs, for example, collect web-browsing data in order to send targeted ads to customers. Other ISPs, as reported by the FTC, share personal information with their parent companies and affiliates, undercutting the promise not to sell information.
Thankfully the FCC requires ISPs to publicly disclose information about their network-management practices and commercial terms. The FCC has even gone so far as to show consumers how to find their ISP’s disclosure statement.
ISP Disclosure Statement Requirements
All ISPs must abide by the FCC’s rule on transparency as listed in the Restoring Internet Freedom Order. The rule states that any person providing broadband access shall publicly disclose accurate information that would allow their consumers to make informed choices regarding the purchase and use of its services. In other words, ISPs must be transparent about their business practices and allow customers to consent to the collection and usage of their information before using it in any capacity.
That also applies to entrepreneurs and small businesses who would use an ISP to develop, market, and maintain internet goods or services. If a small-business owner needs to manage an online store or offer digital services to clients, ISPs must be able to provide information on how their services could affect the way the small business operates. The disclosure must be available through a public, easily accessible website or through transmittal to the commission.
The Bottom Line
ISPs collecting consumer data as part of their services is a double-edged sword. On one hand, gathering information about customers is essential to providing personalized services that would, for the most part, increase customer satisfaction and retention. On the other hand, collecting sensitive data such as location, demographic, and other personal information could be a potential privacy concern and thus would deter potential customers from investing in an ISP in the first place. The FCC is primarily responsible for regulating how much information ISPs can use, and it is mostly up to customers to decide which ISPs are worth their time and money.