ISP Tracking: What Your ISP Knows About Your Internet Usage

Your internet provider may know more about you than you realize.

Written by

Last Updated: Aug 22, 2024
A graphic-design image of a pair of eyes looking over a character logging in to their email account.
Know what type of data your ISP may be tracking to protect your online activities.

A common concern people have when using the internet is whether their internet service provider (ISP) can monitor their activity. Internet activities are on the rise, from surfing the web to playing games online. Any ISP can see, collect, and use data from users for their own business needs. ISPs are capable of gathering information about user activity on the internet, but not without a policy regulating where and how they use it. Here are a few things your ISP knows about your internet usage and what it may do with the data it collects.

Why Is My ISP Tracking My Internet Usage?

ISPs track your internet usage for several reasons, whether it’s to benefit the provider or required by the law. Here’s what you can expect from ISP data tracking:

  • Data usage monitoring: ISPs track internet usage to monitor your data consumption, especially in regions where data caps or usage-based internet plans are enforced.
  • Network management: Tracking internet usage helps ISPs manage network traffic and ensure optimal performance for all users, including identifying and addressing congestion issues. The information is used for internet throttling.
  • Compliance with regulations: ISPs may track internet usage to comply with legal requirements and regulations, such as enforcing copyright laws or monitoring for illegal activities.
  • Customized services: Tracking your behavior allows ISPs to offer personalized services, such as targeted advertising or tailored internet plans based on usage patterns.
  • Security and law enforcement: ISPs may track internet usage to identify and mitigate security threats, including cyberattacks, malware, and illegal activities, and to cooperate with law-enforcement agencies in investigations.

Types of Data ISPs Track

 A graphic-design image depicting iconography about what type of data ISPs track.
Personal information and internet usage are the type of data your ISP is privy to.

Understanding what ISPs know about internet usage starts with knowing the types of data they collect. An October 2021 report by the Federal Trade Commission (FTC) found that several major ISPs offered only internet services when the businesses began, so they held information relating only to internet usage. The ISPs, however, gradually expanded their businesses to include services for smart devices, advertising, and more. By offering services other than internet plans, the ISPs were — and still are — capable of collecting large amounts of varied data.

ISPs typically track data through deep packet inspection (DPI) or by logging domain name system (DNS) requests. DPI involves analyzing the contents of data packets transmitted over the network, allowing ISPs to identify information. DNS logging involves recording the information that users request translations for.

Web Browsing Data

  • URLs visited: ISPs can track the websites you visit by logging the URLs you access. The information provides insight into your browsing habits and interests.
  • Search queries: ISPs may track search queries conducted through search engines. The data reveals the topics and information you’re interested in and can be used for targeted advertising or other purposes.
  • Private browsing: Private browsing modes, such as Incognito and Private Browsing, prevent your browser from storing local data such as cookies or browsing history, but ISPs can still see the websites you visit because your traffic passes through their servers. Private browsing prevents only your local device from storing data. It does not hide your online activity from your ISP.
  • Deleted history: Even if you delete your browsing history from your device, ISPs may still retain records of your internet activity. Once data passes through their servers, ISPs can potentially log and store the information, even if you’ve deleted it locally.

App Usage

  • Data usage: ISPs monitor the amount of data consumed by various applications to manage network resources effectively, identify bandwidth-intensive applications and ensure fair distribution of bandwidth among users.
  • Protocol analysis: ISPs may analyze applications’ protocols to understand their behavior and resource requirements. They can, for example, differentiate among web browsing, streaming video, file sharing, and gaming applications based on their protocols, such as HTTP, HTTPS, BitTorrent, or gaming-specific protocols.
  • Connection patterns: ISPs track the frequency and duration of connections established by applications to identify patterns of usage. The information helps them optimize network performance and detect potentially suspicious or malicious behavior, such as a sudden increase in connections or unusual traffic patterns.
  • Content inspection: Some ISPs perform content inspection to analyze the data transmitted by applications, allowing them to identify specific types of content or activities. ISPs, for example, may inspect web traffic to detect and block access to malicious websites or enforce copyright laws by identifying and throttling or blocking peer-to-peer file sharing.
  • Metadata logging: ISPs may log metadata associated with app usage, such as time stamps, source and destination IP addresses, and port numbers. The metadata provides additional context about application usage and helps ISPs track and analyze internet traffic patterns.

Billing Information

ISPs typically don’t track billing information on other sites you visit unless the sites have a billing relationship with the ISP or the ISP is providing additional services, such as payment processing or billing aggregation, for the sites. ISPs may, however, track certain types of billing-related information indirectly based on users’ online activities.

  • E-commerce transactions: If you make purchases or conduct financial transactions on e-commerce websites, ISPs may track data related to those transactions, such as payment details, order history, and shipping information. The information may be tracked for security purposes, fraud detection, or to provide billing-related services if the e-commerce site has a partnership or billing agreement with the ISP.
  • Subscription services: If you subscribe to online services or digital content providers that bill through your ISP, such as streaming video platforms or digital media subscriptions, the ISP may track usage data and billing information related to those services. That includes tracking subscription fees, usage charges, and any additional fees or charges incurred for accessing premium content or features.
  • Billing aggregation: Some ISPs offer billing aggregation services that allow customers to consolidate and pay for multiple services or subscriptions through a single billing account with the ISP. In those cases, the ISP may track billing information for various third-party services or subscriptions that are billed through the ISP, including usage charges, subscription fees, and any other billing-related data associated with the services.

Customer-Related Information

  • Metadata: ISPs can see the metadata associated with your internet traffic, such as the websites you visit, the duration of your visits, and the size of the data packets transmitted. They may not see the specific content of your communications (such as the text of emails or messages), but they can still gather metadata about your online behavior.
  • Cookies and tracking technologies: Third-party websites often use cookies and other tracking technologies to monitor users’ activities across the web for advertising and analytics purposes. ISPs can potentially see when you access websites that use the technologies, although they typically do not have access to the specific data collected by the sites.
  • DNS requests: When you visit a website, your ISP processes DNS requests to translate domain names (like “example.com”) into IP addresses. DNS requests do not reveal the specific content you access on a website, but they can provide information about the websites you visit.

Real-Time Data Location

ISPs don’t track real-time location data in the same way mobile carriers or location-based services do, but ISPs can infer certain aspects of your location based on your IP address and other network-related information.

  • IP geolocation: ISPs can determine a device’s approximate geographic location based on its IP address. IP geolocation is not always precise, but it can provide a general idea of the city or region where a device is located. That information is typically used for network-management purposes and to deliver localized content.
  • DNS resolution: When you access websites, your ISP processes DNS requests to translate domain names into IP addresses. By analyzing DNS requests, ISPs can potentially infer your location based on the domain names you are accessing. Accessing local news websites or regional-specific services, for example, may indicate your location.
  • Network infrastructure: ISPs can also infer location data based on the network infrastructure used to provide internet service. The physical location of the ISP’s network infrastructure, such as servers and routers, can provide clues about the general area served by the ISP.

What to Know About Privacy Policies and Personal Data

According to 2021 data privacy statistics, there are valid concerns about collecting and using consumer data. Some data collection, however, is necessary to create personalized consumer experiences, such as fraud detection, product development, and compliance with legal obligations. Transparency is important for consumers, and ISPs need to be explicit about their data-gathering practices, ensuring they don’t leave out critical information for potential customers.

ISPs offer customers the option to opt out of data collection, but there is sometimes legal fine print that works in ISPs’ favor. Assuring customers their information will not be sold, for example, does not protect their data from being bought or used in other ways. Some ISPs collect web-browsing data to send targeted ads to customers. Other ISPs, as reported by the FTC, share personal information with their parent companies and affiliates, undercutting the promise not to sell information.

Thankfully, the FCC requires ISPs to disclose their network-management practices and commercial terms publicly. The FCC has even shown consumers how to find their ISP’s disclosure statement.

What Are ISP Disclosure Statement Requirements?

All ISPs must abide by the FCC’s rule on transparency as listed in the Restoring Internet Freedom Order. The rule states that any entity providing broadband access shall publicly disclose accurate information that would allow its consumers to make informed choices regarding the purchase and use of its services. In other words, ISPs must be transparent about their business practices and allow customers to consent to the collection and usage of their information before using it in any capacity.

The rule also applies to entrepreneurs and small businesses using an ISP to develop, market, and maintain internet goods or services. If a small-business owner needs to manage an online store or offer digital services to clients, for example, ISPs must provide information on how their services could affect how the small business operates. The disclosure must be available through a public, easily accessible website or through transmission to the commission.

How to Hide Your Internet Activity From Your ISP

A graphic-design image depicting ways for a user to protect or hide their internet activity from ISPs.
With the right tools and knowledge, there are plenty of ways to hide your internet activity from your ISP.

ISPs collecting consumer data as part of their services is a double-edged sword. On one hand, gathering information about customers is essential to providing personalized services that would, for the most part, increase customer satisfaction and retention. On the other hand, collecting sensitive data, such as location, demographics, and other personal information, could be a potential privacy concern and would deter potential customers from investing in an ISP in the first place.

If you’re concerned about ISPs collecting your information, you can try a few things to reduce the amount of data they get from you.

Use a VPN

A virtual private network (VPN) creates a secure, encrypted connection between your device and a remote server operated by the VPN provider. This encrypted tunnel protects the data traveling between your device and the internet. When connected to a VPN, your internet traffic is routed through the VPN server before reaching its final destination, masking your IP address and making it appear as if the internet activity originates from the VPN server rather than your actual location.

A VPN hides your internet activity from your ISP by encrypting the data and routing it through the VPN server. The ISP can no longer see the specific websites or services you’re accessing, nor can it inspect the content of the data being transmitted. Instead, the ISP can see only that you’re connected to the VPN server and the volume of data being sent and received. The encryption and rerouting process protects your privacy and prevents ISPs from tracking your online behavior, and it can also help bypass censorship and geo-restrictions.

Use HTTPS Websites

An HTTPS website uses Hypertext Transfer Protocol Secure (HTTPS) to encrypt data exchanged between your browser and the website. HTTPS combines the standard HTTP protocol with SSL/TLS encryption to ensure that all data transmitted is secure and private. When you visit an HTTPS website, your browser establishes a secure connection with the website’s server, encrypting all data before it’s sent over the internet. The encryption prevents third parties, including ISPs, from intercepting and reading the data.

When you access an HTTPS website, your ISP can see that you are connected to a specific site with HTTPS-enhanced security, but it cannot see the specific pages you visit or the data you exchange, such as login credentials, personal information, or the content of your communications. That protection helps prevent ISPs from tracking your online activities in detail and reduces the risk of data being intercepted by malicious actors. HTTPS also helps protect against man-in-the-middle attacks, ensuring that the data you send and receive is not tampered with during transmission.

Use a Tor Browser

The Tor browser is a free, open-source web browser designed to provide anonymous web browsing by routing internet traffic through the Tor network. The Tor network consists of a series of volunteer-operated servers, called nodes or relays, that encrypt and bounce internet traffic multiple times before it reaches its final destination. That process of encryption and random routing makes it difficult for anyone, including ISPs, to trace the origin of the traffic or see what the user is doing online.

When using the Tor browser, your ISP can see only that you’re connected to the Tor network, but it cannot see the websites or services you’re accessing. The multiple layers of encryption applied as traffic passes through the Tor nodes ensure that the data remains protected even if one layer is compromised. Each node in the Tor network knows only the previous and next nodes in the chain, making it nearly impossible to trace the complete data path.

Frequently Asked Questions About ISP Tracking

Can your internet provider see your history if you use mobile data?

Yes, your internet provider can see your browsing history even if you use mobile data. Mobile data providers, like ISPs for home internet, can monitor and log your online activities because your internet traffic passes through their networks. They can track which websites you visit, the duration of your visits, and the amount of data you consume.

Can a VPN hide your data usage?

A VPN doesn’t hide your data usage from your ISP. Instead, it encrypts the data to mask the content and destinations of your internet traffic. Your ISP can still see the volume of data being transmitted and that you are connected to a VPN server, but it cannot see what you are accessing or the specific details of your online activities.

Can I legally prevent my ISP from monitoring my activity?

Legally preventing your ISP from monitoring your activity is challenging, because ISPs typically are required by law to retain certain data for security and regulatory purposes. Using tools like VPNs and HTTPS encryption enhances your privacy, but it doesn’t completely eliminate your ISP’s ability to track overall data usage.

Does unplugging the router clear browser history?

Unplugging your router doesn’t clear browser history. Browser history is stored locally on the device you used to browse the internet, such as your computer, smartphone, or tablet. To clear your browser history, you need to go into your web browser’s settings or options menu and manually delete the history.