Can employees at a local telephone ISP read my e-mails and monitor my web surfing and tell others about what they read/see?
Yes they can.
The real question is would they? Probably not.
And if it’s of real concern to you, what might you do? I do have some ideas.
Your ISP knows a lot about you. They ultimately control your connection to the internet. And by control, I do mean total control.
They know where you live, so as to be able to physically get your connection to you. For example, as I’ve said over and over and over and over, in order to locate you by your IP address, it typically takes law enforcement and a court order. Where do they take that court order? To your ISP, to get them to reveal your physical location.
Your ISP also controls the equipment that all your internet data flows over once it leave your location. You connect to your ISP, and it’s your ISP that then routes the data to where it’s supposed to go elsewhere on the internet.
Can they “sneak a peek” at your data while they route it? Absolutely they can.
The question is: would they?
Folks, I’ve said this before too: we’re just not that interesting. Why would anyone want to spend time looking at gigabytes of data just so they can spy on your surfing habits or email? Most ISPs are overworked enough as it is, without adding some kind of electronic voyeurism to their job.
In my strong opinion most people need do nothing to protect themselves from their ISP.
Several possible solutions come to mind:
- Secure connections – any connection that begins with https instead of http is an encrypted connection. So while your ISP can see which sites you are visiting, the data actually sent to or displayed from the web site on an https connection is encrypted. Using an https connection to a service like GMail is one way to secure your email from snooping. Naturally you’re still trusting the mail providers not to snoop on you.
- Anonymous Web Surfing – using services like Anonymizer, Tor, or other services like them, your ISP can tell that you’re using the service but they cannot tell where you’re surfing; it’s all encrypted. It’ll be slower, but it’ll be encrypted. And of course you’re trusting the service not to snoop on you.
- Encrypted Email – there are several ways to send encrypted email. Your ISP will be able to see who you’re emailing, but your message will be encrypted and hidden. Encrypted email is not easy for most people to set up, but it can be done.
- VPN Services – There are services available that will allow you to set up a VPN or “Virtual Private Network” connection to their services which then connect you to the internet. Typically meant for people who use WiFi hotspots a lot (where snooping is a much greater risk and issue) everything between you and the service is encrypted, thus your ISP can’t see a thing. Of course the service can.
So it really all boils down to your level of paranoia, which could be quite legitimate or not, compared with the amount of effort you’re willing to put into keeping your connection secure.
But ultimately I don’t believe that their ISP snooping on them is something most people need to worry about.