Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can My ISP Monitor My Internet Usage?

Can employees at a local telephone ISP read my e-mails and monitor my web surfing and tell others about what they read/see?

Yes. Yes, they can.

The real question is, would they? Probably not. And yet … there are new concerns that they might occasionally even be required to.

If it’s of real concern to you, what might you do? I have some ideas.

Become a Patron of Ask Leo! and go ad-free!

Your ISP

If you have a connection to the internet, it’s provided by an ISP; that’s what the acronym stands for: Internet Service Provider. Be it your work, school, phone, or cable company, your internet service is provided by someone, and that someone is your ISP.

Not only do they provide your internet connection, they completely control it.

Are You Being Spied On? Your ISP knows a lot about you. Traditional ISPs, like telephone and cable companies (and quite possibly many “non-traditional” ISPs, such as wireless providers and others), know where you live, so as to be able to set up your connection physically (not to mention know where to send the bill).

As I’ve said over and over and over and over, to locate you by your IP address typically takes law enforcement and a court order. Where do they take that court order? To your ISP, so they can reveal your physical location.

Monitoring your connection

Your ISP also controls the equipment your internet data flows over once it leaves your location. You connect to your ISP, and your ISP routes the data to where it’s supposed to go elsewhere on the internet.

Can they “sneak a peek” at your data while they route it? Yes, they can.

The question is, would they?

Folks, I’ve said this before too: we’re just not that interesting. Why would anyone spend time looking at terabytes of data just so they can spy on your surfing habits or email? Most ISPs are overworked enough without adding some kind of electronic voyeurism to their job.

In my strong opinion, most people need do nothing to protect themselves from their ISP.

Protecting your connection

OK, what if you still want to protect yourself? What if you have a legitimate reason for being paranoid?

Several possible solutions come to mind.

  • Secure connections. Any connection beginning with https, instead of http, is an encrypted connection. So while your ISP can see which sites you are visiting, the data sent to or displayed from the website on an https connection is encrypted. Using an https connection to an email service like Gmail is one way to secure your email from snooping.
  • Anonymous web surfing. If you use services like Tor, your ISP can tell you’re using an anonymizing service, but they cannot tell anything more than that — everything’s encrypted. It’ll be slower, but it’ll be encrypted. Of course, you’re trusting the anonymizing service not to snoop on you.
  • Encrypted email. There are several ways to send encrypted email (though sadly, none are particularly easy). Your ISP will be able to see who you’re emailing, but your message will be encrypted and hidden.
  • VPN services. You can set up a VPN, or “Virtual Private Network” connection, to the internet. Typically meant for people who use Wi-Fi hotspots a lot (where snooping is a much greater risk and issue) everything between you and the VPN service is encrypted; thus, your ISP can’t see a thing. Of course, the VPN service can, as it becomes a kind of ISP itself.

It all boils down to your level of paranoia — legitimate or not — compared to the amount of effort you’re willing to put into keeping your connection secure.

But ultimately, I don’t believe ISP snooping is something most people need to worry about.

On the other hand…

In recent years, some governments have begun to require ISPs to keep information about your internet habits. Anything your ISP can see is potentially logged, to be available should those governments come knocking.

What’s kept? Which ISPs? How long? Which governments?

There’s no way to know with certainty. Indeed, the landscape changes often, and today’s answer to any of these questions might be different tomorrow.

Once again, I maintain that most of us simply aren’t that interesting, and aren’t likely to be doing anything warranting the interest of your government, much less your ISP.

However, it’s certainly worth knowing what is possible, and what might even be required, so you can take any steps you feel are appropriate to protect yourself.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

Podcast audio

Play

134 comments on “Can My ISP Monitor My Internet Usage?”

      • Unless you are doing something bad, they probably aren’t going to have time. That’s why they install web filters on the network like Websense which will redirect you to the Websense screen saying that you accessed ….ie “Guns” or something. Your IT department has more to do than just watching your traffic.

        Reply
  1. I think you may not have answered his second question… if ’employees of ISP’ can tell other people about what they saw. This is rather a question of legality, rather than technicality. Yes, tehnically it is possible, but legally..? I think ISP is responsible enough to prohibit it.

    Reply
  2. How can I monitor what connection I have(I’m on a 2MB line)as I dont think I’m getting what I’m paying for on a regular basis.
    TIA

    Reply
  3. I sometimes use my company wireless laptop to surf the net while I’m on business trips. Can my employer see what I’m surfing if I don’t log onto the company VPN or network?

    Reply
    • You can clear the cache on the settings of your browser….you might need Administrative right to do that depending on settings on your corporate machine

      Reply
      • If the company has keylogging or other monitoring software, they would be able to see anything you do. Since this is their computer, it can be legal in many cases. (See Leo’s comment timestamped November 27, 2007 at 12:41 pm)

        Reply
  4. —–BEGIN PGP SIGNED MESSAGE—–
    Hash: SHA1

    Possibly. They could have installed spyware, or configured your system to
    access their proxies even though you’ve not explicitly done so yourself.

    Thanks,

    Leo

    —–BEGIN PGP SIGNATURE—–
    Version: GnuPG v1.4.7 (MingW32)

    iD8DBQFHTIEcCMEe9B/8oqERAmLAAJ49ZoCo1kBjVHj3oSojF5rZ+GgOggCfR9Bb
    eMwb3JGY11fiFyRPX5EsjKY=
    =3KqP
    —–END PGP SIGNATURE—–

    Reply
  5. If I delete the history, and all associated files to my internet usage, such as porn, etc… Can they still view it? I’d like to know how to cover some tracks… I definately have learned that I can’t be looking at non-business material at work… HELP?!?!?!?

    Reply
  6. i’m not worried about the ISP so much as the low paid customer service staff who hate their jobs, their lives, and have nothing better to do than cause havoc using my identity

    Reply
  7. do they tell us if we ask what sites we have visited?
    Do they know if we are using vpn?
    and i’d like someone to answer david’s quiestion if they can still peek even when we have cleared the history…
    Do they have the sites that we have visited in a database record or something?

    *DO* they? There’s no way to know for sure. Some might, but I suspect most do not. You’re just not that intersting.

    *COULD* they? Yes, of course.

    There’s no way to know exactly what any specific ISP is actually doing. And whatever you might find out today about one ISP will be different tomorrow, or for any other ISP. The important thing here is to know that they COULD, not try and rely on what they DO.

    -Leo

    Reply
  8. my ex wife is a school teacher. she emailed me from her home computer. why did her home IP address not show up. only her her school email IP did. my son emailed from the same house under his yahoo email and their home IP address came up. it is confusing me.

    Reply
  9. yes the isp’s always monitor your internet usage…. why i say this is because i got a call from my isp….so hell yeah i know they do monitor in somewhat a way your internet activity … but not 24/7 paranoid kind of way… but its not like they dont even glance at it at all….

    Reply
  10. If I access the internet using my PC, using my employer-provided ISP, and employer-provided modem (which I also use to access the internet on my company laptop, from home) can my employer see what sites i visit on my PC, even if i am not connected to the VPN?

    They could. Whether they’d bother to is a different question. No idea on that.

    – Leo
    13-Mar-2009
    Reply
  11. hey Leo. do u think an ISP can take screen shots of my monitor? or record my monitor screen while i connected to the internet? please answer. thanks!

    Reply
  12. My ISP, Wow Internet, gave me a second offense (first one was cause someone was downloading video game torrents) because I complained about stuff on my Twitter account. All I did was say that I hated my mom and that I hate that adolescents have no freedom. So yes, your ISP is monitoring your internet 24/7. And because I’m a minor, I can’t do anything about it but sit there and be paranoid because I can’t trust my ISP anymore.

    While watching for torrent activity is common, it’s more likely that someone complained to your ISP about your behaviour when you made those comments about your mom.

    – Leo
    05-Apr-2009
    Reply
  13. Leo, even though i use VPN can my ISP know the bandwith i’m using at any given point or the amount of data that i’ve downloaded?

    Yes.

    – Leo
    04-Jun-2009
    Reply
  14. Great site! Can my ISP legally reveal internet usage to an employer if I use a company USB modem?

    i understand they can only provide stats not details.

    Sorry, but I’m not a lawyer. The answer probably also varies based on where you live. I wouldn’t think so, but like I said, I can’t know for sure.

    – Leo
    23-Jun-2009
    Reply
  15. Hello Leo, and all who have posted on this article!
    My question is possibly like a few others that makes me wonder… However I do know that my ISP can do what ever they want too, if need be spy on me and what I’m doing online like, Surfing, Downloading, Reading Emails blah blah etc! But mainly its downloading that they are looking into on my PC. Is there such a way to possibly spy on my ISP!!!! to find out why they wanna know so much about me / what I do on my free time! I would be glad to know if anyone can answer that for me. Or help me find a better way to stop my ISP from knowing what I do online, Which is my own business not anyone elses. See I feel that it is a invasion of my privacy which no one should know what I do online. It is my own business like I said!

    What’s important to understand here is that just because an ISP can spy on you doesn’t mean that they are spying on you. In fact I’m sure that 99.9999% of the time your ISP doesn’t give a toot what you’re doing and isn’t going to take the time, bother and expense to spy on you.

    When ISPs do look at what you’re up to, it’s typically for one of three reasons: 1) someone complained to them about some aspect of your behaviour, 2) law enforcement has some kind of interest in you and came to your ISP with the appropriate paperwork, or 3) you caused some kind of technical difficulty – like perhaps using tons of bandwidth by running a server – that caught the ISPs attention.

    There’s only so much you can do. You can encrypt everything you’re doing over a VPN, tunnel or some other kind of anonymization service, but even then things like the amount of bandwidth you use will always be visible to your ISP and may start them asking questions if it’s causing problems.

    The important thing here is simply to know that your ISP can see what you do by default. The probably don’t, unless there’s a good reason.

    Don’t take it personally, but you’re just not that interesting.

    – Leo
    23-Jul-2009

    Reply
  16. ISP may not be interested in our email or websites we visit, but it is possible for a renegade or corrupt employee to do this with a little prodding and loose change from our enemies or competitiors. This is very true in a county like ours where cyber laws are still evolving and supervision and enforcement are lax. It is easy for the perpetrator, who by now would have ruined the customer, to go scot free while the ISP may get its reputation tarnished. In my case this snooping was happening for sometime and when I complained,the ISP, part of a billion dollar entity, was in denial mode at first and now have come around saying we’ll investigate. Now I have decided to approach the top management to enlighten them on this and put in proper processes to help customers.

    Reply
  17. Oh, there’s one more reason they might want to spy on you, as some of us Comcast subscribers have learned. They want to know what you think of them. Send a message with “Comcast Sucks” or “Lousy Comcast Service”, etc., in your message subject line and you’ll suddenly get “generic” messages from them wanting to know how to improve their service. Don’t tell me they’re not watching.

    Reply
    • i have a better one for you and all of you should have eyes wide open for this. If you interview with an ISP they will search for what websites you visit and if they think those web sites are too risky or offensive they will not hire you based upon their findings and what they feel is acceptable or unacceptable usage, This violates their own terms of service and user agreement policy. UAP TOS. They will never tell you this. They will just tell you the interview process has been terminated with nothing else to say. There is no privacy on the internet and everything you say will be held against you in a way that can affect gainful employment. Most of the concern is is social media usage but also will include frequently visited websites and email correspondence.. So my take on all of this is that people get profiled pigeon holed and blacklisted. Meanwhile if you are a corporation that is too big to fail you have no accountability. Basically the internet is being used a surveillance tool in a digital matrix to keep you enslaved. Merging human with machine. I worked help desk user support for many years before most of the jobs were outsourced overseas so believe me when I tell you this is no joke. Everyone is has a psychological profile archived.

      Reply
  18. Hi Leo. Alot of great info here. What a great find. Anyway, I have a question. If the government agency has a court order to search one’s email conversation, how likely are they to search past email conversations? I mean do ISPs keep all emails from all their users or they have a time limit after which all emails beyond the time limits are erased from the ISP’s database. Can ISP pull out all my email contents on a moment’s notice? Just something I wanted to ask but no one to ask until now. Thanks.

    There’s no way to know “how likely”. What will be available will vary from ISP to ISP, and how much effort the authorities are willing to put in depends on the situation.

    Leo
    13-Oct-2009
    Reply
  19. You’re right, ISPs usually aren’t very interested in monitoring and recording your online activities, but the government intelligence agencies are.

    I would warn you about what’s to come as far as the death of online privacy, but the fact is that the death has already occurred.

    Over the past decade, the intelligence agencies have received virtually no resistance from ISPs in their pursuit of full monitoring access.

    This is mainly because they lie to ISPs.
    They tell them that their intention is to catch horrible people such as ‘terrorists’ and child pornographers, and then assure them that only those people will be monitored.

    So, at this point, I guarantee you that the U.S. intelligence agencies are recording every single thing you’re doing online.
    And, thanks to exponentially advancing data storage technology, they have absolutely no reason to ever delete the information they’ve recorded.

    Reply
  20. I looked at pornographic sites, nothing dodgy, merely women in bikinis and celebrity spyshots from paparazzi and used automobile sites, would an ISP really be interested in spying on me for that?

    Reply
  21. Quite frankly you don’t know what you are talking about. All your communication & surfing via the internet is monitored, tracked and fed into a database that spins out a profile about who you are,where you live,images downloaded, sites visited,computer used, mac address location, etc ad nauseum and sold to third parties who turn and sell them to various governmental and non government agencies. ISP’s overworked…come on…it’s done through software and fed into a database…easy to do even capturing your MAC address, system processor. Check out privacy.net and the lawsuit against Microsoft and Comcast. It’s illegal and a violation of Federal and State Law to record a conversation via telephone in most states w/o proper notification, or wiretap a phone line without a court order, or open someone else’s postal mail but are you saying it is perfectly legal to read another person’s email without proper authorization? Now, just where did you get your law degree? Did you know that Microsoft encodes info. about you in every document you use. So now comcast hijacks your DNS so is that phishing when they redirect you to another site..hmmmm… but then ISP’s are too busy to do that. I wonder about copyright infringement? Who gets all that ad money? Didn’t ICann knock down Verisign for trying the samething? Private policy statements…hmmm again check out privacy.net

    Reply
  22. Hi Leo: I noticed you mentioned that with services like Anonymizer and Tor, your ISP will know (or can know, if they look) that you are using those services but will not know where you are surfing. A few questions for the fully paranoid:

    1) What would that look like to the ISP while you are surfing? Would some specific data that says “Anonymizer” or “Tor” show up as the site you are currently visiting?
    2) If so, would the very fact that they now know you are using such a service cause suspicion? “Hmmm. This guy’s using Tor. He must be up to something. Let’s look a little closer.”
    3) Is it possible that some ISPs prohibit the use of such services, and could therefore cancel your service for violation of terms? I have read my ISPs terms of service, and it says nothing about it that I can find. My colleagues have done the same and found nothing in their agreements either.

    Thank you for this great site! I just found it today and as a student studying cyber laws I am very interested in these topics.

    1) Exactly – they’ll be able to see that you’ve connected to an anonymization service.
    2) No idea. Most people aren’t interesting enough to even be looking at, so they may never notice. Most folks have an over-developed sense of paranoia, I’ve found. Not that *some* people aren’t being watched, but most people are not.
    3) Depends entirely on the ISP, the agreements and who knows what else. Is it possible? Sure. Will they? Unlikely, I would think.

    Leo
    09-Jan-2010
    Reply
  23. Most definitely they can and do. I use Cox ISP. I tried using the Anonymizer, and apparently Cox has a system where it immediately acknowledges this program, therefore, I was unable to do any surfing at all. They completely shut down my use of the internet. I had to quit using it in order to use the internet.

    Reply
  24. I just had a read through because im with a new isp and was curious…

    about a year ago, UK, and i think USA government are paying yahoo, google(100%) etc email companies to “by law” store data for a year! they say they can only store date, time, from and to, and other tiny snippets (no actual content) but im sure with legal rights they could explore in more detail…

    i know for a fact that “educational/research only companies” have programs in testing that monitors keywords, i.e. “bomb”, “Kill” etc etc… these are for some reason based in china…. a “Peerguardian” type of program i tried initiated a curious google search on isp addresses connected to my pc and collecting data…

    at the end of the day, as long as you’re not doing anything severely illegal, what do you have to worry about? to be honest, i think its a good thing to some degree… for many reasons! far out ways the downside of being embarrassed about porn, or a small slap on the wrist for plagiarism/piracy! especially when we are faced with terrorism… fraud… child abuse… drugs… hate crimes etc etc etc

    some disgruntled employee has fun in your name, you can prove it wasnt you without even trying! also, most people are untrusting of the internet, and know they can be traced, so knowing that, why even bother?

    Great site BTW Leo! i have floated through a few times!

    Reply
  25. Of course the ISP knows everything. They own the physical cables and hardware that carries the data your computer transmits. ISProvider. By provide they mean route, so it goes through them. As said in the article you can stop them from seeing the data being transmitted by they still know where it is going to. If you want watertight security, don’t use the internet. Microwave your computer, burn it or drive over it a few times in a heavy goods vehicle. Whatever.

    This is the only TRUE way to be “secure” because either way you are the transmitter. You want your information (data) to get from A to B. You are going to be trusting someone to deliver that data.

    And For Your Information all these “encrypted” services aren’t ever as secure as they are marketed. SSL, HTTPS and all these other encryption methods are nothing to some people. How safe do you feel pitching that “super secure” protocol of yours against any one of these cypher building/breaking supercomputers – not that they even require that as many of these common encryption techniques have been around for years and have well known flaws.

    Either way, it’s game over. If you want to form a terrorist plot, assassinate someone, overthrow the government or anything else we could “all be using the internet for” just forget the net ever existed.

    However as the author pointed out. Why does the ISP care? Why would they care? I mean sure I have countless opportunities to exploit computer systems every day and go sifting through hard drives seeing what people have been doing but why would I want to do that. It’s boring and a waste of time.

    ISPs only care what your using their “service” for and throw all your information to the hungry dogs because they don’t want to be held liable.

    Reply
  26. another nifty trick would also be something like PeerBlock, it alil added firewall that is a bit more obtrusive on ur own puter, that with added IP list/s to either allow connections or to block totally for whatever reason, I use it myself and trust me I feel alot better!!!

    Reply
  27. thank you will subscribe to you using anony yet cannot give email been years on web your answer the most straight to the point rubbishless completely just want to say thank you and much appreciated got to you accidentally advertise more more people need you.

    Reply
  28. Thanks for offering good information but my paranoia doesn’t exist because I”m worried about my private internet usage is being seen…it’s because I live in China and the only reason why I bought a VPN to begin with was so I could access websites like youtube and facebook – not because I’m doing anything illegal but because I want to stay in touch with the world. And my ISP watches everything I do even using a strong VPN service provider, and they intentionally slow down or completely block all of my internet chatter. I’ll be surprised if this message ever goes through. And I’m dying to see my family on webcam. Damn paranoid bastards – Who, me?

    Reply
  29. Doesn’t matter what you use your ISp can still see what your doing. All they need to do is check the packets coming in from the Proxy and going out at the right time. A VPN service is basically a web proxy where you pay for a trust level. So it ain’t really a VPN. Its a connectivity service basically. It doesn’t connect you to a private network but to the Internet so they are not VPN’s.

    In reality there is no such thing as real anonymity online, if you do something bad enough, the people in power can find you. IP Spoofing is misunderstood in 9/10 cases and is no protection against anything. And web proxies, offer little or no protection. They are good enough if you just want to stop your school/parents/office from tracking your surfing habits, but they won’t protect you from doing time if you commit a federal crime.

    A good VPN service is much more than a web proxy. It truly is a Virtual Private Network to their servers which hides all your traffic from your ISP and points inbetween. One the traffic leaves the VPN service, of course, it is back in the cleaer.

    Leo
    29-Nov-2011

    Reply
  30. this is an old article and now you have the answer to your repeated question in the article (“why would your ISP check your traffic”) :

    ACTA, SOPA, PIPA

    Reply
  31. ISP will be very interest in monitoring people like
    megastar, superstar, movie actor. This is money business for ISP to spy on it. ISP they spy on the people who can change the world and for money.

    Reply
  32. Thanks for all the useful informations so far!

    Pls small level staff of one network was saying everything am doing online to someone including massages, mails and on whatsapp. does customer care staffs have access to my doings online? second, if I change network can they still have access to my new line because am from Nigerian where we can move to network we likes? thanks Mr

    Reply
  33. my parents wanna know how i used up 40gb in a month. so they r gonna contact the isp and ask for my internet usage and history and stuff. do u know what isp can tell them?

    Reply
  34. I was using cellular data on a mobile device could they (the ISP) know what websites I’ve visited? And can they give details of websites i visited , to a third person ,if asked by a third person (brother or relative) . And if the SIM is Switched of for a couple of months.

    Reply
    • Yes they can tell, and yet they can give the information to a third person. Though it is not likely they would give it to a brother or relative. Law enforcement is another story. Basically – just consider that what you do online is public and not private and you will be fine.

      Reply
  35. Hi,

    Recently my son left very inappropriate comment on his school friends biog. His family is very furious and wants to sue. Apologies were not accepted.
    I am using Google Open DNS as third party DNS provider.
    My question is very simple. Can ISP list that this SPECIFIC PAGE on blogger.com was visited at that moment and from our IP address or they can log only IP address of blogger.com. I know they usually can and do log URLs but there is something specific here….I’am using Google Open DNS server. Some people say that provider only logs IP address of sites you visited if you use third party DNS provider and some that they can see and log full URL. This is very important for me so please help.

    Thanks in advance

    Reply
  36. I am a 20 year active IT Specialist.

    People, if you think ISP’s do not spy on you, then you are being very naive. How many times have you heard of the government finding things out about individuals or it foils some terrorist plot just in the nick of time.

    We live in a different world today where everything is tied into computers, internet and telecommunications.

    The Internet is a curse and blessing for governmental agencies who use it to gather information about the “bad guys” and even “good people” too! Not only are you being spied on via the ISP – which are only conduits to the search engines (Google, in particular), but you are being spied on by very powerful spy satellites above. These too, are hooked into everything.

    I would not be so worried about you ISP than Google. Google is in bed with the Federal Government and is it’s “whore.” Think: Why would NOT the Federal Government use Google? It does so regularly and clandestinely.

    There is a massive super NSA secret gathering complex that is under construction in Utah. Mormon contractors are heavily involved with its construction. I have met them.

    Our government has become so adept at lying to us, it does it so easily now. I served twenty years in the US Armed Forces and I can tell you that lying to Americans under the guise of “keeping us safe” is appalling to me. Our worst enemies are not so-called terrorist, but our own government.

    I know why they are building but I cannot disclose it here. I can say this, however: A whole new meaning has been placed on the expression, “Uncle SAM Want’s You?”

    Reply
    • So you’re saying some old guy from Long Island looking up how to fix his freezer engine could get spied on by the Governments? Haha. That’s great. They must have a good time dealing with those people. For like 286 million times across the US.

      Reply
  37. Hey i think i finally found the right website (and right topic) to get some useful answers. I see some new replies too so hopefully the thread is still active.

    Well im from Sweden but we have something similar to NSA, FRA that are allowed to collect data and spy on people’s web activity (to be used to find criminal activity but who knows what else).

    Is it likely that data from 3 years ago is still stored? I would actually have some use of it. Need to find out of someone in particular hacked me/spied on me back then but dont have the computer anymore. Its a potential crime but is it possible to make them check old stuff connected to my IP or router or email login or anything else, just by suspicion? I mean they wanna find cyber crime and i wanna know for personal reasons, should be a win-win.

    How does it work over there?

    Reply
    • It’s expensive and resource consuming for law enforcement to get data like that. The data might be stored somewhere, but unless the law enforcement officials consider it worthwhile, I doubt there’s any way they’d bother to go after it. Simply suspecting you might be hacked is probably way down in their list of priorities.

      Reply
  38. Hi. I’m from Canada and I’m planning to erase my hard drive using a free software on both my computer and iPad. If I do this would the sip still be able to access my browsing history then? i don’t want to get into trouble, it’s really scaring me.

    Reply
    • Your ISP has access to all of your browsing history as all of your browsing goes through their servers and they keep these records for an unknown period of time (each ISP is different). Wiping your hard drive would not eliminated these records.

      Reply
  39. Hi Leo. I have a guest in my house. He is using his own computer in my house which is connected to my internet provider. I have a reason not to trust him while he is using his computer. Can I ask my internet provider to send me an (my) online internet history? Do I have the right to ask for this information? Will it show the pages or whatever he has used? Thank you for your help.

    Reply
    • I’d be shocked if an ISP would provide this information. That they can monitor your history doesn’t mean that they do. Most probably don’t, unless requested to by law enforcement. Even if they did keep records I’d still be very surprised if they provided it to anyone but the police with a warrant.

      Reply
  40. Hello Leo, I need to install some kind of certificate to my computer from the ISP so I can access https sites. I was wandering if this could some how give my ISP option to monitor what I am doing on these sites. For example to see my bank account when I log in to that site or maybe get my password?

    Reply
    • A certificate wouldn’t allow your ISP or anyone to monitor your https activity. The certificate is issued by a trusted certificate authority on behalf of the website you are accessing, your bank in this case, to verify the identity of the bank. An https website encrypts all of the traffic between your computer and the website using https, causing it to appear as garbage to anyone monitoring the traffic.

      Reply
      • Actually a certificate created and provided by the ISP (or your company’s IT department or other intermediary) could actually do exactly what is feared here. It would enable a man-in-the-middle attack.

        Reply
    • If your ISP is asking you to install a certificate that they provide, then yes, this could allow them to intercept your https connections. I don’t know why else they would do it.

      Reply
  41. I called my ISP about a problem with my connection (something not connecting with web correctly.)

    He stated that I had just done the following (giving me a list of the things that I had just done on line.)

    So your sttemetnts are so true.

    Reply
  42. Just in case it may help answer one part of the question, my e-mail provider (B.T.) once went crazy (after a ‘system down’ of some sort) and sent me 4 months’ worth of e-mails. The same happened again recently when I started on a new computer. It appears the server keeps them all for 4 months.

    Reply
  43. Leo: In light of the Snowden revelations about what the NSA and associated agencies can and are doing daily to virtually everyone, most of the readers’ – and some of yours – comments have been turned upside down and inside out.

    However in browsing the comments, my eye caught one from Jim on 10/9/09 @ 10:58 pm —- that accurately warned and predicted exactly what Snowden exposed to be commonplace —- but Jim’s comment was dated over 3 years before Snowden’s wide release of the evidence.

    How many people at that time may have read that and thought Jim was paranoid? You should send him an acknowledgement.

    Reply
  44. I don’t know about every community in the U.S. but most public libraries offer free Wi-Fi to anyone who cares to surf the web. Now if you’re using your library card to log on, then everything can be traced to that card, from the computer you were using to your logged on time. The same applies if you ask to use one of their computers as a guest because you’ll need to provide valid I.D. for a “guest session” and you have to log on with that specific guest code.

    However, I’ve at times logged onto the library’s wifi as a guest with “my own” phone or laptop and all I had to do was provide a fake email address and click that I understood the libraries internet rules. The wifi extends outdoors for 10-20 yards so you don’t even have to go inside the physical building. Couple that with Tor or some other encrypted service and voila, you’re an anonymous person with no tracks. Unless the library has some way of capturing specific information about your phone, tablet or laptop that could track you down if need be. I don’t think so and of course it doesn’t help if you’re sending & receiving unencrypted email or logging into personal accounts. But hey, if you’re PARANOID about your ISP then go to the library.

    Reply
  45. The conservative federal (national) government of Australia requires all ISPs to provide de-personalised user data. They are threatening to require ISPs to provide data on individual use. The excuse is to control (illegal) access to child pornography but each time we surrender freedoms for one purpose we are at risk of governments abusing their powers and, in this case, of costs being placed on private enterprise (the ISPs) which means an increase in charges to consumers.

    Reply
  46. I wonder how to get rid of the fair usage policy , I’m from sudan and I’m using my modem connection , it`s a 3G modem but my ISP only allowed 500 MB for 1day and then your speed slow down so much from 900k/s to 10k/s

    Reply
    • It’s not something you “get rid” of. You would have to talk to the ISP for what your options would be. Typically it simply costs more to use more.

      Reply
  47. Please answer my question. Can someone find out that you watch porn online through an isp address? For example if I know my bf’s isp address is there a way I could find out if he is watching porn with it?

    Reply
  48. To technical support

    My neighbor used my cable ADSL removed from my house connected to his house, from 30 Dec 2015 to 18 Jan 2016 without authorization by me and has been informed immediately to my ISP…
    My ISP is Djibouti Telecom and ADLS line is 21354521.

    Can please tell me if there is to let know it the data history whether WebPages visiting and files downloading during this period.

    Thanks and best regards
    Ahmed

    Reply
    • That’s information your ISP should have. They normally wouldn’t release that information. Perhaps if you contact law enforcement, there’s a possibility that they might intervene.

      Reply
  49. I have a question that I have not seen answered anywhere. It’s an interesting twist to me.
    I find it hard to believe that I am the only one with this question.
    Let me lay the ground data:
    My company pays for my *home* ISP because I work many, many hours from home.
    All my home equipment is my own, software, hardware, router.
    Everything, except modem that is owned by the ISP we use, a major local and national ISP.

    The question: What right to privacy do I have regarding the company’s access to my online activities?
    Can they see everything? Nothing? Legally or illegally can they access anything? Everything?

    Remember, they own nothing, no hardware at my home, they merely pay the ISP monthly bill.
    Great site and thanks for reading!

    Reply
    • This gets into legal nuances that a) I’m certainly not qualified to address, b) may not even BE addressed in any laws, c) will almost CERTAINLY be different depending on exactly where you live, and d) would probably only get defined on a case-by-case basis if a lawsuit were to arise around it. My sense is that the act of paying for your internet connection might give them the right to “own” what you do with it (including monitoring it), but the practical mechanisms do to that are sketchy at best since they don’t own the equipment.

      Bottom line: if it’s important that it be kept private, I wouldn’t do it over company-owned or paid-for anything.

      Reply
  50. Knowing that ISP’s can monitor internet usage, can the ISP identify which device was used? For example, User A, B, and C all connected to one network. User A accesses a certain blog. Will the ISP be able to know which device was used for that certain internet activity? Or will ISP’s just identify which network was used?

    Reply
    • The ISP can probably tell which device was used. In fact, almost any server and website can tell what kind of computer you are using to access the site, and which browser. A good example is the fact that when you go to a webpage with your computer it will display differently than if you go with your phone. The website is able to tell what you are using, and show you a page that will look best on that device. Of course an ISP has the same sort of capability. They aren’t sitting there in a room watching you all the time. It’s just that the computers collect the data.

      Reply
    • Best we can say is, “it depends”. It depends on the ability of the ISP to understand the content of the traffic, AND what kind of network traffic it is. Some may be traceable to the device in some way (nothing standard) if they look at it and analyze it, some – perhaps even most – may not be.

      Reply
  51. Great site and amazing info here!

    Could you please confirm if my ISP can see what I’m typing in real time, for instance when I’m writing an email in Gmail? I mean, how useful is it to encrypt my emails if a dishonest ISP technician can see the text while I’m typing it? This is important to me because my ISP is a very small local enterprise, wiring a few residential buildings in my city, and I do have reasons to believe that I have been spied when my credit card infos were used in a local fraud recently, although I only place online orders on https sites. Assuming I’m right, is there a way to prevent my ISP to see what I’m typing in Gmail?

    Reply
    • Your ISP can’t see anything you’re typing. In fact, if you use GMail or any serious email provider, when you send the email, all they would see is gibberish, as GMail uses https: which encrypts your email between your computer and GMail’s servers. The same holds true for any site which uses https:.

      It’s more likely that credit card information is compromised by using it at retail businesses than through online shopping.
      https://askleo.com/online_shopping_just_how_safe_is_it/

      Reply
  52. My ISP is controlling their router and they are forcing me from not using another router via PNP (Plug and Play) feature which is pretty annoying which from what they say it is a new technology ( crap ) .I want to use my Asus RT AC-5300 instead of the ISP router but they are forcing me to use their useless DLink DIR 850L and isnt that good. any suggesting on how to adjust my new router instead of theirs ( not as an access point ). please let me know or any other guide can help

    Reply
  53. Sometimes I just feel like my ISP would randomly inspect one of the connections and then look at it, just for fun, then they would found something interesting. It’s like a lottery ticket for about 286 million internet users. Am I still just a bit paranoid? I mean I feel like I’m safe but should I even be worried in the beginning?

    Reply
  54. So I work from home and my work pays for internet. The isp provides the router/ modem and the internet and my work pays them, this isp is used for my company nation wide so I am part of a national bill. My computer is connected through an ethernet cord. If I were to plug this ethernet cord into my Xbox for example would my work notice? I understand that they carried this information if they look but with a national bill would they notice a small difference in bandwidth or does a national bill breakdown the usage for each user and is it monthly or weekly?

    Reply
  55. hi,

    I have been given a dongle by work. when I put my own data sim in it the dongle works, so its not binded. when i put the work sim in another dongle it works.
    the network admin a few weeks back told me jokingly that he can see what I am doing on the internet.
    I don’t have any concerns from the govt. or the isp or anyone but that one person because he happens to be related and I just don’t want him to look at my searches. (emphasis: he’s related and may have deep interest in what I am doing).

    will using over-the-counter vpn software help me in this regard?

    please note: the sim and the dongle given to me by work doesn’t make me connect to the work vpn or anything. just plug in and use it.

    Reply
  56. Hello,

    Can an ISP also see if e-mails have been edited? So if someone received an email, they changed the content of that received email?

    Need to know since I suspect someone might do that to me.

    Reply
    • The ISP or the email service provider would have access to the original email. It would normally take a court order to have them release it.

      Reply
    • Editing an email would be quite a trick. It’s easy to edit a copy when a person is forwarding or replying, but editing the actual email would require access to the server… and capturing it on it’s way to you. The important thing to understand about emails is that everything is a copy. A person creates an email on their computer… and then sends a copy. Depending on how it goes through the servers one or more copies are made as it is sent to you. Then you have a copy on your computer. If you reply to it, or forward it, then another copy of the original email, embedded in the text of the new email, is now created and sent through the same process. So “editing the email” in the way you are talking about it would require access to the source, and then editing all the copies along the way.

      Reply
      • Hi, thanks for your answers! Accessing such a server would only be possible if it were your own, I guess? At least it seems to me it would not be possible to access a server from Windows Office 365 mail or Googles Gmail, so e-mails can’t just be edited there. And it seems to me big companies like that would keep very good backups. Anyhow, I really have no knowledge about how this all works, trying to understand because.Ifind it interesting as well. Thanks again!

        Reply
      • Still it question though: it’s possible to edit e-mails through Microsoft Outlook, right? So they actually appear in the inbox of Outlook.com with the edits made? So how’s that really difficult? And how can these edits ever be proofed if one does not have the original e-mail anymore?

        Reply
        • Outlook.com: the web service: I Know of no way to “edit” an email in your inbox leaving it as updated in your inbox. All you can do is reply or forward.

          Outlook: the desktop email program with Office (or any desktop email program, for that matter): often messages can be edited, and there’s often no proof.

          Reply
  57. Thank you for your very interesting article.
    For work purposes, I access my companies databases through a server that they provide, and that I access via my own computer, and by logging on to Internet Explorer. I use a separate browser for my own stuff. Is it possible for anyone from my company to access my own personal information (emails, browsing history, bank details (!)) Is this an example of the paranoia that Leo talks about?

    Reply
    • Yep, this is paranoia. Whether it’s justified or not I can’t say. :-)

      It’s certainly possible that they might have techniques to access your personal information, but it’s probably unlikely.

      Reply
      • Thanks for this Leo. I’ve decided to worry about this stuff. In the UK, they are about to bring in legislation which people refer to as ‘a snoopers charter’. At first I felt OK about it, until I found that MPs were to be exempt. They fear, of course, that once there is the possibility of their privacy being invaded, that they will be open to blackmail. I’m clearly not the only one who is paranoid! I think I’ll make a short cut, and copy in Theresa May to all my emails in future.

        Reply
  58. I have quite a few of destroyed laptops from crazy and unusual instances that occured over the years. I called my ISP and talked with the owner if there was by chance any way to see if there is a hacker in my internet and he was grouchy and a bit off set , so i handed my phone to my middle son to see if he could make any progress in the call, it seemed to ping a level of respect from the ISP owner’s tone of voice, but it was like pulling teeth, he said he used to work for the government and assured me no one was stalking me online and then mockingly said none of what I do online is private and that yes they at the ISP i am connected to can see everything me and my sons do online. I reminded him that I already know me and my families activities online are not entirely private but I wanted a solid reason as to why all my protected devices like laptops and smart phones were being corrupted even with anti-virus/malware software active and up to date. It only makes me wonder even more if I should be concerned with maybe a few family members who paid my ISP owner to spy on us and perhaps when I attempted to do an investigation , they quickly covered their tracks. The reason i think my sister could have been involved in all this is because of a very grim history of her slandering me and gossipping about me since I was a tot , for some reason she usually wins over most she comes into contact with over the years, this has caused me a high level of emotional and mental stress that has impacted my physical health and wellbeing to function, and worse this works in her favor about her calling me crazy and of course the people she knows often are busy bodies so this works in her favor and she is a decent acquaintance with the ISP owner. I am wondering that her hostility towards me when I attempt to confront her she will threaten to call the cops on me , i figure she is up to no good and scared to death of getting caught and facing a justful law suit. Otherwise , her aggressions and two faced behaviors wouldn’t make sense and all my years of dealing with cyber attacks and no one willing to give me any legal advice on what to do, or how to put a stop to it.

    Reply
    • I have a hard time believing an ISP would spy on their clients as it is a serious crime, but it’s not impossible. If I strongly suspected that, I would switch to a different ISP.

      Reply
  59. My ex-husband has been stalking me and makes comments about things I can’t figure out how he can possibly know unless he can see my text messages or internet use. One day he broke into my house and my router had been tampered with, in addition the name of my wife and password had reverted back to the default settings. Is it possible for him to see my texts if I am using wifi? If I changed routers, will that prevent him from accessing information? I need to put a stop to this.

    Reply
    • There’s no blanket answer I can give you — the answer is of course “yes, it’s possible“, but I have no way of knowing what’s actually happening. You may need to get some kind of technician to examine your setup and advise you.

      Reply
  60. It’s my understanding that some ISPs harvest the keyword searches one does in Google and any other search engines. They then sell this data to online businesses like WordTracker, SEMRush, KeywordDiscovery, etc.

    But what do I know? I used to eat lunch sitting on overturned drywall mud buckets for 20+ years.

    Reply
    • Perhaps, but they’re not selling “Tim Carter looked for ….” — if they do anything like this they’re selling “Our customers looked for ….”, which is much more valuable. You and I, as individuals are not that interesting, but the collected anonymous data of thousands is, as it tells you things you can’t decipher from just an individual’s search history — things like trends, and popularity.

      Reply
  61. Recently I’ve noticed just about every site I visit begins with https, not http, so encrypted. A while back I began using the free Cloudflare 1.1.1.1 DNS service on my phone and laptop and am wondering if they add the encryption just by routing everything through their servers, or is it just a coincidence that everyone is swapping to https? Leo, can you explain how they and other DNS companies work, and do they really add any privacy protection? Like a vpn service, they may slow my connection a bit even though they advertise the opposite effect, but I’ve done no testing to really compare.
    https://www.androidpolice.com/2018/04/01/cloudflare-launches-public-dns-service-claiming-faster-google-dns-opendns/

    Reply
    • DNS does not, (and in fact can not) add https style encryption to a site that doesn’t have it. It’s the site — and only that site — that must support https. More and more sites are doing so.

      DNS is nothing more than mapping a name (like askleo.com) to the IP address of the server on which it resides. One you have that DNS is out of the picture and the https (or http) conversation begins.

      Reply
  62. Hello
    I have found out that a web site was visited and pictures downloaded to it. The phone sip traced it back to my account, however no one her used any of their phones to go to that web site. How could some one get into my phone account to make it look like it came from here?

    Reply
  63. Leo Traynor, an Internet user in Ireland, had a problem. More specifically, he had a troll, a very nasty troll. At first, the troll just sent him nasty messages on Twitter, telling him that he was a dirty f*cking Jewish scumbag, for example. Every time Traynor blocked the troll, it would reappear with a new account. (Note to Twitter: perhaps you should let users block the IP addresses associated with harassing accounts, along with the accounts themselves to prevent this from happening.)

    Reply
    • That wouldn’t work because it’s easy to spoof your IP address via a VPN or proxy and most people use dynamic IP addresses where the IP address can be different each time you access the Internet. IP or email address blocking is a game of whack-a-mole. Heuristics (in this case, determining if it is spam or trolling by determining if it fits the category of spam or trolling) is a better approach. It’s not perfect but probably the best there is so far. I believe Facebook uses heuristics to determine whether posts use hate speech or other prohibited speech. That belief is based on my heuristic observation :-)

      Reply
  64. Hi!…
    .
    Are persons being tagged on the Internet (by whomever… and e.g., by anti-SPAM groups such as Akismet and the The SpamHaus Project [and their software], or by groups who hate the users of the Tor Browser) to the extent, that those being tagged are neither able to send or to receive anonymous emails, or emails generally? And if so, how would those being impacted be able to communicate anonymously or even overtly their victimization, or even know that sundry of their “sent messages” are not being received?… and how many of the netizen community (and even Human Digital Rights Advocacies!) would even be able to learn (anonymously, or overtly!) what’s going on?

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.