I recently changed from Verizon DSL to Charter Cable internet services. About a week later, I started receiving warnings via email from Charter telling me to stop downloading music from limewire (copyright infringement?). After that they sent notices to stop downloading movies from UTorrent. What’s funny is that both were files that never finished downloading. What I want to know is how do they know who I am, where I go on the internet and when I choose to save something to my computer? How does someone else know when your on a website downloading anything?
Well to start with, Charter isn’t just any “someone else” … they’re your ISP.
And as your ISP they know a lot about you, and have the ability to do a lot with that information.
Verizon could have but for whatever reason chose not to.
Let’s look at that in a little more detail.
Your ISP Sees (almost) All
The whole point of having an ISP is to use their services to provide you with a connection to the internet.
That means that when you send or receive data – any data – it travels from your computer through your router and immediately encounters equipment owned and operated by your ISP.
Where, if they choose, they can look at the data.
Rarely do they look at the contents of the data, but more and more they’re looking at the type of data – they’ll note whether it’s email or a web request or an instant message.
Or file sharing.
Typically, traffic that crosses the internet is identified by the IP address of where it came from, the IP address of where it’s headed, and a “port number” that indicates what type of traffic it is. Port 80 is web traffic, 25 is email, and so on.
And file sharing is on many ISPs radars.
Your ISP’s Rules: The Terms of Service
Here’s an often frustrating catch: your ISP sets the rules about what they do and do not allow on their system.
That means that they can disallow file sharing protocols whether or not you’re using them to perform illegal downloads. The justification is typically that file sharing protocols use up a great deal of the ISPs capacity, and thus have to be disallowed in order to provide adequate service to all of its customers.
Whether or not you believe it is up to you, but it’s a plausible position.
And if you violate the ISPs rules – their TOS (terms of service) or AUP (acceptable use policy) – then the ISP has the right to disconnect you.
Your ISP Knows You
Of course your ISP also knows who you are. You pay them every month, they know where you live since they deliver the internet connection to your home.
And they also know your IP address, since in order to connect to the internet at all they had to give the IP address to you.
What that means is when (say) a movie studio says “we see one of our movies being downloaded to and shared from this IP address” your ISP can then turn right around and say “I know who that is … I’ll tell them to stop it”.
And you get the warning message you get.
It’s a File **Sharing** Protocol
When you use services like limewire, utorrent or others it’s important that you realize that you’re not only downloading whatever it is you’re downloading.
You’re also sharing what you’ve downloaded previously with others who are using the same service.
That’s why it’s called “peer to peer” file sharing – there is no central server, it’s everyone using the service sharing with each other.
That’s typically the copyright issue that most people get stuck on. If you download, say, a movie – well that’s you downloading one movie.
But with the file sharing software continuing to run, dozens if not hundreds of others could be “downloading” that same movie from your machine – even before you finish downloading it yourself. Now all of a sudden your machine becomes implicated not in one copyright violation – your download – but as a source of dozens or hundreds of other copyright violations as you make that same movie available to others.
That’s when the movie studios or record labels contact your ISP, and in turn when the ISP contacts you.
What About Encryption?
ISPs can’t see what you encrypt, it’s true. It’s one of the reasons VPNs and https and encrypted email are and should be in widespread use: no one who can see the traffic can read its contents. Many file sharing protocols have begun to do exactly that: encrypt.
The port number that defines what it is you are sending is not encrypted. It may change (25 is email, 465 is typically encrypted email), but it still defines what it is you are sending. They can’t see the contents, but your ISP can still see:
- The IP address of where the data is being sent. (That must be in the clear so that internet routers know where to send the data.)
- The IP address of where the data came from. (That must be in the clear for the TCP/IP protocol transmission acknowledgements to work.)
- The port that identifies what the data is … email, web, etc. … which is also not encrypted.
They can’t examine the data, but they can still see where the data is coming and going, and what kind of data it is.
So even encrypted your ISP could still say “hey, you’re running peer-to-peer file sharing software, and we don’t allow that: knock it off”.
Yes, there are attempts to further obfuscate peer-to-peer file sharing traffic, but you get the idea – for the most part even if the ISP can’t see what you’re sharing, they can see that you’re sharing.
And for many, that’s enough.