Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

How do we protect ourselves when ISPs are selling our data?

Apr 14, 2017 3:44PM PDT

Here's my question: How can we protect ourselves against the potential new law that allows broadband internet providers to track and sell our data?

Apparently, they will be able to track every single website that we access on our computers and mobile phones (wirelessly) without our consent. Will even my choice of library books be tracked?

Because the broadband market isn’t steaming with competition, we don’t have much choice about it.

http://www.tomshardware.com/news/house-allows-isps-sell-data,34012.html

Thanks.,

--Submitted by Marty J.

Post was last edited on April 21, 2017 10:37 AM PDT

Discussion is locked

- Collapse -
George Bush?
Apr 21, 2017 2:52PM PDT

Patriot Act and NSA stuff was Bush (look up who was president when they rammed the Patriot Act through)

Post was last edited on April 21, 2017 2:55 PM PDT

- Collapse -
Partison Patriot Act?
Apr 24, 2017 2:14PM PDT

You might want to get your facts straight. That bill was very bi-partisan. No one had to ram it through. The failings that led to 9-11 go across the aisle to both sides so take off your blue glasses and don't try to make this a republican issue.

- Collapse -
Rammed Through
Apr 24, 2017 11:43PM PDT

I don't know how much you put into Michael Moore's movies, but he interviewed many congressmen for Fahrenheit 911 and ll (known senators) said that Bush and, especially, VP Cheney threatened many that, if they didn't vote FOR the Patriot Act, they would be blamed for the next terrorist attack. So, depending on your definition of "rammed" it may or may not have been "truly" bi-partisan. Certainly, nobody wanted to appear to be soft on terrorism back in those days.
Regardless, it was the Patriot Act that set us up for losing a lot of privacy. You'll notice PRISM is still in effect even after Snowden.

- Collapse -
Know how they track...then work around the ways
Apr 21, 2017 6:37PM PDT

They track you by:
Dynamic Name Service (When you search for a site.)
The site IP address you visit
Cookies

First, change your DNS server. It is easy to do in Windows and most operating systems. It is in the network part of the settings/admin. Use OpenDNS or any DNS site that you trust not to track you.

Then, as mentioned in other responses, use a VPN (Virtual Private Network) service. Again pick one that you trust not to track or keep records. (Do your research!!) This encrypts all traffic from your PC through the ISP on to the VPN provider. So the ISP can't see what you are doing.

Tracking cookies are something the web site providers deposit on your PC. DNS and VPN won't stop that. You can disable all cookies in most browsers, but the web sites are likely not to work if you do. The best you can do is use a browser that has a "private" mode that deletes all cookies once you close the browser. (Chrome and Opera have that.)

That is about the best you can do unless you use a TOR browser. TOR is an "Onion" based VPN and with the above will also hide your activities. The down side is it can slooow your Internet browsing down. (Of course some VPN's will do that as well, but not as much.)

- Collapse -
Deleting Cookies
Apr 22, 2017 1:49PM PDT
- Collapse -
Who else
Apr 21, 2017 6:45PM PDT

My question is who else will they be giving data to about our whereabouts on the internet and why? I don't think ISPs will solely using this information only to collect data in turn will send us even more spam or target traffic better. We all know who our ISPs are and the same people who easily has passed our wireless phone information over to the government. Just another way for big brother to keep tabs on everyone, or even worst police the internet for crimes before they even happen, and be watched. We all know we've been to a site by accident and backed out, what if this site is run by someone being targeted and now you are as well. I'm not usually the cynic, paranoid or conspiracy theorist type but too much evidence lately has been leaked to make everyone skeptic.

- Collapse -
RE: Who else
Apr 22, 2017 1:52PM PDT

You are exactly correct! But, they already do pass search histories over to law enforcement. You hear it all the time on the news when someone perpetrates a particularly heinous crime and the news stations even tell what those searches were!

- Collapse -
How?
Apr 23, 2017 4:44AM PDT

Which brings up another question: how does the media get this information? They make a big deal about privacy invasion, but can find out - and publish - just about anything they want.

- Collapse -
Maybe they make it up
Apr 23, 2017 10:30AM PDT

Fake News

- Collapse -
RE: Maybe they make it up
Apr 23, 2017 12:01PM PDT

Possibly at times. But, more likely than not, they get that info from the police department or that is some of the info that the ISP sells.

- Collapse -
Evidence?
Apr 23, 2017 8:25PM PDT

What evidence do you have that ISPs are selling a record of the sites you visit? And what information would that provide to the news media?

The news media is revealing content, not routing as is recorded by the ISP. They get their information from browsers, social media sites, email providers, and such. None of which were ever under any form of restrictive regulation.

- Collapse -
RE: Evidence?
Apr 24, 2017 11:06AM PDT

How can the average end user have "evidence" when this is done surreptitiously? Confused

@huzedat, you are really starting to look like a shill for the ISPs or, at minimum some sort of a troll. It's as if you WANT everyone to lose even more privacy than we already have and/or that you just don't care. You are so busy fighting the truth that you are failing to LEARN anything at all, Thou protesteth too much. This link was posted elsewhere in this discussion: http://sciencefriday.com/segments/keeping-your-habits-private-in-a-connected-world/ . I strongly suggest that you actually listen to the podcast located there this time and do actually LEARN some things. 'nuff said. I will say no more to you. Plain

- Collapse -
What truth?
Apr 24, 2017 6:11PM PDT

It sounds like you are suggesting that repealing a brand new regulation before it was enforced suddenly made everyone's private information public.

I'm not for the ISPs, but I am for stopping FUD.

Someone found out that the unenforced rule was repealed and made a big deal out of it. Now everyone is running around like Chicken Little yelling that the sky is falling.

Nothing has changed. Things are today the same as they were this time last year - and the year before that, and the year...

Privacy is very important. There are serious articles all over the tech networks telling us how to protect our privacy (written by well-read authors). We need to read and follow this advice.

However, it is not appropriate to start blaming the ISPs for allowing your personal information to be passed to whomever comes up with the cash. That was done by the other Internet players on a routine basis ever since ads became profitable.

Read something besides the click-happy rant tech articles and LEARN something yourself. (You may even learn something by reading the privacy policies of your ISP, browser(s), search engine(s), and all the programs on your computer.)

- Collapse -
What is driving the fuss?
Apr 21, 2017 8:11PM PDT

Frankly, I fail to understand all the hullabaloo over this. It is not something NEW, but a repeal of something that was never put into effect. The news media has sensationalized it by making it sound like a long-standing rule was uprooted. That is not true (if one would actually read some of the other commentaries on this subject).

The repeal just maintained the status quo, business as usual, the way we've been doing things, or whatever phrase you may prefer to say that nothing changed.

Want to know what your ISP says it will/won't do? Read its privacy statement - and check its date.

If you don't trust your ISP to continue protecting your privacy because some unenforced rule was revoked, how can you trust a VPN that was never under the rule? A VPN will have the same information on your Internet activity (and maybe even more) as your ISP, and has always been allowed to sell this information - just like Google, Amazon, Facebook, and a host of others.

Some say these others have an option to opt-out. For most, if you want to use their services, you have to agree to their privacy policy. The same is true of your ISP. No one is forcing you too use it (though your options may be extremely limited).

If you had some trust in your ISP before the regulation was proposed, then why has it changed now that the proposed regulation was scrapped? It just doesn't make any sense to get all upset about something that never happened.

- Collapse -
That's what I have been saying all along
Apr 22, 2017 7:13AM PDT

But no one can give an answer as to why they think it will change now, except they say that the law, which was no in effect, would allow them to.

- Collapse -
One Thing
Apr 23, 2017 10:54PM PDT

While many are just talking about web searching, your ISP is a bit different as it has a lot more information: Home address, telephone number, date of birth, social security number, probably your credit rating. Now tie that information with the web browsing information. Included in THAT information is data about where you go that other guys (Google, Ad Choices, etc.) don't have. Such as websites in the area of medical/HIPAA that don't normally have ads that spy or not. One of the scary ones you mentioned, Amazon, can release data that is protected under federal law. Like if you use Amazon to buy medical drugs, equipment, diabetes test equipment, etc. and then sell that information.
So, I don't think the VPN would have more information if you can think back to all of the information you gave to your ISP when you signed up as opposed to what you give a VPN. The ISP has addresses and all sorts of credit stuff the VPN doesn't.

- Collapse -
Who is your ISP?
Apr 24, 2017 4:27AM PDT

What ISP are you using that required all that information? When we signed up for TV & Internet, all we gave was our name, address and phone number. That information is readily available through sites like People Search or general public records. [That includes people who have never had Internet or mobile phone connections.]

Are you trying to say browsers don't know what sites people visit? Or search engines don't know what people look for? ISPs are controlled by the TCC, which has strict rules about accessing content of communications (packets of data fall under the provision against wire-tapping). Browsers, search engines, VPNs, and such, are controlled by the FTC, which does not have comparable rules. These companies can even inspect the data packets as well as the connections.

Read the privacy policies of your ISP, browser(s), search engine(s), and all the various programs on your computer/phone. If you use, or plan to use, a VPN, be sure to read its privacy policy. See who has implemented to strictest policies to protect your information.

- Collapse -
How Do You Pay Your ISP?
Apr 24, 2017 4:03PM PDT

Most places where you pay bills can and do check your credit rating since they are dealing with financial transactions. You are talking about data gleaned from Internet usage. Have you read the privacy policy of any website that you use? If so, which ones. Most will tell you they have a right to use your personal information. Have you found any that say otherwise? I'd like to go read those policies.
By the way, a lot of those public records should be very limited in what data is out there. I know names and addresses and, maybe telephone numbers (even if you pay to keep your number private). I just went to my ISP, Time Warner Cable (Spectrum) and they have my checking account number? Does the new law allow them to include any part of that in the information? They have my billing address. Is that included? We don't know. So far, the ISPs are saying that they won't give out usage data. But they can...

- Collapse -
You are Correct about One Thing
Apr 24, 2017 11:22PM PDT

At least Time Warner/Spectrum still has in it's privacy policy that the information is safe. The question is, for how long? Your credit card information is safe but only until the president decides to do away with that protection too. But you do realize that information on how much you pay for Internet Access could tell a lot about financial information as well as how many expensive shopping sites you visit, etc. When someone kills a protection, the question should be "why?" and what will it mean for the future. ISPs as well as anyone else can change their terms and their privacy policy on a moment's notice. I used to follow those of Google for my work in criminal justice and you'd be surprised what popped up. Things like Google owning all of your data. That only lasted a short time since the (copyright) lawyers probably jumped on them for that. It still makes an interesting read, especially if you go through the history/archives.

So, while all these places have a right to your personal information, you are correct that, at least my ISP still says it won't give out anything to third-parties. At least, for now.

- Collapse -
And as we all know...
Apr 25, 2017 7:14PM PDT

...."saying" and "doing" can very well be two different things......

- Collapse -
True, But
Apr 25, 2017 10:31PM PDT

If someone has a line in the company's privacy policy and something "bad" happens that can be traced to the company's failure to follow their policy, lawsuits can happen. I was kind of shocked when Google announced that it "OWNED" your data and very quickly they changed that to read that they DON'T own your data but you have to give them a right to use (and even modify) the data for their own purposes. As I've pointed out, it would be interesting to go through archives of the policies and see what changes have been made over time.

- Collapse -
ISP's
Apr 21, 2017 9:20PM PDT
- Collapse -
Thank you sp very much, Kitty!
Apr 22, 2017 2:19PM PDT
EVERYONE needs to listen to this podcast. It's highly informative.
- Collapse -
One Minor Mistake on The Podcast
Apr 23, 2017 10:42PM PDT

One of them mentioned that PGP ("pretty Good Privacy") is free. Last I looked, it was purchased by Symantec and is not exactly free. Honestly, I don't know its exact current status, but you might want to look that up. On the other hand, at work, we used the "free" version called GNUPG or GPG. It's not as easy to use, but was perfect for what we needed it for. As part of government, we were doing child support work and we needed the major cell phone companies to turn over all of their data to us for specific names and social security numbers. At first, one of them wanted us to supply the list on a secure FTP site but that got nixed by a central authority, so we went with plan B. We used ONE-WAY encryption for each of the 800,000+ SSNs and then we used GPF with 4096-bit encryption and a 154-character passphrase (including spaces and punctuation) to encrypt the file and then SIGN the file for authenticity and send it via a simple CD through the mail. VERY SECURE. We basically used this process for all of the main carriers.

- Collapse -
Poorly understood issue
Apr 21, 2017 9:37PM PDT

You didn't not have to worry about ISPs tracking you and selling your data because they don't. It has been legal for them to do that since the dawn of time and they never have. The "new law" you read about isn't new, it actually repealed a new law that hadn't taken effect yet.

The companies that track you and profile you are Google, Facebook, Amazon, Adobe and dozens if other ad networks, You don't need to visit their sites for them to track here, they track you all over the web by embedding code in web sites. They're tracking you on this site as you read this comment.

VPNs don't prevent ad networks from tracking you. They're only good for protection from snooping on public Wi-Fi networks.

If and when ISPs start tracking us, they will provide notice and allow us to opt out. I won't opt out because I want the duopoly - Google and Facebook - to have some competition.

- Collapse -
(NT) ^You do not...
Apr 22, 2017 11:02AM PDT
- Collapse -
Correction
Apr 24, 2017 11:29PM PDT

In most cases, trackers may not have your name or SSN or even your computer name, but for the most part, even using dynamic IP addresses, these addresses don't change much. VPN will prevent anyone from tracking your private network because the packet IP will be rewritten by VPN. Nothing is perfect though. As a test, without VPN go to a speedtest site and it will usually tell you your external IP address which should match up with your router. However, if you use VPN, your IP address will drastically change almost every time.

- Collapse -
Don't forget...
Apr 25, 2017 12:50AM PDT

...that what you are hiding from your ISP will be clearly visible to a VPN. So, it again comes down to who you trust the most (or maybe trust the least): your ISP, or a VPN that may be located in another country with different laws.

As with any open discussion group, people will jump in and say this or that is the BEST. Some would trust their ISP over a VPN, others would trust one VPN over another, and so forth. But really all they ae expressing is their own personal bias.

- Collapse -
Have you heard of Google Hire.
Apr 22, 2017 4:48AM PDT

Have you heard of Google Hire? When you apply for a job, Google will sell them your search history. That's Google Hire. Google also has contractors who are told to rate certain sites as medium or low "trust ability" to affect the position in search rankings. They do not like conservative sites so they are not asked to, but told to, rate these site with low "trust ability", making them fake news sites. Thus affecting freedom of speech. I have gotten rid of as much of Google products as possible but it sounds like there is really no way for the average person to avoid these problems except to completely avoid the internet.

- Collapse -
All FUD
Apr 22, 2017 6:30AM PDT

It wasn't law before. It wouldn't have taken effect until later this year.
ISP's never sold your history of data before. But now one person says they will sell it, and then everyone will say they will sell it. Without any proof that they will sell it. And without giving you a reason as to why they will sell it.
When they have never sold it in the past.