188

cross-posted from: https://covert.nexus/post/27235

The FTC released a staff report in 2021 analyzing the privacy practices of six major U.S. Internet Service Providers. The report found that these ISPs collect as much, if not more, data on their customers' browsing habits than popular advertisers like Google and Facebook. Additionally, some of these ISPs either operate their own advertising businesses or sell the data to third parties, such as the NSA.

all 29 comments
sorted by: hot top controversial new old
[-] Sunny@slrpnk.net 40 points 8 months ago

Observations

  • Many ISPs in Our Study Amass Large Pools of Sensitive Consumer Data.
  • Several ISPs in Our Study Gather and Use Data in Ways Consumers Do Not Expect and Could Cause Them Harm.
  • Although Many ISPs in Our Study Purport to Offer Consumers Choices, These Choices are Often Illusory.
  • Many ISPs in Our Study Can be At Least As Privacy-Intrusive as Large Advertising Platforms.

Oh how lovely...

[-] adespoton@lemmy.ca 8 points 8 months ago

And this is why you never ever use ISP DNS, run DNS over HTTPS in the browser, and always use encrypted networking.

And use VPNs appropriate to the activity, when appropriate.

Oh, and never turn on ISP-supplied WiFi, as that gives them full access to the traffic from every device on your LAN, what physical hardware you own, and even where it is located in your home (and when it leaves and comes back to your home).

[-] inspxtr@lemmy.world 1 points 8 months ago

never turn on ISP-supplied WiFi

maybe I’m missing something here, how do you get access to the internet for all devices (mobiles, laptops, …) without wifi then?

[-] jacksilver@lemmy.world 2 points 8 months ago

You can get your own modem (what plugs into the wall) or your own wifi router (you'd plug this into the isp modem). Your own modem is better, but ISPs can give you grief about "supporting" them.

[-] inspxtr@lemmy.world 1 points 8 months ago

ah gotcha, you meant ISP-provided devices

[-] masterofn001@lemmy.ca 1 points 8 months ago* (last edited 8 months ago)

A wireless/ethernet router as access point, a personal proxy server, or pihole, between your devices and theirs. Or, if possible your own modem and router.

[ISP modem/router]<--LAN-->[personal wifi router]<~~wifi~~>[cheap pc proxy @ 192.168.x.x]<~~wifi~~>[all your devices]

Proxy could be ssh(socks5), tor, shadowsocks (not microsocks), dnscrypt, tinyproxy, nekobox, whatever. They'd all have the same internal address from the proxy (if set up that way) and then again one address from the router to their device. (Router and proxy order could be reversed : or just router for some basic device identity privacy - it doesn't encrypt your data though. An encrypted proxy will. And tor or a VPN will mask your external ip) Some proxies/VPN are more secure than others.

And,RTFM. A bad configuration can be worse than no configuration.

[-] Gemini24601@lemmy.world 31 points 8 months ago

All those “hackers” in vpn commercials are in reality your isp.

[-] taladar@sh.itjust.works 0 points 8 months ago

Mainly because the VPN companies want to get that same data instead.

[-] MediaSensationalism@covert.nexus 22 points 8 months ago* (last edited 8 months ago)

This information, although not new, sheds light on the misconception prevalent even amongst industry professionals today that ISPs only retain customer usage data related to IP address assignment.

[-] taladar@sh.itjust.works -1 points 8 months ago

However VPNs are exactly the same as ISPs, especially when it comes to actions forced by the government in the jurisdiction they are in.

[-] Scolding0513@sh.itjust.works 3 points 8 months ago

you're doing blanket statements. this highly depends on the provider

[-] taladar@sh.itjust.works -1 points 8 months ago

If you think your VPN provider is more immune to legal authorities than your ISP you are deluding yourself.

[-] Scolding0513@sh.itjust.works 0 points 8 months ago

if you think that every VPN in the world handles legal situations the same way regardless of jurisdiction then you are a total nonce

[-] fishos@lemmy.world -2 points 8 months ago

Which is why good vpns are hosted in countries with extremely high privacy laws. And some can even be bought and used without giving any personal info. And why most vpns are RAM only and literally can't log any records.

But you knew this before you spouted off, right?

[-] Sunny@slrpnk.net 16 points 8 months ago

Thanks for sharing! This is highly relevant to my master thesis, appreciate it 🌻

[-] technomad@slrpnk.net 3 points 8 months ago

What is your master thesis on, if you don't mind me asking?

[-] Sunny@slrpnk.net 8 points 8 months ago

All good! It's about the use of free VPNs and how they may impact user privacy and security. But I do mention that VPNs is a one of the reasons as to why some people choose to use them in the first place. And this is a good source to have as it shows exactly the reasons as to why people flee to VPNs (be it paid or free).

Spoiler, in the majority of the cases free vpn's are not good to use, but there isn't too many documented articles on the topic, only some. So wanted to contribute on that field :)

[-] technomad@slrpnk.net 3 points 8 months ago

That is really cool, and super interesting! Thanks for sharing!

[-] MigratingtoLemmy@lemmy.world 15 points 8 months ago

Straight from the FTC? Very nice

[-] Rentlar@lemmy.ca 13 points 8 months ago

Isn't it great when the US' FTC does something other than lick corporate boot?

[-] pdxfed@lemmy.world 4 points 8 months ago

Almost like presidential appointment powers matter! If only Democrats would have realized that before giving Trump 3 lifelong SCOTUS appointments.

[-] Outtatime@sh.itjust.works 13 points 8 months ago

Needs to be outlawed. Ridiculous

[-] MediaSensationalism@covert.nexus 21 points 8 months ago

In 2017, Trump revoked regulations put in place by the Obama administration that would have compelled ISPs to obtain user consent before selling their browsing data.

[-] Scolding0513@sh.itjust.works 4 points 8 months ago
[-] Peffse@lemmy.world 6 points 8 months ago

Maybe I'm just not getting it, but if we've mostly transitioned to HTTPS and encrypted DNS... what exactly can the ISP learn other than the address they serve and MAC of your gateway? Is this report for those who use their ISP's DNS?

this post was submitted on 29 Mar 2024
188 points (99.5% liked)

Privacy

32165 readers
276 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS