FTC: ISPs collect and monetize far more user data than you’d think

Topic

New Reply

https://www.bleepingcomputer.com/news/security/ftc-isps-collect-and-monetize-far-more-user-data-than-you-d-think/

The Federal Trade Commission (FTC) found that the six largest internet service providers (ISPs) in the U.S. collect and share customers’ personal data without providing them with info on how it’s used or meaningful ways to control this process.

“Many internet service providers (ISPs) collect and share far more data about their customers than many consumers may expect—including access to all of their Internet traffic and real-time location data—while failing to offer consumers meaningful choices about how this data can be used,” the FTC said.

This was found as part of a study, started in 2019, into the privacy practices of U.S. broadband companies and related entities and how they collect, retain, use, and disclose info about consumers and their devices.

The six broadband providers included in FTC’s report are AT&T Mobility, Cellco Partnership (aka Verizon Wireless), Charter Communications Operating, Comcast (aka Xfinity), T-Mobile U.S., and Google Fiber…

Together, the six companies currently control roughly 98 percent of the nation’s mobile Internet market, according to the FTC…

5 users thanked author for this post.

Steve, Kenneth Stephens, Lars220, OscarCP, ClearThunder

Reply | Quote

Replies

I just got off the phone with George Orwell.   He says he’s not shocked in the least.

"War is the remedy our enemies have chosen. And I say let us give them all they want" ----- William T. Sherman

Reply | Quote

Further down the same BleepingComputer article, there is the following, perhaps not a really big surprise (two purely political statements redacted by me):

“Former FCC Chair Ajit Pai blamed for current state of things”

” U.S. Senator Ron Wyden said in a statement following FTC’s report that Ajit Pai, the former head of the FCC, is likely the one who made it possible for tech firms to disregard their users’ privacy by harvesting and using their data for business purposes.

“If Congress needed any more proof that America desperately needs a consumer privacy law, the Federal Trade Commission’s report about internet service providers’ rampant abuse of their customers’ private, personal browsing information should be enough to get Washington to act,” Wyden said.

“Whether it’s advertisers, tech companies or Big Cable, corporate America is showing absolute contempt for the idea that consumers can control personal details about their lives.” “

…..

” “Finally, it’s worth remembering that former Federal Communications Commission Chair Ajit Pai opened the floodgates to ISPs’ unchecked use of browsing data when he repealed … broadband privacy and net neutrality regulations.

“The FCC needs every tool available to stop cable companies from gouging consumers and selling their data.” “

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

3 users thanked author for this post.

Steve, Kenneth Stephens, Lars220

Reply | Quote

Here is some more general information concerning ISP spying from the Duck Duck Go spread privacy website about using https:
Is it true that my ISP is spying on my web browsing? – Answer = Yes.
Awhile back Susan recommended using the HTTPS Everywhere Add-on for our browsers, and now most browsers are including that automatically:
How to Enable HTTPS-Only Mode in Chrome, Firefox, Edge, and Safari
by Subin B – Last Updated: September 30, 2021
This will probably start more discussion about VPNs, which is ok.

Amazing Truths Revealed: Link to Simply Magnificent AskWoody Knowledge Bases

1 user thanked author for this post.

F A Kramer

Reply | Quote

Yes, a discussion on VPNs: I have found that over the past six months especially, more and more websites are apparently detecting my use of a VPN and so refusing to allow me to fully use their websites or even refusing to allow me any access at all. And for many of them I see no reason to object to my VPN but they do. So I may have insufficient use for a VPN to continue to pay for one by next year. Are others seeing this same trend?

1 user thanked author for this post.

PFC

Reply | Quote

Yes, I discovered that Amazon Prime Video will not let me see their standard videos if I am using a VPN.  I wasn’t using a VPN to circumvent country codes–just standard (not extra pay) videos.

After all, our dear AskWoody site will not let us log in if we are using a VPN.  That really bothers me, and seems hypocritical for a site that argues for a high degree of security and privacy.

Reply | Quote

kstephens43 wrote:
our dear AskWoody site will not let us log in if we are using a VPN

our dear AskWoody site will not let us log in is protected by security mechanisms that often make it difficult to log in if we are using a VPN

FTFY

But yeah, I get your point.

But I also understand Susan’s need to protect the site. And I assure you that she’s not the first smart technically-competent super-well-intentioned admin to implement increased security measures that result in reduced system openness, flexibility, ease-of-use… factors must be weighed, tradeoffs must be made…

Hope this helps.

Reply | Quote

No, the site doesn’t block VPNs.  The site blocks vpns with questionable reputations.  There’s a big difference.  Not all VPNs are actually good for you.

Susan Bradley Patch Lady/Prudent patcher

Reply | Quote

AFAIK, HTTPS is going to encrypt traffic coming and going, but the ISP’s will still know where you’re coming and going to/from!

I use OpenDNS; yeah, I know it was acquired by Cisco, but until someone gives me a DNS service (free) that eliminated corporate snooping altogether…eh, it’s the Devil or the Deep Blue Sea.

My ISP resets the blasted DNS every time the DHCP lease expires, I think. It’s THEIR gateway/router.

Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

Reply | Quote

NTDBD wrote:
until someone gives me a DNS service (free) that eliminated corporate snooping altogether…

Maybe take a look at Quad9?

Hope this helps.

Reply | Quote

Nibbled To Death By Ducks wrote:

but the ISP’s will still know where you’re coming and going to/from!

Not if you use DNS-Over-HTTPS

1 user thanked author for this post.

PFC

Reply | Quote

TRUE! Thanks, Alex, I had forgotten that I’d even enabled that! <Senior Brain Fog….) Running the latest FF here with that enabled. Unfortunately, I only passed 3 of the 4 security tests at:

https://www.ghacks.net/2019/04/29/check-if-your-browser-uses-secure-dns-dnssec-tls-1-3-and-encrypted-sni/

Fiddled with about:config.network.<wbr />security.<wbr />esni.<wbr />enabled and toggled the value to True, restarted the browser, but still flunked the SNI check.

Guess there’s more to this than meets the command line…any suggestions?

Win7 Pro SP1 64-bit, Dell Latitude E6330 ("The Tank"), Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Newbie
--
"The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

2 users thanked author for this post.

Steve, PFC

Reply | Quote

Nibbled To Death By Ducks wrote:

AFAIK, HTTPS is going to encrypt traffic coming and going, but the ISP’s will still know where you’re coming and going to/from!

does a VPN resolve this?

1 user thanked author for this post.

Alex5723

Reply | Quote

PFC wrote:

Nibbled To Death By Ducks wrote:

AFAIK, HTTPS is going to encrypt traffic coming and going, but the ISP’s will still know where you’re coming and going to/from!

does a VPN resolve this?

Yes.

1 user thanked author for this post.

PFC

Reply | Quote

But the VPN operators can know, if they chose to . The question then would be: why should one trust a VPN operator? Suspicions within suspicions in wickedly endless recursion …

Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

Reply | Quote

OscarCP wrote:

But the VPN operators can know, if they chose to .

isn’t everything encrypted?

Reply | Quote

PFC wrote:

OscarCP wrote:

But the VPN operators can know, if they chose to .

isn’t everything encrypted?

It has to be unencrypted by the VPN service provider:

Can VPN traffic and internet activity be monitored

All internet traffic is encrypted and routed via a VPN server hence the internet activity stays hidden only from ISP, hackers and the public, but, in theory, all internet activity can be monitored by a VPN service itself, since the company has full control of a VPN server and can see all your traffic.

It is important to know what internet activities a VPN can monitor. A VPN service can monitor and log your general connection information: this information may contain your IP address, the website you’re trying to reach IP address, the connection time and the amount of data transferred. This data is pretty general and usually aggregated, which does not say much about you in particular.

In-depth monitoring of internet activity might also include logging usage and traffic. These logs usually contain detailed information about specific user connections and along with the general connection information a data on specific files downloaded, websites visited, locations, protocols, times, search terms and user’s online behavior is monitored. This type of monitoring is usually a business model of free VPNs.

Can VPN monitor their user’s internet activity

Reply | Quote