Internet Service Providers

HackedParenting is reader supported and ad-free.
We will never sell your data, however, may earn a commission when you buy through links in our site.

Why care about your ISP?

If you are reading this article, you have internet access. If you have internet access, you have an Internet Service Provider (ISP). It may be your mobile phone provider, it may be fiber connection at your house, the delivery mechanism does not matter. What matters is your ISP can observe (to varying degrees) every bit of internet traffic leaving your devices. So what can they see and what can you do to maintain your privacy? Let us find out.

When you visit a website, download a file, or play an online game, your traffic traverses the internet. It can take any number of routes, crossing geographical boundaries. Internet traffic will often take different paths and these paths can change frequently. You cannot always predict the entire path your traffic will follow. However, it will always traverse your ISP.

In theory, your ISP can see every bit of traffic leaving your network. Realistically, your ISP won’t be monitoring and harvesting every bit of data you send. They may not have the need, ability, or resources to harvest the entirety of your traffic. Every ISP is different. Different ISPs in different geographical locations may be subject to different rules governing what they can and cannot collect.

Look at your ISPs Privacy Policies to see what they collect and who they share or sell your information to. Advertisers find the treasure trove of information ISPs have to be very valuable. Not liking what you see? Consider switching providers or writing your legislator about building a comprehensive online privacy law.

Minimizing ISP Data Collection

Still, there are steps you can take as a user to minimize what an ISP can collect. We will start off with an easy one, requiring little to no effort on your part.

Encrypting Web Traffic

HTTPS , which stands for HyperText Transfer Protocol Secure, encrypts the communication between two points. It’s easily recognizable, with a URL in your web browser starting with ‘https://’ and has a little 🔒 to the left of it. As your internet traffic hops through different internet nodes, HTTPS prevents them from viewing the actual content of your traffic.

Your ISP can still see which websites you visit and how often you visit, but not the actual content. They can’t tell what you’re doing on these individual websites. Your bank account numbers, passwords, personal messages, or any other content sent over HTTPS is no longer visible to your ISP. Unfortunately, you have little direct control over which sites use HTTPS. What you can do is avoid sites that don’t show the little 🔒 icon, or e-mail the site owner and request they enable HTTPS.

Google Chrome and Firefox both have an “Always use HTTPS” style setting which will force the use of HTTPS when possible and warn you when visiting sites with no HTTPS support.

Force HTTPS in Firefox for Windows, MacOS, and Linux

1. Click the hamburger icon (☰) in the Firefox toolbar
2. Select “Settings” in the dropdown menu
3. Navigate to “Privacy & Security” in the Settings menu
4. Scroll down to the section titled “HTTPS-Only Mode”
5. Select “Enable HTTPS-Only Mode in all windows”
6. Add exceptions as needed under the “Manage Exceptions” button

Force HTTPS in Chrome

1. Click the vertical ellipsis icon (⋮) in the Chrome toolbar
2. Select “Settings” in the dropdown menu
3. Navigate to “Privacy and Security” in the Settings menu
4. Scroll down to “Always use secure connections”
5. Enable the “Always use secure connections” toggle

We’ll hit browser-based protections up again in a later article with much more detail.

ISP Hardware

Another step you can take, requiring some financial investment, is opting not to use ISP hardware. They will often offer / force you to use their modem, router, wireless access point, whatever hybrid hardware for a rental fee, which can actually cost more in the long-term than buying your own hardware. These are very convenient, as the ISP installs them for you, troubleshoots any issues you have, and will replace them if they fail. However, this convenience can come at the cost of security and privacy.

For instance, ISPs can remotely troubleshoot your network connection. Doing so requires an ISP technician to access your network remotely. This essentially amounts to a backdoor into your network. You’re relying on the underlying security of this ‘backdoor’ to protect your network. An ISP could also use this backdoor to access your home network. Access to your network can provide insight to the devices you’re using and let them view traffic not intended for the internet.

Some ISPs may force their hardware on you, or require it for other services such as TV. In those cases, you can often still bring in your own hardware. You’ll need to set their hardware up in bridge mode and disable their wireless networks. If the router has removable Wi-Fi antennae, you can remove them to limit its ability to transmit if you can’t disable the Wi-Fi itself.

There are additional steps you can take to reduce your ISP’s ability to collect on you. We’ll discuss them briefly, but each will get their own post in this Privacy Primer series.

All-in-One Router / Switch / Wi-Fi Access Points

• TP-Link AX1800
• TP-Link AXE5400
• Linksys MR8300

Additional Steps

First, the Domain Name System (DNS) is similar to a phonebook for the internet. Where a phonebook (or a modern digital version of one) takes a company name to provide you a phone number, DNS turns a human-readable domain like hackedparenting.dev into an Internet Protocol (IP) address computer networks understand like 104.21.7.141. You don’t need to really understand the details. Just know your devices will talk to a DNS server to convert these domain names to IP addresses.

You can configure these DNS servers manually, but it isn’t uncommon for your ISP to assign your DNS servers when you initially connect to their network. Basically, any time any device on your network sends a DNS request, the ISP will know which domains you’re requesting. It’s convenient, as you immediately get internet access without the need to tinker, but it is a privacy concern. All you have to do is manually configure your DNS server to point to a privacy-focused DNS service such as CloudFlare, Quad9, or NextDNS.

Second, a Virtual Private Network (VPN) encrypts all traffic passing through the VPN. There are VPN apps available for both desktop and mobile platforms. You can often configure them on your home router as well. Paid solutions likes of ProtonVPN and NordVPN respect your privacy while offering speedy, secure services. Some paid VPNs offer a free tier with transmission caps or device limits. Research whichever VPN you think of using to have a better idea of their respect for privacy, network speed, etc. Using a VPN prevents your ISP from viewing pretty much any of your network traffic. All they can see is you are using a VPN.

Lastly, you can limit the personal information they have to sell. For instance, you can use a virtual credit card such as those offered by Privacy.com. This lets you avoid providing your actual credit card, which could in theory be used to identify your banking institution. E-mail relays are a simple solution to avoid offering your personal e-mail address to anyone who asks, including your ISP. Also, review your account settings with your ISP. There may be certain privacy-compromising tracking services for you to opt out of.

Final Thoughts

To reiterate, everything you do on the internet will travel through your ISP. It doesn’t matter if you’re using a home cable drop or a cellular provider. This gives them a unique level of access to your network data, which can be valuable information for sale to data brokers, advertisers, etc. Taking the steps in this article will go a long way in minimizing the information your ISP can collect on you or your family.