Your Internet Service Provider or ISP can see:
- The domains you visit
- Specific pages you visit (for instance, what videos you watch)
- Any information you fill out on websites
Fortunately, there is an easy way that helps to protect you against spying ISPs: using a VPN. A VPN hides your IP address and encrypts your traffic, making it unreadable for your ISP and third parties snooping around through your data. Other options include:
- Using a proxy server
- Using the Tor browser
Our recommendation is to choose a reliable VPN to protect your privacy, such as NordVPN. This VPN provider offers excellent encryption protocols and has a strict no-logs policy, which means they don’t store their users’ data.
Your device connects to the internet through the network supplied by your internet service provider (ISP). Your ISP operates the background infrastructure that lets your computer, phone, and router communicate with the internet, so it’s a necessary service for anyone who wants to access the internet at home.
Due to its level of control over your internet routing, your ISP can see information about your internet activity. Depending on how you browse and whether your traffic is encrypted, this can include the websites you visit, the amount of data you use, and the services you access online.
In this guide, we explain what your ISP can see about your internet activity, why internet providers collect this information, and what steps you can take to limit tracking and safeguard your online privacy.
What does my ISP know about me?
Below we’ll discuss a few of the things that your ISP can very easily find out about you. In this section, we’ll highlight the “worst-case scenario,” so you can better understand how an ISP can use your data against you.
1. The domains you visit
Even if you only visit websites that use the safer HTTPS protocol, the secure alternative to the traditional HTTP protocol, your ISP can still see what websites you visit.
Pages that use HTTPS encrypt your data, making it unreadable to parties that can see your data, such as your ISP. However, ISPs can still check and monitor the website requests you make to the Domain Name System.
This is the system that translates a website name that humans can read and understand, to an IP address that machines use to communicate with each other.
If you visit pages that don’t use HTTPS, it’s even easier. Your ISP can see exactly what URLs you visit. This brings us to the next point.
2. Specific pages (URLs)
If you visit unsecured (HTTP) pages, your ISP can see exactly what these pages are. Let’s say you visit a questionable website that isn’t protected with HTTPS. In this case, your ISP will see exactly what video you’re watching and get an insight into your sexual preferences, for example.
Of course, this is an extreme example, but many privacy-minded netizens will even be concerned about less revealing information their ISP is obtaining this way.
3. Information you provide
Perhaps even more shocking is the fact that ISPs can even see what you type on a website. If the page you’re on is not HTTPS-secured and you’re not using any other safety measures to protect your information, such as a VPN, your ISP can easily track everything.
Let’s say you’re writing a comment on such a page, or filling out personal information. Your ISP will be able to see all the information being sent or received. Do note that business apps like Microsoft Teams or Slack encrypt messages, so they can’t be read easily.
Why is my ISP seeing my internet data a problem?
Your ISP spying on you can be a problem for different reasons. For instance, the FCC fined major US mobile carriers $200m for selling location data in 2024. This, as you can imagine, is a gross invasion of user privacy.
Then there is the issue of censorship in some countries. In some countries, ISPs are actually used to censor what content you’re able to see. In countries with oppressive regimes, governments often mandate ISPs to block certain websites for their inhabitants (this happens based on users’ IP addresses).
Similarly, this also happens in some very religious countries with websites like gambling platforms or pages with pornographic content. While this isn’t technically a case of your ISP spying on you, it’s another example of something that’s easily prevented by safeguarding your privacy from your ISP. Below we’ll explain how to do this.
How to prevent my ISP from seeing what I do online
As explained above, your ISP has access to much of your online activity. Fortunately, there are a few things you can do to protect your data and online activity from your ISP and make your browsing more secure and anonymous. The following three tips can help you with this:
- Using a VPN
- Utilizing a proxy server
- Using the Tor browser
Below, we’ll explain each of these options in some more detail.
1. Improving anonymity online with a VPN
Using a reliable VPN is the best and easiest way to protect yourself from online tracking that infringes on your privacy. A VPN encrypts your data traffic, making it unreadable to ISPs and third parties.
It also guides your data traffic through a secure “VPN tunnel” and past one of the VPN’s servers. This will actually change your IP address to the VPN server’s IP.
Your IP address is one of the main ways your ISP and third parties can use to recognize you online. As such, hiding it, or continually changing it, will make you much more anonymous.
What’s more, the encryption will help you to make your browsing information unreadable, while the altering of your IP will make it very difficult for your ISP to identify where that data is coming from. This winning combination makes a VPN an excellent way to protect your privacy.
Downloading and installing a VPN is anything but complicated. You simply have to make sure you choose one of the top VPNs for protecting your privacy. If you need some help, check out our section on setting up a VPN on many different devices.
Some companies, like Google, can also track you across platforms if you connect your Gmail with other services. You can, however, delete Gmail and your Google account permanently.
NordVPN will protect you from “ISPies”
NordVPN is an excellent and very privacy-minded VPN. The VPN provider offers some extremely secure encryption protocols, relying on NordLynx, which is its own iteration of the blazing-fast WireGuard protocol. Moreover, they have a strict no-logs policy. This means they couldn’t give away your data if forced by authorities, because they simply don’t store it. NordVPN is also using modern XChaCha20 encryption, while most other providers continue to use AES-256.
As such, NordVPN is an excellent way to keep your data safe from your ISPs and other third parties (in the case of your data being sold). If you want to try out NordVPN for yourself, they have a fantastic deal on right now! You can try it out without risk, thanks to NordVPN’s 30-day money-back guarantee.
Using a free VPN for privacy
Although many people use free VPNs, we strongly recommend against them if privacy is on your mind. Free VPNs often don’t have a no-logs policy and may sell your data to generate revenue and keep their servers afloat. What’s more, free VPNs commonly suffer from data leaks that expose your true IP address, even while connected to the service. Overall, they’re too unreliable to trust if privacy is a top concern.
However, if you still want to try out a VPN for free first, we recommend checking out our article on the best free VPNs.
2. Proxy servers: change your IP to become more anonymous
Just like a VPN, a proxy server will change your IP address, because your data passes through them similarly to a VPN. As such, your IP will change to the proxy server’s IP address. This is great if you want to avoid censorship enforced by your ISP, for instance.
However, it’s not really enough to really protect your data from your ISP. After all, most proxy servers do not actually encrypt your data, which means that, although they will likely not know who it belongs to, your ISP can still see and gather your data.
3. Tor browser: triple protection from your ISP?
The Tor browser is a great privacy tool. Used right, it makes it practically impossible for your ISP to see what you do online. After all, the Tor browser guides your internet traffic through at least three of their many servers (spread out all over the world).
At every server (node) your traffic gets encrypted again, so your traffic is extremely well protected. For even greater protection, we recommend using the Tor browser in combination with a VPN.
Why do internet service providers track your data?
Now that you know how to prevent internet service providers from snooping around and going through your data, you might want to know why they do it in the first place. There are different reasons for this, a few important ones of which we’ll discuss below.
Legal reasons
Some countries actually require ISPs to store users’ data. In Russia for instance, telecommunication providers are required to store metadata belonging to messages and emails. Moreover, they have to store voice recordings of phone conversations — it is unclear to us if this only concerns “traditional phone conversations or also online ones” — for six months.
The above could prove very problematic from a privacy viewpoint. After all, Russia forces messaging services such as WhatsApp to provide law enforcement with cryptographic backdoors (ways to read messages) so they can spy on their citizens. This combined with ISPs monitoring data traffic is obviously a serious problem from a privacy standpoint.
Advertising
In our information society, data is everything. Advertisers have come to realize this as well. Since ISPs have access to a lot of data, advertisers are naturally very interested in forming “partnerships” with them.
As mentioned earlier, in many jurisdictions, such as the US, ISPs can legally sell people’s data to advertisers. This helps advertisers to make their ads more specific to their viewers, which ultimately helps increase their ROI.
Censorship
Some countries censor parts of the internet that are not in line with their government’s ideology or the (majority of the) country’s religious beliefs. Examples include countries like China, Russia, Saudi Arabia, and Iran. They generally do this by making a blacklist of pages or even domains and requiring ISPs in the country to block these.
ISPs simply block the main access points and IP addresses for these websites in specific regions, thus preventing access altogether.
Laws about ISP data collection and sharing
The laws focusing on internet service providers and their data collection and sharing activities vary around the world. In the US for instance, there is no federal law that governs these practices. After all, the Trump administration repealed a few federal rules proposed by the Federal Communications Commission that stated ISPs would need permission to share customer data with external parties.
Largely in response to this repeal, a few states passed their own laws on the matter. As it stands, three states have enacted such laws: Maine, Minnesota, and Nevada. The law in Maine requires ISPs to obtain consent before sharing or selling customer data.
The laws in Nevada and Minnesota require ISPs to keep personally identifiable customer data private. Moreover, the law in Minnesota also requires ISPs to ask for permission before sharing customers’ online surfing habits and internet sites visited.
Then moving on to quite possibly the strictest world region, as far as online privacy is concerned: the EU. This one is a bit tricky, as the EU’s General Data Protection Regulation only seems to mention the collection and processing of data and doesn’t discuss sharing or selling data in detail.
According to the regulation, ISPs do have a legal basis to process customer data, even without asking for consent. After all, they have a contract with customers to provide a service, which is one of the situations in which the GDPR allows data processing.
On the other hand, the GDPR also mentions express user consent is required to collect and process data if there is no legal basis. It is therefore unclear to us if an ISP selling customer data without consent is allowed, although we strongly suspect it’s not.
As for other countries and regions, you’d be best off consulting a webpage listing internet privacy laws in your country or an expert on the matter, as the laws generally vary and tend to change quite frequently.
It’s not just your ISP that’s looking at things. Even some browser extensions pose serious privacy risks that you should be aware of!
Conclusion
Your internet service provider has an important role in how your device connects to the internet. Unfortunately, this means it can track certain parts of your online activity. While encryption and other modern standards have reduced how much data ISPs can see, your ISP may still be able to access metadata that includes the websites you connect to and the amount of data you transmit.
However, by using encrypted connections, adjusting your privacy settings, and choosing trustworthy online tools, you can reduce the amount of information exposed to your ISP. If you want the best protection, using a reliable VPN is the best way to encrypt your internet traffic and prevent your ISP from monitoring the websites and services you access.
FAQ
In most cases, your ISP can see what websites you visit, forms you complete, and videos you watch, even if you only browse safe HTTPS pages. This is because they can see the DNS requests coming from your IP address. If you browse unsafe unsecured HTTP pages, and you’re taking no steps to protect your data, they can see even more. Your ISP will see the exact pages (URLs) you’re visiting, videos you’re watching, products your shopping for, and so on.
Yes, your ISP can see private browsing, as incognito browser modes do little more than stop your device from storing browsing history and cookies. It doesn’t affect what your ISP knows about you. The only way to stop your ISP seeing your private browsing is by using secure encryption and changing your IP address. The best way to achieve this is by using a VPN.
The best way to prevent your ISP from seeing what you do is to use a VPN. A VPN encrypts your information and changes your IP address so that your online activity cannot be tracked. Using a reliable VPN like NordVPN ensures complete online privacy.
