Internet Service Providers (ISPs), like the name suggests, allow users to access the Internet with tools and methods they provide acting as a form of go-between between the user and the web page which they wish to access. So, when a person accesses a website, they access it with the tools and devices provided by their ISP.
The peculiarity of the service provided by ISPs may raise the question, “how much does my ISP know about my online activities?”. We will be sharing how much information accessible by ISPs with a particular focus on torrenting activity. We start with how much information available to your ISP. The activity that can be seen by an ISP depends on whether the connection is encrypted or not.
When a user’s activities are unencrypted, their ISP has a lot of access to everything they do, from the passwords to emails. An ISP can see the websites accessed by a user with an unencrypted connection and every information the user enters into the website. This ranges from passwords to personal information. Visiting websites with HTTP and expired or invalid SSL certificates is thus strongly discouraged as everything entered into such websites can be seen by the user’s ISP.
Also, an ISP can read one’s emails if unencrypted thus the importance of sticking with emails with a valid SSL certificate and the Transport Layer Security (TLS) security.
It has been established that ISPs can also tell Bitcoin transactions from unencrypted messages as regards Bitcoin transactions. With an unencrypted connection, an ISP can tell unencrypted messages sent to TCP ports as typically done by some Bitcoin clients.
Torrenting activity is another online activity which a user’s ISP can access if done through an unencrypted connection. Platforms like BitTorrent allow users to share files over the Internet, and these files include both legal and illegal items. ISPs can see users’ torrenting activity when they access torrenting platforms with an unencrypted connection.
Although ISPs are not particularly concerned about the files one downloads except the user is flagged by the corporation that owns the content, they are concerned about how much bandwidth a particular user is consuming. If a user consumes a lot of bandwidth, it slows down the activities of other users. Thus, when an ISP notices torrenting activity, it throttles the user’s connection to balance the connection speed across the different users. ISPs can tell torrenting activity on an unencrypted connection since they can the IP address consuming the bandwidth.
An established way of throttling of one,s connection is by the use of an active VPN. A VPN reroutes the traffic from a user’s activity hence the ISP will not be able to tell the exact IP address consuming the bandwidth. VPNs provide the level of encryption needed to avoid throttling by one’s ISP by hiding the IP address of the user.
With an encrypted connection, on the other hand, an ISP cannot see a lot of users’ online activities, and that is why at least a basic level of encryption is advised for Internet users.
Although ISPs cannot tell users’ exact activity over an encrypted connection, they can get an idea of the platforms a users visits from the patterns of these platforms. It has been established that platforms such as YouTube give off specific traffic pattern which can inform the ISP that the user is on that platform. Peer-to-peer sharing platforms also give off signals that can inform the ISP that the user is on such a platform.
Although an ISP cannot tell the file been sent over an encrypted network with a peer-to-peer sharing platform, they can tell that the user is using a peer-to-peer software. When an ISP can tell that a user is running a software that is consuming a lot of bandwidth which is a violation of the terms of service, they send messages to inform the user of the violation. It is thus not uncommon for one to get a warning message when they consistently use peer-to-peer sharing platforms.
Thus, it is safe to say that ISPs can tell torrenting activity but cannot exactly track down the activity when one uses an encrypted connection. This is because ISPs get as much information as they routinely need to know from the traffic given off by the user’s device even with an encrypted connection which is how much bandwidth a particular user consumes.
Media organizations, on the other hand, are more concerned about what a user downloads from torrent platforms and take the extra steps required to track the torrenting activity. When a media organization finds out that a user downloads copies of their material from peer-to-peer sharing platforms, they contact the ISP which then takes the necessary action which could be a warning or outright ban.