What information do isps collect about your browsing?

Caporegime
Joined
12 Mar 2004
Posts
29,952
Location
England
I was wondering what specific information isps actually store on their servers. Is it just a list of visited webpages files downloaded etc, or do they store more information?
 
im pretty sure they dont store anything about your web browsing habbits. but that isnt to say you will get away with viewing illegel pages such as child porn, as the police do log that kinda thing.
 
So how do companies find out if you've been downloading stuff like music and films if you dont upload anything, in fact if there isnt a record of all the data sent to a pc with p2p how can they prove anything other than that you downloaded a torrent file? I take it that the isp keep a record of who had what ip at what time/date?
 
Last edited:
If an ISP was to log all traffic for all users this would basically backrupt them, the data storage required would be massive. However this is no reason why they could not log certain traffic if they wanted.

Generally im pretty sure most UK ISP's log next to nothing. Awhile ago on the news however was ideas by the government for a draft ruling all ISP's to log all data.

In the situation you describe (i personally) would say this happens when a company policing a p2p network (posing as users to trap others) logs attempted downloads and uploads, and then forwards the data to [email protected] for them to deal with accordingly.

ISP's could active monitor for downloads and illegal activity, but their primary goal is to provide broadband and other related services. Different ISP's will have different focuses.

Hope this helps abit more.
 
Energize said:
So how do companies find out if you've been downloading stuff like music and films if you dont upload anything, in fact if there isnt a record of all the data sent to a pc with p2p how can they prove anything other than that you downloaded a torrent file? I take it that the isp keep a record of who had what ip at what time/date?

If you're using BitTorrent they can just record all the IPs that are currently active on that torrent. Anyone can see who's connected to the torrent, it doesn't take much to record all the IPs and then contact the ISPs. You don't have to upload anything to be visible on the torrent.

USENET is completely different though, a lot of News servers don't keep logs and if the ISP doesn't log the data either there's virtually no chance of getting caught, as far as I'm aware.
 
Phil99 said:
If you're using BitTorrent they can just record all the IPs that are currently active on that torrent. Anyone can see who's connected to the torrent, it doesn't take much to record all the IPs and then contact the ISPs. You don't have to upload anything to be visible on the torrent.

USENET is completely different though, a lot of News servers don't keep logs and if the ISP doesn't log the data either there's virtually no chance of getting caught, as far as I'm aware.

Does that prove you're downloading/uploading the content though? You can be connected to the torrent without downloading/uploading.
 
Unfortuently due to the RIPA act ISPs now have to store information on every URL you visit and the destination email address of every email you send, but not the email contents.
 
FordPrefect said:
Unfortunately due to the RIPA act ISPs now have to store information on every URL you visit and the destination email address of every email you send, but not the email contents.
This is the rules I am aware of. From this basic information the Police can ask for a more detailed log to be kept on specific people. (I assume a warrant is required from this, but the way we are creeping towards a Police State then I doubt much permission is required...)

There are also filters looking for "trigger words". This is more so in the states. So they must love conversations about Counter Strike, Terrorists and Kalashnikovs :)

All ISPs know who was using which IP Address from their DHCP pool at any time of the day.

The last sweep of file share court cases in the UK came from the record industry installing a file sharing program and then noting where they could get tracks from. Each IP Address they logged was then passed onto the ISPs to get real names and addresses. I believe they all complied without much hassle.

They get most of the dodgy underage pr0n site visitors on their credit cards. (Though the UK Police have a number of honey pot sites setup which can be found via Google.... these sites will be capturing IP Addresses and exact details of what was downloaded)


It depends what you are really paranoid about. If you really want to be safe when surfing online, find a nice open WiFi network and use that instead. :) I know a number of students in Brighton who do this. Including one guy who even stores his pr0n on his neighbour's hard disk!!
 
RIPA is "Regulation of Investigatory Powers Act 2000" which is different to the DPA "Data Protection Act".

DPA is about a company protecting the customer data they hold in a computer system

RIPA is about treating everyone as a criminal by having a method of watching the public and what they are doing online.
http://www.opsi.gov.uk/acts/acts2000/20000023.htm (Found via Google... now I'm gonna sit down with a cuppa and read the law...)

Edit: Got bored with the law, so went a googling...
From: http://www.tardis.ed.ac.uk/~james/politics/RIPbill.html
"Internet traffic data. Sections 21 to 25 grant the state powers to collect internet traffic data on grounds of national security, detecting or preventing crime, preventing disorder, in the interests of the UK's economic well being, in the interests of public safety or protecting public health, for levying/collecting taxes and for any purposes specified by the Secretary of State (though this last has to be approved by parliament).

Internet traffic data essentially consists of the information used to identify you and the sites you communicate with. Thus these powers allow the state to collect the email addresses you send mail to, the newsgroups you read, the web sites you visit, the files you download, where and when you login, who sends you email, in short it allows the state to do the electronic equivalent of putting you under constant surveillance, and explicitly allows this for any reason the Secretary of State sees fit (subject to parliamentary approval), or failing that a huge number of vague possible reasons. Using such data the government can build a detailed profile of your internet activities and it need not suspect you of any crime in order to do so."


That "Levying and collecting taxes" is interesting... as that implies that they can use this if they think you are selling dodgy goods on auction sites...
 
Last edited:
Back
Top Bottom