If you use the internet, somebody is tracking your online movements, and the easiest bet is that your internet service provider is logging your personal information. You’ve likely heard that a VPN will solve your trust issues; what you may not know is that VPNs, apart from providing excellent internet protection, also share some of your information with your ISP.
The information your ISP (Internet Service Provider) can see while you utilize a VPN is the port your VPN protocol uses and the fact that you are using an IP address owned by the VPN server. Your ISP can also see the time of your connection, the encrypted data, and the amount of data transferred.
Should You Trust Your ISP?
The problem starts when your ISP has access to personally identifiable information about your internet traffic apart from the information stated above. This is the reason why VPNs are necessary to prevent such monitoring from happening.
The fact that your ISP has access to metadata and connection information can make you second guess if using a VPN is even worth it. However, there are specific reasons why ISPs must have this information. And the reasons might not be as bad as it may seem at first.
In the following sections, we will explain if your internet provider can track you while using a VPN and break down why they require any information from us in the first place.
If You Want Decent Anonymity, Use Tor Browser
Using a VPN will not keep your browsing habits anonymous, nor will it add additional security to non-secure (HTTP) traffic.
If you are looking for anonymity, you should use the Tor Browser instead of a VPN.
The Tor Browser downloads easily, and works similar to any other browser.
How Tor Works
Tor protects you by bouncing your communications throughout the world in a distributed network of relays run by volunteers.
In using Tor, you yourself become another peer-volunteer, wherein you protect other people around the world in the process.The proper use of the Tor network prevents eavesdroppers from learning your IP address, spying on you, and disclosing your physical location. Tor also allows you to access sites that are blocked by your ISP or country.
If You Want Browsing Security, Use HTTPS
If you’re looking for added security, you should always ensure you’re connecting to websites using Firefox and its DNS-over-HTTPS (DoH) and HTTPS everywhere. A VPN is not a replacement for good security practices, but in conjunction with a DoH improves privacy by hiding domain name lookups from someone lurking on public WiFi, your ISP, or anyone else on your local network. DoH, when enabled, ensures that your ISP cannot collect and sell personal information related to your browsing behaviour.
Can You Be Traced if You Use a VPN?
Do you want the world to know which websites you frequent and what topics you research and with whom you associate?
Perhaps you don’t care and say “I have nothing to hide,” but odds are you value your privacy as a basic human right. Your thoughts are your own. Your body is your own. Your bathroom habits are your own.
The reason most people tend to use a VPN is to prevent being tracked or hacked online, either by their internet provider or another malicious individual.
We have already stated that your ISP has access to certain information about your network traffic even when you utilize a VPN. For this reason, many may wonder if your internet service provider can abuse your personal information and cause harm.
The answer to this question is no; your internet service provider cannot track which websites you visit nor your physical location while using a VPN.
The Purpose of VPNs and How They Protect You From Being Tracked
First, when using a VPN, your ISP will lose monitoring access to information about the websites you’re visiting, as well as the time spent on such websites. This is very beneficial if you’re worried about your data being tracked and possibly abused.
Another great feature VPNs have is that no one can access the files you either download or upload to specific sites. One of the most notable features VPNs offer is that no one can look into your browsing and search history or track what you’re typing on any website.
Keep in mind that these security features can differ depending on which VPN you plan on using. The most expensive ones usually provide the best protection, but there are also other affordable options that do the job. For this reason, be careful when choosing a VPN, and research which one matches your needs the best.
After looking into some of the security options your VPN can provide you, you still may have concerns about the information it’s allowing your ISP to have. This may leave you wondering if it’s possible for your ISP to take advantage of that information.
Use a VPN router to supplement or replace your existing router and encrypt all your network traffic.
A VPN router is a router that can be a VPN client. With it, everything that you send through that router goes through the VPN network. This is a great way to hide your browsing activities from your internet service provider.
Many home WiFi routers can be “flashed” to run open-source firmware, such as the DD-WRT firmware, which in turn supports the OpenVPN protocol natively. Most decent VPN services support OpenVPN as well and provide instructions on how to use them with open-source routers.
Why Does Your ISP Have Access to Some Browsing Information?
If you’re worried about your browsing history being listed on your Internet bill, — no, your ISP will not write out a list of every website you’ve visited each month. While they do in theory have that information, there is usually no need to worry about internet service providers tracking your steps and abusing your personal information. This doesn’t mean some of your data isn’t being stored in your ISP’s system database, to be stolen or shared if the ISP is hacked or asked by authorities to hand over their data.
Thus, many internet users consider ways of protecting themselves, which is when they come across VPNs as the perfect solution. While VPNs certainly provide a significant amount of privacy, they can’t hide all of the information about your network trafficking.
When using a VPN, your real IP is always hidden behind the IP address of your VPN. This means that your actual IP address cannot be tracked. Also, the information your device is sending and receiving is heavily encrypted and makes no sense to anyone (your ISP) looking at the data.
Such information is displayed only because of the way VPNs work; in order to have a VPN, you must have an internet service provider that will provide you with access to the internet. Once connected, VPNs make sure that your devices are connecting via secure servers to the right websites, rather than through potentially insecure public networks that could be vulnerable to unauthorized monitoring.
When your device needs to send a package of information, it first has to send a request to the required destination. Only after the destination approves such connection, the operation of transferring data can proceed.
However, when you use a VPN, the request is sent to the VPN servers. From there on, they are entirely in charge of delivering your information. Your VPN will do this in the safest possible way so that your internet provider never finds out the final destination with which you initiated an interaction.
As we can see, ISPs still have some access to your information only because of technical reasons. In order to connect yourself to the internet with a VPN, your IP address provided by your VPN must be seen by the ISP.
The ISP can also see the information you’re sending, but only in the encrypted form. Encrypted data is considered secure because decrypting such information is almost impossible, especially when using well-established VPN providers.
Apart from this, your internet service provider will see the exact time you have requested a connection with your VPN provider.
The information your ISP can see is not much and will not allow your ISP to harm your privacy.
Most VPNs mask your activity from your internet provider and other websites. However, usually, free VPNs might keep their own logs of your online activity. They do this because selling such records might be their only source of income.
When the police are trying to track someone of interest, they will often ask the ISP for their connection logs. And if there are any VPN connections, they might pay the VPN provider to give them access to such logs. For this reason, make sure you always check the terms of service before choosing a VPN for yourself.
However, it’s not that often that government officials approach VPN providers because they usually have other ways of tracking down people of interest.
When searching for the right VPN to prevent ISP tracking, there are specific criteria you should be aware of; your VPN should:
- protect the DNS from leaking,
- regularly update their encryption methods,
- provide the ability to use dynamic IP addresses, and
- not be able to create IP address logs.
There are many options if you’re looking for the best security for preventing your internet service provider from abusing your private information.
- As far as VPNs go, I have not yet used ProtonVPN, but it is next on my list after my PIA subscription expires. I have heard great things about it. It is particularly trusted by people who value privacy and anonymity, whereas most of the other VPNs are utilized by people wanting to bypass country-specific restrictions or to access streaming content in other countries.
- PrivateInternetAccess – This is the VPN I use when working from coffee shops and the library. If you use public Wifi hotspots, shared internet routers, or even through your very own provider but have roommates or guests, then it is possible that your data, files, and privacy may be at risk.
- Unblock Websites: Watch Netflix or anything else from the country of your choice. With PIA If you are blocked by strict censorship from your ISP or firewall, this service will bypass the censorship and firewall, effectively providing you unrestricted access via a different IP address from the country of your choice.
- With Private Internet Access you can browse safely and securely, even in the most insecure and dangerous hotspots and networks.
- NordVPN – is considered to be a common and popular choice for VPN users. The reason for this is simple. NordVPN is famous for its strict zero-logs policy, which assures none of your information will be passed on.
NordVPN, apart from having a decent amount of servers, also includes the option of blocking specific programs from sending unencrypted information over your ISP network, in case of a connection drop.
- ExpressVPN – is considered to be the best option when searching for a VPN that will provide you full ISP protection. The most significant advantage of using ExpressVPN is that it uses its own DNS servers; also, all of your requests are routed through the VPN.
This feature means nothing can leak to the ISP. Just like NordVPN, if the internet connection drops, it stalls the traffic until the connection returns. The only downside is that this VPN costs slightly more than the others.
- CyberGhost – is a good choice for beginners. Most importantly, CyberGhost won’t keep any of your information and will undoubtedly keep your ISP activities private and not accessible. This VPN also provides the ability to kill switch network traffic if the connection drops.
One of the biggest threats to making yourself visible to the ISP is the possibility of a dropout. When a dropout happens, your VPN connection drops. And immediately after that, your ISP will have access to the transmitted data. This is why you want to change your default DNS servers.
Thankfully, the VPNs we have listed above have specific features that prevent such dropouts from affecting your privacy, and if you use Cloudflare or another third party’s DNS servers, your ISP will not see much of what you’re browsing.
Keep in mind that depending on the country you live in, there may be different laws and regulations regarding how an ISP is allowed to collect information from their clients. Also, using VPNs is not legal in every single country. For this reason, it’s always best to research before taking action.
SBI've been practicing OSINT and utilizing Linux as my daily operating system for over twenty years. The tools are always changing and so I'm always learning, but helping you understand the value of protecting your own data remains at the forefront of everything I do.
Is Your Dumb Password on This List?
Here is an updated list of common passwords discovered in data breaches. This file contains the top 100,000 passwords from the Have I Been Pwned data set. If you see a password that you use in this list you should change it immediately.