ISP Privacy FAQ

This is one of the most commons question asked by people just getting into TOR and, unfortunately, the answer is not what many would expect. The Onion Router is meant to increase the privacy of its users and it does do just that since it essentially encrypts data. However, there are known loopholes that can be explored by ISPs to see past TOR and find out what pages you’re visiting. For instance, one of these methods explores the entry and exit nodes of the TOR network, though the downside of this is that’s often hard and expensive to achieve. This is why it’s advisable to combine the use of TOR with a VPN.

From an ISP perspective, TOR essentially works like a VPN. Internet providers can see that you’re using TOR but they can’t see what you’re actually doing on it, but this still doesn’t mean that it is an infallible method. TOR is usually associated with torrents and other illegal activity such as the accessing the dark web, which itself has some pretty disturbing content that is kept underground to avoid detection, though of course government agencies have over time developed the necessary tools to ‘break’ TOR. The results are clear, as some police cases like hoax bomb threats or child pornography networks have ended up with arrests on those who thought they were 100% safe on the TOR network. This only proves that if the appropriate effort is spent on it, then it’s possible to get around TOR.

But that doesn’t mean that all TOR users are using the tool to access the dark web or for torrenting illegal content. Some people simply rely on this to navigate freely and legally on the web, with the major difference being that their browsing session is not publicly visible to their ISP. What this means, essentially, is that TOR is safe but that illegal activities can still be traced.

Many people have already turned to some TOR alternatives to guarantee a little extra privacy, with VPNs being one of them. However, using the two together is a better option than choosing one over the other. Nowadays VPNs are more complete than TOR and many of them already have ad blockers and other security tools built in, so both programs complement one another and work to lessen their respective disadvantages. Unfortunately, VPNs are not free like TOR, but this is a necessary price to pay for increased privacy and anonymity.

Though it might seem like an invasion of your privacy, it is true that an ISP stores your browser searches. But, in truth, if there’s anything that can be considered to be an illusion nowadays, it’s the idea of privacy, particularly when it comes to the online world. Sure, we can always turn to VPNs or other privacy-oriented tools and think of how they put our computer into a bubble, but this is exercise is futile given that most people voluntarily share every little aspect of their lives on social media.

With that said, the idea of ISPs storing such personal data as the things you share for is a complex topic that differs from country to country. In the U.S. court orders can be issued to ISPs requiring the handover of data from certain IP addresses associated with illegal activity, and as such these companies need to keep a backlog of records for different amounts of time. It’s not only legal issues that are the reasons behind ISPs collecting browsing history records since business is always at the forefront; ISPs make profit from selling those records to marketing companies who are keen on bombarding users with targeted advertisements.

While this is considered a shameful practice by many people, it’s not any different from what Facebook or Google have been doing for years.Honestly, talking about ISPs gathering customer data and not mentioning these giant media companies simply doesn’t make sense, as these two know more about their users than any ISP can. It’s not just them, obviously, but among other things Google and Facebook aggregate demographic data and the preferences you demonstrate on your profile. In turn, advertisers are offered the most desirable audiences and pay good money for such information.

ISPs block VPNs through various techniques, with port and IP address blocking being the most common. When it comes to services that are designed to circumvent the rules, usually the targets on their back grows alongside their popularity. In other words, when a certain VPN provider starts gaining a larger user base it also puts it on the radar of ISPs and other corporations, sometimes even gaining the attention of governments. Fortunately, there’s also some ways to bypass these VPN blocks.

Regardless of which method ISPs use to restrict proxies and VPNs, the best way of avoiding blocks is to turn less popular services. Since one of the most common methods used by ISPs to block VPNs is to target IP addresses, when you connect to a VPN you’ll be attributed a temporary IP address from another country that will often be enough to overcome geolocation issues on many websites. In turn, this means there are only so many servers and IPs available to you and they’re always the same for all customers – though it’s true that the biggest VPN companies will often add new addresses. ISPs can search for and block the IP addresses known to belong to a certain VPN company.

The other method is to disable connection ports that are mostly associated with VPN traffic. The internet works through communication ports between two end points, and so ISPs, governments, and other system administrators can block the ones that would be suitable to halt access to a VPN server. VPNs regularly use the same ports – such as PPTP or L2TP, for instance – so it’s easy for ISPs to know which ones to ‘blackout’.

How to tell if ISPs are blocking VPNs

Knowing that your ISP is blocking your VPN is just a matter of putting two and two together. If you’re using a VPN but somehow you’re still unable to connect to a specific website, if a message shows up forbidding access, or if you’re simply unable to connect to the internet at all, then it’s likely that your ISP is behind it. A good way to try to diagnose and solve this problem is by changing back and forth between servers to see if a different IP address does the trick or switch between ports or VPN protocols, if possible.

More and more VPNs nowadays are already delivering techniques to circumvent this situation, such as traffic obfuscation and scrambling, which essentially disguise the VPN to make it look like regular traffic. Others provide an extensive list of ports and include some less popular ones that because of this are usually not on the radar of most ISPs.

ISPs use different techniques to control connection speeds, which includes boosting and throttling them whenever necessary. There are numerous factors that contribute to this, covering the likes of your profile as a consumer, bandwidth being limited to serve the local share of everyone at peak hours, and more. This is one of the main disadvantages of having your traffic exposed to ISPs, since not only can they spy on what you’re doing but it allows them to see exactly when throttling is most worthwhile. Fortunately, VPNs are able to hide you from ISPs and help to prevent further throttling in the future.

Bandwidth and throttling techniques

Online streaming is one of the activities that requires the most bandwidth so if you’re an avid fan of watching video content, then it’s likely that your consumer ‘profile’ reflects this. Regardless of how much bandwidth you’re entitled to, ISPs build your consumer profile based on which sites you visit, how much time you spend on them, and how much bandwidth is used at certain times of the day. A good example of personal throttling is, for instance, someone with a job from 9am to 6pm who only has the time for some online streaming during the evening. Their profile will reflect this, with higher bandwidth consumption at these times, maybe even surpassing the edges of acceptable consumption.

Let’s not forget that this work schedule is the reality for most people, and so the peak time when the bandwidth capacity is not enough to serve everyone happens to also be precisely at this point in the evening, which may lead to a general throttling of several users of the same ISP. But how is this done?

Well, the internet works by sending and receiving packets – small data units routed between two endpoints of a connection like your computer and a determined website – which allows bandwidth controlling agents to use techniques such as deliberately dropping or queuing packets. Both of these methods have a high impact on overall speed as packets are either waiting to be delivered or continuously delivered at low speeds.

Hiding traffic with VPNs

When a VPN connection is established your traffic doesn’t go directly from your computer to the designated website. Rather than this typical path, the traffic is instead routed through the VPN company’s server, which not only gives you a forged IP address but also acts as a protective ‘bubble’ into which ISPs cannot enter. From this point on, all your ISP will see is encrypted traffic, connection timestamps, and the amount of data being transferred.

The choice of VPN provider is important here since not all of them guarantee 100% anonymity. If a VPN connection is leaking or suffers from other vulnerabilities, for instance, then there’s always the possibility that the ISP will see past it and continue to throttle your connection. However, if you read our reviews you’ll easily find out which ones are trustworthy and will plunge ISPs completely into the dark. With one of these, you’ll be able to both circumvent geo restrictions and maintain a reliable, unthrottled connection.

It is already public knowledge that ISPs track their customers’ online habits and fingerprint their steps on the virtual world. This is done for different purposes like selling people’s data to advertising companies for profit, to find out whether a determined user has overcome their bandwidth limits, if they have been downloading and sharing copyrighted or illegal content and more. But what methods are used for to achieve this? What’s behind their magical abilities to keep every customer in sight and, most importantly, what can be done to prevent it?

Techniques and tricks

One of the most common techniques used by an ISP to monitor its customers is RADIUS (Remote Authentication Dial-In User Service). In a very summarized explanation, this is a network protocol that provides centralized authentication and allows enterprises to manage, in this case, all accesses to their internal networks, wireless protocols and integrated email services.

On a larger ISP-like scale, this puts these entities in control of the internet since they incorporate modems, access points, DSL (Digital Subscriber Lines), and more. RADIUS, however, doesn’t allow ISPs to monitor data in real time. Instead, the software is configured to provide data consumption reports after a certain amount of time – every hour or so – and after a session is terminated.

However, this is only of the many methods that allow ISPs to track your traffic. Because technology is permanently evolving, many others already use different techniques for real-time measurements, allowing the throttling of a connection each time the user is streaming or doing any other activity that involves high amounts of bandwidth among other things. These techniques mean that ISPs can know which websites you visit, for how long you remained there, and many other details that help build a consumer profile that advertising companies are willing to pay good money for.

Avoiding data tracking

The best way to avoid all of these tricks is to place your data under reliable encryption, and the most convenient and easiest mode to do that is by purchasing a VPN. These tools make it so that all connections are established with military-grade encryption and because they also rely on the best protocols in the industry, speed loss is minimized as much as possible.

VPNs can additionally give users IP addresses from other countries, which allows them to fool geo-restricted websites without ISPs knowing about it. In fact, while ISPs do know that you’re using a VPN, they can only see your traffic up to the point that you start using it, at which point the data becomes heavily encrypted and impossible to crack without the key.

There is no easy answer for this question. The short version is that they technically can report you for torrenting, but there’s much more to it than that and every case is different. When it comes to the internet, torrenting is always the topic that raises the most amount of doubt among its users. Is it illegal? What are the consequences? How can anyone stay out of trouble if they have torrented in the past? All these questions are common, valid, and understandable given that torrenting is in a very confusing gray area.

The act of torrenting is plainly legal pretty much in the entire world, but the programs designed for this method of file sharing also allow copyrighted content to be accessed and shared by other users on those platforms. And downloading any of that content is obviously illegal.

For instance, Linux distribution operating systems can be downloaded for free in a wide variety of manners – including through BitTorrent – and because the software is free and open source, you can rest assured that you’re not breaking the law by downloading through torrent. However, if you use the same software to download a song, movie, game, or any other media product, then the legality line is crossed since that content is protected by copyright. The main idea here is that torrenting doesn’t necessarily equate to piracy but it does provide a direct route to it, which explains all the confusion around the topic.

Copyright laws change across the different countries but most of them converge on criminalizing those who profit from making unauthorized copies, regardless of whether they’re physical or digital. Burning a DVD and making 20 copies out of it is illegal, just as is the case of uploading it once to the internet for torrenting. In the case of the latter, the next step taken by ISPs is dependent on the legislation in place.

In the U.S., throttling connections is a silent technique widely used by ISPs to indirectly make people give up on downloading or streaming. Strike notices are often sent to stop you from torrenting in the future, too, though it’s likely that this will only happen after repeated use of torrenting. ISPs monitor the torrent networks – BitTorrent and others – and know which sites you visit, so if your IP address is repeatedly associated to one of these networks then it’s much more likely that you’ll get noticed than if you’re been there once or twice over the space of a year.

However, technically it is possible for ISPs to take legal action against excessive torrenters. Fortunately, this is rare and unless you download terabytes of copyright data often, it’s very unlikely that a lawsuit will ever be filed against you. Still, should a large number of cases occur in a short space of time, it can act as a release valve for such action to be taken by the ISP, as happened in the UK at the beginning of 2018. To avoid being caught downloading any kind of content, a VPN is more than enough.

These tools disguise your IP address and prevent ISPs from monitoring your online activities. However, make sure to choose a VPN that not only supports torrents and offers P2P servers, but also features reliable DNS and IPv6 leak protection. Additionally, a kill switch is a mandatory feature for all torrent users since it ensures that all internet connections are disabled if the VPN connection abruptly stops working, ensuring that your ISP won’t be able to openly see your traffic for even for a couple seconds. It’s always best to play it safe, even if that means paying for a premium VPN.