Does Your ISP Care About Protecting Your Privacy?

from the seems-like-a-marketing-opportunity dept

We recently wrote about how Swedish ISP Bahnhof had announced plans to use a VPN to encrypt all traffic running over its network, thus making any log files it was required to store under data retention rules useless. Slashdot points us to the news that ISP Review, over in the UK, has asked a bunch of UK ISPs their thoughts on encrypting all traffic, and questioning whether they would do the same to protect user privacy.

The answers are pretty interesting. None of them seem interested going as far as VPNing all traffic, with some suggesting that it’s just too expensive. One ISP, AAISP, says that there’s a better solution than VPN, which is to just switch to a carrier grade NAT, for which there are no requirements to log those sessions. IDNet suggested that it might consider making such a service “opt-in,” since some people might want it, but it creates other downsides that not all customers appreciate. The one response that struck me as questionable was from Entanet, who seemed to indicate that the only reason to encrypt traffic was if you were doing something wrong:

As a responsible communications provider, we don’t advocate any steps to proactively create the ability to avoid the identification of parties who are deliberately committing acts of data piracy.

The focus is not to “avoid identification” of people involved in “piracy,” but to provide privacy in general. Given just how many examples we’ve seen of governments spying on users’ data habits with very little legitimate purpose, it seems like an ISP that actually protects its users privacy should be seen as a good thing.

It makes me wonder if we’ll start to see more ISPs like Bahnhof pop up, with a focus on promoting the fact that they protect your privacy. In an age when so many people flipped out about Google’s WiFi sniffing, you would think that these same people would celebrate ISPs that automatically encrypt traffic, as that would solve such problems. Yet, instead, it seems like the very same people are suggesting that such encryption is only for bad purposes.

Of course, here in the US, there are almost no choices among ISPs, and the ones that are available all have strong and close relationships with the government (hi, AT&T!), so it’s not like they have any interest in protecting customer privacy. Though, this also explains why there’s nothing serious in any US-based broadband plan around increasing competition. If there were real competition, perhaps some providers would look at better ways to protect user privacy. So, as long as the government can keep competition limited to a few entities who rely on the government, the government knows it can always get the info it wants, no matter how dubious the legal rationale.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Does Your ISP Care About Protecting Your Privacy?”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Etanet got it right.

There is plenty of tap dancing around the issue here, but for the most part the people who want encryption or other methods to hide themselves online aren’t doing it to protect their personal info, but to allow themselves to continue to do questionable or illegal things online. They want to think that they can continue to be absolutely anonymous, that they can break the law with impunity. It just isn’t going to happen.

Can you really suggest some reasons why people would want a VPN or encrypted service for normal web use? Don’t say personal privacy, as too many of them spew their guts all over facebook, twitter, and the like.

Topperfalkon (profile) says:

@1 You’re completely wrong. How many people would want the fact they’ve been searching for erectile dysfunction treatment being uncovered because of a court order served on ISP records because that IP address might have been used 5 years ago to download a snuff porn film illegally.

Then you have people who want to work from home. If they don’t work in a company that runs their own VPN, sensitive data is going over the wire that can put businesses at risk.

Bruce Ediger (profile) says:


“Can you really suggest some reasons why people would want a VPN or encrypted service for normal web use?”

A VPN could keep trade secrets secret. Suppose you’re a beta tester for Microsoft. MSFT might want you to download the beta of Windows 2012 via a VPN to keep those Dirty Pirates away from it.

If you’re a CEO, and you’re keeping costs low by outsourcing IT or other “knowledge work”, you want a VPN in place to protect your invaluable Intellectual Property from pirates and competitors. In fact, you may have a duty to do this so that shareholder’s value doesn’t decrease.

I certainly want to do on-line banking via encryption. Putting all that stuff in plain text is madness. That goes for dealing with credit card companies via TCP/IP, too. Now that I think about it, if I traded on the stock market, I’d want all that info encrypted as well.

How about dealing with pharmacies? Do you want everyone to know you take Xanax or Prozac? Or that you’re undergoing Estrogen therapy for prostate cancer? That’s a good reason to want VPNs with your pharmacy right there.

How about filing taxes on line? Communication with your lawyer about a civil suit you’re filing against the Pirate Bay, or some trademark-infringing pirate importer of handbags or other fashion materials?

What about salary negotiations when you change employers? Or when you’re negotiating with a potential rockstar employee? Do you want all that out in public?

I’m not reaching with any of these. They all happen every single day.

Anonymous Coward says:


I will answer you, rather than the other people further down, just because it is easier.

I post “anonymously” here, but anonymous isn’t at all anonymous, as techdirt has my ip address, my browser type, my OS information, and so on sent to them with every page I request. I am not anonymous in any real sense, I am only “un-named”.

Are you suggesting that you represent all of the Michaels in the world? You are not any more well defined than I am (except perhaps the gmail or hotmail account you used to sign up here).

What you do in the privacy of your own home is, well, your private business. However, what you do online (which is outside of your home) isn’t covered by the sort of expectation of privacy, it is no different from going to the store or walking down the street.

What you are suggesting is that we should all be covered with a chadri when we go out in public, our credit cards should have no information, and our cars should all be grey, with no name badges, no license plates, and no other identifiable material. That would make it about the same as encrypting your web connection.

Anonymous Coward says:

Re: Re:

Jesus. H. Christ.

I didn’t know people like you existed on this planet. Are you seriously trying to compare “going out” to privacy violations? do you show everyone your ID as you buy preparation H or lube? do you scream your conversations on your cell and put your wife/gf on speaker so that everyone in the store can see you have problems in the bedroom due to erectile dysfunction?

I know you crave to be controlled or are a very gullible person but please, try harder next time you attempt to exemplify your flawed logic.

Kevin (profile) says:

I would like to think

That my ISP is concerned with my privacy and any information that I share across their systems. But, I just don’t believe that it is true. They will advertise on it, and tell me what I want to hear should I call and inquire to what they will and will not share. In the end though they will just hand it over. I only have two options for internet in my area, and being that the other one is At&t I don’t see the situation improving.

Nancy says:

As a person who was sent, but did not receive, a letter from my ISP that I had infringed the copyright of Harry Potter, no less, I am all for total privacy and against this government intrusion into our lives. ISP’s are now government watch dogs and law enforcers! I didn’t even do this and yet, my internet was turned off for a full day and I am on “notice” that if it happens again I will be permanently disabled! I am 53 and have no kids. Why would I illegally download Harry Potter books? Are they kidding? But there is NO defense to this nonsense!

fogbugzd (profile) says:

Wrongfully watched

Yes, I do use a VPN. No, I don’t do anything illegal, including downloading copyrighted material. I do it because of the snooping that the federal government is doing. Also because if I do get a letter from my ISP falsely accusing me of infringement I can point to the fact that every bit of traffic through my router is encrypted. Therefore the accusation must based on someone spoofing my IP address, an error in the IP assignment logs at the ISP, or maybe just an attorney or their investigator pulling my IP address out of thin air.

I was tailed by the FBI for a week back in the 1970’s. I did absolutely nothing wrong. My job required me to make a delivery to the home of someone whose church had made a contribution to the American Indian Movement, and her husband was the treasurer of the church, so he had written the check as directed by his Pastor. Apparently visiting the house was enough to earn me the attention of the FBI.

Being spied on just runs against the grain of what Americans believe in (or used to believe in). It was a huge waste of federal resources to watch me for a week. Thinking back on the situation, I should probably write a letter of apology to the FBI agents who had to watch me; it must have been a very, very boring week.

vikodin (profile) says:

We leave a electronic fingerprint everywhere we go, and with everything we do these days. from our automatic toll accounts to out daily cc transactions and all kinds of other databases we are enrolled in its just another step to monitor everyone and everything. you rally think someone dosen’t know isn’t smurking at the porno mag on your cc right now???? and if you have any questions go to a hydroponics store and buy a napkin, see what happens around your home for the next few months..

Anonymous Coward says:


What you do in the privacy of your own home is, well, your private business. However, what you do online (which is outside of your home) isn’t covered by the sort of expectation of privacy, it is no different from going to the store or walking down the street.

Why? You cited examples in which one has to leave the house, but one does not have to leave the house to go online. What’s the difference? What keeps your logic from applying to, say, a telephone conversation?

And are you really saying that there should be no privacy online at all? How will people conduct business if their business cannot be private? It is far easier to conduct comprehensive surveillance of a virtual world than a real one. If there is a guarantee of no privacy, doesn’t that hugely diminish the medium’s value for conducting business and personal affairs? Don’t you think that the widespread growth and appeal of the medium of the internet has been precisely because it is unregulated and anonymous? If someone wants to, for example, research an area that their government or neighbors finds unseemly, they cannot do this if privacy does not exist. People have used the internet to communicate during revolutions, but if there is no privacy, their communications can be interrupted at the discretion of their government.

I can’t understand your logic at all. You gave no reasons for your seemingly arbitrary distinctions, and resulted to outright hyperbole at the end.

Michael (profile) says:


I’m glad you are actually responding in a reasonable way.

I do not claim that I want to expose my personal information. It is in my best interest that my posts here go unnamed. I have confidence that TechDirt will protect my information if they are able to.

You are the one that is saying “people who want encryption or other methods to hide themselves online aren’t doing it to protect their personal info, but to allow themselves to continue to do questionable or illegal things online” indicating by your own actions that you are doing something illegal. Bummer.

I am not suggesting that we all go out covered in a chadri. I am suggesting that our government not force us not to. If someone wants to protect their personal life by purchasing in cash and hiding their face in public, they are free to do so. If they want to do the same online, they should also be free to do so. An ISP that is aware that many people want the ability to act freely without government snooping on the internet is a good thing. If you want to continue to use an ISP that will freely give out your personal information, that is perfectly ok with me as well.

This is about the government enacting laws that are taking away our ability to freely express ourselves. While some people may be comfortable expressing themselves openly – with their address attached (unlike you), some would rather express themselves anonymously even though they may not be acting illegally. Suppressing their speech in the name of trying to stop file sharing is just sad.

Anonymous Coward says:


SHould I answer this one AGAIN? Holy crap, you people are dense.

Would I be less anonymous if I signed my name, I dunno, “bob the builder”? Am I more or less anonymous than Daryll, Richard, or Michael?


The definition of deflection is not address the issues, and instead picking at the poster themselves. That is a horrible fail.

Cdaragorn (profile) says:


Ok, now you have proven that you are a complete idiot.

Why don’t you take your own advice and think before you reply. Here, I’ll do it for you:

If he’s working as an IT consultant remotely, that has to mean he’s sending and receiving private information whose owner would want to KEEP private.

Nothing illegal, nothing dishonest, no piracy involved, yet somehow, for some stupid reason, we still want privacy. Ya, we MUST be the stupid ones! /sarcasm

Dark Helmet (profile) says:


“How many cloud-based services are there in a myriad? Is that like a school of fish?”

It’s actually pretty fleshed out. I won’t get into company stuff, since this isn’t an advert, but everything from hosted email, hosted BES, hosted VPS servers, hosted SharePoint, Secure File Transfer, Spam blocking, etc. There’s a lot, it all has to be secure, it all has to be encrypted, there’s a TON of need for security through VPN, and that AC was indeed retarded….

Not an electronic Rodent says:


Why would you need to use VPN overall for normal web use?

The correct answer is:
Because I bloody want to and in a democratic country you need a good reason to make something illegal. Legal is the default position for everything not something you need to justify in any way.

If you really must have a scenario because you don’t live in a democracy and need it to accept your argument is much like a broken pencil try this:
Imagine I run my small business from home providing web services from that are hosted on servers elsewhere. I create a secure VPN connection to my servers as a default because that is my primary usage and how I manage and provide the services I sell. Because of the high license price for the security devices and software I use on my servers I can not afford the same level of protection for my home connection, also split tunneling a VPN connection is not ideal from a security point of view. Therefore I use my remote connection as a proxy server for my general browsing to avoid viruses and other malware. Of course that server may well be hosted in a foreign county and all my local ISP gets to see is the constant stream of encrypted traffic.

So will the response be:
A/ Discounting off-hand a legitimate VPN use as invalid like all the others mentioned as you are clearly the expert on VPN
B/ An ad-hom attack
C/ Ignoring it
D/ Picking a minor semantic argument
E/ Deliberately mis-interpreting some part and arguing that
F/ Other?
Check all that apply.

Chuck D. Money (profile) says:


F: Agree

Of course, the real solution here is simply to increase competition to the point where VPN is added in order to be competitive with the other guy, rather than having 10 major players who all collude to provide minimal service at (compared to the rest of the world) exorbitant prices.

That said, if everyone (and I do mean EVERYONE) would just run TOR, this problem wouldn’t happen. I mean both a TOR client AND server, mind you. Everyone just using the client would only serve to slow it down. That said, if every single user on the internet ran both a TOR server and client, nobody would see any meaningful decrease in speed, and yet 100% of all ISP access logs would be useless since your actual data is never originating from your own IP address. Much like TPB is practically impregnable because it doesn’t break any laws itself (it hosts links, not the content) this would be immune to all forms of disclosure. All use of TOR is anonymous (no login, etc) and the main TOR coordination servers that tell the actual traffic-passing servers how to interconnect serve the same function as TPB, and like TPB, none of the actual user data ever crosses the servers owned or operated by the TOR project itself.

Anyhow, until a legal solution is found, there are other options. One solution is to simply rent a shell somewhere with decent bandwidth that’s not on US soil or subject to US law, and tunnel everything over SSH or encrypted SOCKS. This can be done for $10/month or even less! As an alternative, setup a VPN network with a few close friends (10+ people preferably) and all agree to rotate proxying through your friends once a day. This can be automated with a good script. Another option which is easier to get past legally, but provides a “plausible deniability” argument is to setup a windows box somewhere in your house, make sure it has a known security hole, then go to the coffee shop down the street and exploit your own system. Then, if you have a static IP at home, you can do whatever you want through it, and if you are ever caught, you can make a 100% believable argument that a random hacker did all the things they’re accusing you of – and there’s nothing they can do to disprove it. Of course, all of these things are countermeasures to prevent a potential case against you from succeeding in court – no force known to man can prevent ANYONE from filing a lawsuit against you for ANY reason. The law will let you countersue them later, but at that point your attorney has already handed you a bill you can’t afford.

So…this will help, but the real solutions still lies in congress.

Anonymous Coward says:


When someone first asked me back in the early 90s how internet networking functioned, I tried a bunch of technical ways to explain it. They sort of failed because most people were nowhere near as technical as they are today.

My simple solution was to say that every request is like a note on a piece of paper. You hand it to your neighbor, and tell him “it’s for bob across town”. Your neighbor next to you does the same to his neighbor, and so on until it gets to bob. Then bob replies, and the process reverses – but sometimes not with all the same people involved.

All of that transit is pretty much public. It isn’t quite as open as all that, but there are a lot of people involved in your net usage.

You can enter into a private place to do business. If both of you agree, you can use a secure connection to do what you need to do. But most people tend to surf in the open. Even with all sorts of security, your browser is still spewing all sorts of information about you in every packet, from IP to OS to a whole host of other things.

In a public place, when someone chooses to hide their face and sneak around, they look suspicious. Expecting ISPs to help you sneak around is sort of crazy. They are in the business of providing a connection, nothing more. They really should be responsible, just as the phone companies are, to report who was on what line at what time (with a warrant or court order).

If they are helping you to hide your traffic, they may be crossing the line to “aiding and abetting” copyright violations. If it is a selling point for people to use the service, you have to wonder, at least a bit.

Anonymous Coward says:


Watch me:


Firstly, saying that there is a visible trend among SOME members of the civilized world who utilize the internet for one of its million legitimate uses, use it to “spew their guts out” for the whole world to see, is not to say that all of us do. Or that there might not be some things that we want to share, like pictures of our grandkids or our opinions on some topics, and others that we might not want to share.

Second, the internet is an insanely powerful tool for doing GOOD things that governments and other powerful people might not like: the political action in Egypt, and in other parts of the world, has been incredibly supported by the internet and similar technology. Do you really see NO benefit in encryption as a means to help protect people with unpopular political or other views take action and avoid persecution?

Third, your whole argument is basically equivalent to the, incredibly misguided, argument against the Fifth Amendment. “I know I don’t have a warrant, but why don’t you submit to a search anyway, if you have nothing to hide?” The moment you agree to that rationale, then they have the right to infringe upon your time and your property (intellectual and digital or physical), looking for things you’ve done wrong. If you’re “innocent,” they’re not going to find clues pointing them in the direction of someone else (assuming you weren’t a victim), all they could possibly find is things YOU did wrong, and can be punished for, that you didn’t know about. Sorry, but considering the ridiculously bloated and officious nature of legal systems, this third reason alone is enough for me to be baffled at your casual abdication of personal privacy.

Anonymous Coward says:


Everybody should bookmark this and pulls the “You only need to fear if you have something to hide” diatribe.

Dont Talk to Police

Even if you don’t have nothing to hide you gain nothing from exposing yourself, enforcement agents don’t care about that, their work is to provide anything that can hang you and they will go at it at all the angles that they can, so anything can be used against you, that is why we have laws against unreasonable searches because there is a allure for those with the power to abuse it, it costs them nothing and they rarely see adverse consequences for doing so, do you want to make it easier for people who work without moral codes to go after you?

Enforcement agents have their careers defined by the number of people they get guilty or otherwise, they are not measured by the quality of their work, they are measure by number of things they can prove or appear to prove, they don’t think about the consequences it will have on your life, they are in fact a hostile force against the public and should be treated as such.

Anonymous Coward says:


I sense that in a society where the first instinct is to enact punishment and not try to clarify or give a chance to someone to correct course is very damaging to the social fabric of that society.

I’m not inclined to expose myself to authorities, because I know something bad will happen, at some point they will find something to claim they are in the right and punish me, so I will do everything in my power to not make that job easy.

Even though I know that I need laws and I need some rules for me to be able to live in peace with others, but I’m not going to have my life ruined because of a mistake or my own ignorance of the law either.

The use of the stick to make things legitimate has a price and that is public trust that is the first thing that goes out the window.

Not an electronic Rodent says:


That’s fantastic. You take an analogy that you admit was flawed 20 years ago, ignore any changes to technology and the way people use the internet in the mean-time and walk it through “logically” until it suddenly means “anyone who wants privacy is a criminal” while explaining that a Service Providor shouldn’t be in the business of creating and providing services the customer wants. Masterful. Is this not about the time you prove black is white and get run down on the next zebra crossing?

Anonymous Coward says:


Now answer the question about telephone conversations. You know the ones that take place over the PSTN (PUBLIC Switched Telephone Network).

BTW, nice to see you resorting to the old “If you’ve done nothing wrong, you’ve got nothing to worry about” strawman that has been credibly debunked a hundred times. After all this time is that all you’ve got in the locker? (besides a pin-up of Mike that you kiss every day and you know it!).

Roger Halbheer (user link) says:

The Role of the ISP in fighting crime

As a lot of you mentioned correctly, it is the balance between protecting privacy and fighting crime. However, there was an excellent study comissioned by OECD on the role of ISPs in fighting spam. A worthwhile read. I just wrote a blog on it after readign this post:

Valentine says:


Personal privacy is important. People that “spew their guts all over facebook” don’t care or don’t understand this anyway. I really want to have privacy on the internet. Enough spying. If they want us to be watched 24/7, ok, i want to see what all politicians are doing 24/7 with no “secret” groups or meetings. They do illegal things there and they hide them. Also i pay for my internet, unlike politicians that are payed by us to work in our service, not to be selfish.

Willo says:

Using a VPN

What the hell??? You people who ask why would you want a VPN are plain stupid. My question is, why wouldn’t you want a VPN? I use a VPN for everything I do online. No, I’m not doing anything wrong, I just want to know that my ISP or the hacker at my local hotspot can’t read my packets. By using a VPN, even if other’s did see my packets, they are encripted by the VPN and are unreadable. I think in this day and age, it’s plain stupid not to use one. Tunnel bair, Private internet Access and Hotspot Shield are some I use. The results of my google surches are my business and my business only. If people like me want to use a VPN for everything we do, then we should be able to without being judged.

KtmRiderUS says:

Hooray for Entanet Promoting Pornography!

Well hooray for UK’s ISP Entanet Head of Marketing, Darren Farnden. He’s shown that he’s not afraid of promoting pornography and he’s not afraid of putting his name to it either.

Shame we can’t have ISP’s with this kind of honesty here in the US.

I guess pornography makes up a big part of internet traffic and of course, more internet traffic means more business for an ISP.

On the forum Mr Farnden, known as df_vtr, has been keen to show his passion for KTM motorcycles, introduce himself as Entanet Head of Marketing as well as express his love of young ladies, with tattoos and false breasts. He even went as far as sharing his huge private collection of images on the forum.

Well done Mr Farnden, I admire your honesty, bravery and hope other ISP’s will take note.

WMCC UK says:

ISPA Awards 2019 Nomination - Internet Villain Award - Entanet

Congratulations CityFibre Entanet!

After careful consideration we have decided to nominate CityFibre Enatnet’s Head of Marketing for the 2019 ISPA Internet Villain Award.

Having uploaded hundreds of explicit pornographic images to our favourite motorcycle website and openly commenting on his sexual preferences, Mr Darren Farnden (aka DazF) has clearly displayed a complete lack of consideration or respect for any women or children visiting the website.

Mr Farnden also displayed a complete disregard for the reputation of Cityfibre Entanet or respect for his colleagues by using the same website to boast about his job title and post a link to Entanet’s website.

Considering Mr Farnden’s position, we’re sure you’ll agree his behaviour is shocking and inappropriate. Having tarnished the reputation of the industry he truly deserves the title of 2019 ISPA Internet Villain.

We look forward with anticipation to the ISPA Awards in July. On behalf of myself and the ladies at WMCC UK, we wish you the very best of luck.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...