US ISP's And Privacy

[GhostShip]

When it comes to our internet access many folks forget that all their traffic passes through their ISP and is in some cases stored. Wired has asked some of those iSP about their policy on data retention.

http://www.wired.com/politics/onlinerights/news/2007/05/isp_privacy

Wired News, with help from some readers, attempted to get real answers from the largest United States-based ISPs about what information they gather on their customers' use of the internet, and how long they retain records like IP addresses, e-mail and real-time browsing activity. Most importantly, we asked what they require from law-enforcement agencies before coughing up the data, and whether they sell your data to marketers.

Only four of the eight largest ISPs responded to the 10-question survey, despite being contacted repeatedly over the course of two months. Some ISPs wouldn't talk to us, but gave answers to customers responding to a call for reader help on Wired's Threat Level blog

AOL, AT&T, Cox and Qwest all responded to the survey, with a mix of timeliness and transparency.

But only Cox answered the question, "How long do you retain records of the IP addresses assigned to customers."

These records can be used to trace an internet posting, website visit or an e-mail back to an ISP's customers. The records are useful to police tracking down child-porn providers, and music-industry groups use them to sue file sharers. Companies have also used the records to track down anonymous posters who write unflattering comments in stock-trading boards.

Cox's answer: six months. AOL says "limited period of time," while AT&T says it varies across its internet-access offerings but that the time limits are all "within industry standards."

Comcast, EarthLink, Verizon and Time Warner didn't respond.

Some of the most sensitive information sent across an ISP's network are the URLs of the websites that people visit. This so-called clickstream data includes every URL a customer visits, including URLs from search engines, which generally include the search term.

AOL, AT&T and Cox all say they don't store these URLs at all, while Qwest dodged the question. Comcast, EarthLink, Verizon and Time Warner didn't respond.

When asked if they allow marketers to see anonymized or partially-anonymized clickstream data, AOL, AT&T and Cox said they did not, while Qwest gave a muddled answer and declined to answer a follow-up question. Comcast, EarthLink, Verizon and Time Warner didn't respond

Whilst its clear that there are some valid reasons for storing data its also clear some ISP's use this information and sell it on for revenue, this practice should be outlawed, privacy is something we should have as a right, not be something others can pick and choose to give us.