[AusNOG] Australian ISP's Selling Browsing Data

Eliezer Croitoru eliezer at ngtech.co.il
Tue May 16 04:43:03 EST 2017 

Hey Eric,

I cannot say  am selling data because I am not but..
I know that it's commonly done by DNS service providers as opposed to http metadata inspection ones.
There might be and probably there are out there http metadata collectors and this is also one of the reasons for the "Let's Encrypt" trend\idea.
>From what I have seen in couple places in Europe once you surf the motel network you are being injected with all sort of JavaScripts into the http traffic. 
SSL\TLS blocks these.
I would not hesitate to say that the same providers which injects JS into http responses are probably selling http metadata.

So what do you think?
Let say I want privacy, Would then "Let's Encrypt" be more legit then it is today?
For the soul purpose of privacy?

Let say I will write an automated "browser" which will browse the web in parallel to me to generate some "noise traffic",
what would be then the fate of the metadata trafficking?
It's doable but useless since statistics in large magnitude are somewhat vague.
There are these who will sell popsicles to the eskimos in the coldest place on earth, so if someone feels that these metadata details are good for him...
Well I can give him my good luck blessings but with this warn him that my network *might be* generating some noise traffic that he actually thinks as a genuine one. 

All The Bests,
Eliezer

----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il


From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Mister Pink
Sent: Monday, May 15, 2017 2:15 AM
To: ausnog at ausnog.net
Subject: [AusNOG] Australian ISP's Selling Browsing Data

As part of the research I have been doing with regards to the Metadata Retention Laws, I have hit upon an interesting question that I thought I would put to this group.
 
A growing number of the VPN solutions that have been flooding the market make the claim, or at least imply that ‘your ISP is probably storing your browsing data and selling it.’
 
For example..
 
Purevpn “We let you surf the web anonymously making it impossible for third-parties and ISPs to monitor your activities.”
HideMyAss “Stop your internet provider from selling your browsing history.”
 
Now this seems to be on the Horizon in the US (Though I suspect it has actually been happening for a while there) http://www.zdnet.com/article/trump-signs-into-law-privacy-killing-rules-that-let-isps-sell-your-browsing-history/
 
My initial thought was that this was probably very rare in Australia, but I do know that there is both a market for this data, and that margins in the ISP space are very tight, so I’d be surprised if no one was doing anything. What I am interested in, is just how deep this rabbit hole goes ie how common is it and what sort of shape it takes?
 
Now I’m not expecting anyone to put their hand up and say, yes we sell everything to the highest bidder, but if you have seen any horror stories on your travels, heard any rumours/anecdotes, or even been just approached by data brokerage firms I’d love to hear about it.
 
TIA
 
Eric

More information about the AusNOG mailing list