Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: rjsimmon

The ISP, as a technical necessity, has to know that you (an identified & billable account at a known IP address) sent a data packet to a particular known website or other data service. That’s the whole POINT of an ISP. The particular _user_ may not be personally identified (me? wife? kids?), but enough information can be gleaned for practical marketing purposes (frequent visits to MatildaJane.com from a particular MAC address operating under the account of Mr. CTDonath are clearly Mrs. CTDonath at a known postal address and can be cross-referenced to glean oodles of additional PII - valuable information to marketers of women’s & children’s clothing).

It’s that pesky “metadata” problem. Encryption & anonymization is great (and strong/robust/ubiquitous implementation thereof is vital), but given the enormous amount of traffic being monitored, a great deal can be gleaned just by what data packets travel from where to where.

I’m actually working on a “single sign-on” service for app users for a major ISP. The whole point is we can confidently log you into other services with few/no instances of you manually entering ID & password - largely because we can identify you from numerous other metadata.


7 posted on 03/24/2017 7:04:35 AM PDT by ctdonath2 (Understand the Left: "The issue is never the issue. The issue is always the Revolution.")
[ Post Reply | Private Reply | To 3 | View Replies ]

To: ctdonath2

Disagree that PII can be gleaned from a browsing history. Navigating to a site leaves my IP and MAC but purchase history is encrypted (HTTPS) so not viewable and is stored in a different segment of long-term memory so not collectible in the same data grab as browsing history. Metadata is up to whomever architects the website, probably updated constantly to meet changing market demands, but will NEVER contain PII as it is embedded in the CSS or XML, not on the client side.

I like single sing-on and we use (what is supposed to be) SSO for our corporate site. This does not protect a user from browsing history unless the ISP spoofs the MAC or generalizes/anonymizes either the MAC or IP.

In either case, PII is not part of the problem and the author of the news piece conflated the two. Meaning they have no technical expertise to write intelligently on the subject and is guilty of spreading incorrect information to the public.


8 posted on 03/24/2017 7:16:22 AM PDT by rjsimmon (The Tree of Liberty Thirsts)
[ Post Reply | Private Reply | To 7 | View Replies ]
To: ctdonath2

Use an encrypted VPN to a proxy. Then your ISP can’t see anything.


10 posted on 03/24/2017 7:44:24 AM PDT by pierrem15 ("Massacrez-les, car le seigneur connait les siens")
[ Post Reply | Private Reply | To 7 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson