How much does your Internet Service Provider (ISP) know and record about you? The short answer is tailor-made for the tin-foil hat wearers: potentially, everything.

The more reassuring and realistic answer is: not much, and not for very long. But there are always media reports, as well as legislation being drafted at the highest levels of the US government that may prove that the tin-foil hat people are more right than we care to admit.

You Are Information to Your ISP

Everything you do online is connected back to you through your computer’s IP address, the number that identifies you on the internet.

Yes, everything – emails, Google searches, instant messages, and even any sites you visit while just surfing the net. This activity all links back to a large database run by your ISP, which keeps records of every click and keystroke you make online.

Hold off on the paranoia though.

Think about it: Would you ever want to spend your days sifting through millions of gigabytes of data and conversations conducted by people you’ve never met, just on the off chance you may find something that sparks your interest? Probably not. Well, your ISP feels the same way. Server space and IP allocations are still at a premium for ISPs, so they tend to immediately get rid of any logs that don’t have a direct impact on service or billing. This is even truer for wireless and mobile providers, who want to keep their limited spectra as free as possible. In their minds, the less data stored and recorded, the more room for more paying customers.

What ISPs Do With Your Information

Internet Service Providers pull your browsing history for their own business needs, including network monitoring, fraud prevention, and billing disputes.

However, under the Stored Communications Act, ISPs are required to preserve 90 days of more detailed data when requested to do so by police, or other “governmental entities,” and only as part of a specific investigation. And the Protect Our Children Act of 2008 encourages ISPs (by way of potential six-figure fines) not to throw away anything that could be used against suspected child pornographers.

Several proposed laws have been sent through Congress in the last decade in an attempt to increase the amount of information ISPs retain and open up the number of purposes that information could be accessed for. Bills like “Protecting Children from Internet Pornographers” (which isn’t really about children, if you give it a read), and the “Stop Online Piracy Act” (or SOPA, for short) are more oriented towards retaining citizens’ personal information and giving large corporations access to said information. Fortunately, none of these bills have been passed because of the work of human interest groups and groups defending privacy rights.

And while most provider companies will not admit to allowing web marketers access to clickstream data, you don’t really think it’s a coincidence that ads for airline tickets appear in your email account just after you send an email about needing a vacation, do you?

How Long Is Your Information Available?

According to this article on Lifehacker, the amount of time ISPs currently admit to storing information ranges between 60 days and a year and a half. Several ISPs didn’t comment or answer the storage question, so it’s best to assume the maximum amount of time.

The past several years have seen plenty of controversy over mobile providers’ collection and retention of user data, from calling records to GPS location tracking to actual text message contents. Both Apple and Android were called to testify in front of Congress over location-tracking practices. And recently, a hacker uncovered a hidden app in smartphones that records every button that’s pressed.

While this doesn’t necessarily mean that ISPs are recording and retaining every website that you visit, the potential is there, the political will is there, and the evidence of past practices is there. So the best possible advice to keep in mind might be: don’t get paranoid, get informed, and make sure your ISP (and your elected representatives) know exactly how much value you place on your internet privacy.

How Can You Protect Your Information?

A lot of people feel anonymous once they log on, but it is important to remember that you are not the only one seeing what you’re up to when you are online, and clearing your browsing history won’t change anything.

Before you panic and cover your computer in aluminum foil, you should know that there are a few simple solutions to help you keep your personal information out of the wrong hands. For example, sites whose URLs begin with “https” instead of just “http” means the site is secure. Your ISP can still record your visit to the site, but it is unable to track any more specifics than that.

Using a secure connection can be done on most emailing sites, like Gmail, but will not prevent mail providers from being able to see what is sent via their servers. There are programs available so you can send encrypted email, but most are technical and not easy for people to set up.

The best advice to keep in mind is that everything you do online is traceable and that fact won’t change. So don’t do anything you wouldn’t want anyone else to take note of, because they are taking note.

Photo: David Goehring/Flickr

Find Jess on Google+