Helping people with computers... one answer at a time.

Some ISPs are taking a more aggressive position to stop illegal file sharing. Your ISP can see a lot, including the fact that you are filesharing.

I recently changed from Verizon DSL to Charter Cable internet services. About a week later, I started receiving warnings via email from Charter telling me to stop downloading music from limewire (copyright infringement?). After that they sent notices to stop downloading movies from UTorrent. What's funny is that both were files that never finished downloading. What I want to know is how do they know who I am, where I go on the internet and when I choose to save something to my computer? How does someone else know when your on a website downloading anything?

Well to start with, Charter isn't just any "someone else" ... they're your ISP.

And as your ISP they know a lot about you, and have the ability to do a lot with that information.

Verizon could have but for whatever reason chose not to.

Let's look at that in a little more detail.

Your ISP Sees (almost) All

The whole point of having an ISP is to use their services to provide you with a connection to the internet.

That means that when you send or receive data - any data - it travels from your computer through your router and immediately encounters equipment owned and operated by your ISP.

"... for the most part even if the ISP can't see what you're sharing, the can see that you're sharing."

Where, if they choose, they can look at the data.

Rarely do they look at the contents of the data, but more and more they're looking at the type of data - they'll note whether it's email or a web request or an instant message.

Or file sharing.

Typically, traffic that crosses the internet is identified by the IP address of where it came from, the IP address of where it's headed, and a "port number" that indicates what type of traffic it is. Port 80 is web traffic, 25 is email, and so on.

As I said, it's unlikely that they look or care about what the data actually contains (though they could), but they do care about the type of traffic, and the quantity of traffic.

And file sharing is on many ISPs radars.

Your ISP's Rules: The Terms of Service

Here's an often frustrating catch: your ISP sets the rules about what they do and do not allow on their system.

That means that they can disallow file sharing protocols whether or not you're using them to perform illegal downloads. The justification is typically that file sharing protocols use up a great deal of the ISPs capacity, and thus have to be disallowed in order to provide adequate service to all of its customers.

Whether or not you believe it is up to you, but it's a plausible position.

And if you violate the ISPs rules - their TOS (terms of service) or AUP (acceptable use policy) - then the ISP has the right to disconnect you.

Your ISP Knows You

Of course your ISP also knows who you are. You pay them every month, they know where you live since they deliver the internet connection to your home.

And they also know your IP address, since in order to connect to the internet at all they had to give the IP address to you.

What that means is when (say) a movie studio says "we see one of our movies being downloaded to and shared from this IP address" your ISP can then turn right around and say "I know who that is ... I'll tell them to stop it".

And you get the warning message you get.

It's a File **Sharing** Protocol

When you use services like limewire, utorrent or others it's important that you realize that you're not only downloading whatever it is you're downloading.

You're also sharing what you've downloaded previously with others who are using the same service.

That's why it's called "peer to peer" file sharing - there is no central server, it's everyone using the service sharing with each other.

That's typically the copyright issue that most people get stuck on. If you download, say, a movie - well that's you downloading one movie.

But with the file sharing software continuing to run, dozens if not hundreds of others could be "downloading" that same movie from your machine - even before you finish downloading it yourself. Now all of a sudden your machine becomes implicated not in one copyright violation - your download - but as a source of dozens or hundreds of other copyright violations as you make that same movie available to others.

That's when the movie studios or record labels contact your ISP, and in turn when the ISP contacts you.

What About Encryption?

ISPs can't see what you encrypt, it's true. It's one of the reasons VPNs and https and encrypted email are and should be in widespread use: no one who can see the traffic can read its contents. Many file sharing protocols have begun to do exactly that: encrypt.

However.

The port number that defines what it is you are sending is not encrypted. It may change (25 is email, 465 is typically encrypted email), but it still defines what it is you are sending. They can't see the contents, but your ISP can still see:

  • The IP address of where the data is being sent. (That must be in the clear so that internet routers know where to send the data.)

  • The IP address of where the data came from. (That must be in the clear for the TCP/IP protocol transmission acknowledgements to work.)

  • The port that identifies what the data is ... email, web, etc. ... which is also not encrypted.

They can't examine the data, but they can still see where the data is coming and going, and what kind of data it is.

So even encrypted your ISP could still say "hey, you're running peer-to-peer file sharing software, and we don't allow that: knock it off".

Yes, there are attempts to further obfuscate peer-to-peer file sharing traffic, but you get the idea - for the most part even if the ISP can't see what you're sharing, they can see that you're sharing.

And for many, that's enough.

Article C4498 - November 6, 2010 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

28 Comments
Bob
November 8, 2010 2:05 AM

Hehe... Leo, check your articles. The comments are getting spammed...

I watch for spam religiously. Please point me at specifics I've missed.
Leo
08-Nov-2010

Lester
November 9, 2010 8:21 AM

I'm with a small ISP that is about my only choice, since I'm in a rural area. They adamantly reject Peer to Peer downloading. And that's just fine with me, because when a few people hog the bandwidth we all suffer. Maybe the big guys can swallow the extra overhead. Plus, I don't like piracy of any sort, because in the long run we all suffer when that kind of mentality overtakes our culture.

Me
November 9, 2010 8:23 AM

Some ISPs have traffic shaping which will actually slow down uTorrent. Theres encryption for getting past that, however its not good for anonymous (the only thing it does is prevent passive listening, IIRC).

Me
November 9, 2010 8:24 AM

Oops. By "uTorrent" it should have said BitTorrent. uTorrent is the client I use.

JC
November 9, 2010 8:51 AM

In the same train of thought-- if I am using a program such as PeerGuardian, how am I protected exactly? What information is hidden from 3rd parties, and how much (if any) is hidden from my ISP?

Gord Campbell
November 9, 2010 8:53 AM

When I use BitTorrent to download a new version of Ubuntu, it's highly efficient and completely legal. I'd hate to see a technology blocked because it's misused sometimes. Kind of like banning cars because some people drive when they are drunk...

Sandy Smith
November 9, 2010 11:02 AM

Regarding email encyprtion you should clarify that port 465 is (typically) TLS encryption which is just the credentials of the message - not the message itself. I think you should do an entire newsletter on encryption... it's a topic people need to know - to protect themselves.

Would love to see the reference for that. My understanding is that port 465 is a full-on encrypted connection - credentials, message, and so on. In fact I just confirmed that by packet sniffing my own email send.
Leo
11-Nov-2010

Slick
November 9, 2010 11:14 AM

The one thing that has always puzzled me about this subject is this: With all the information (the IP address of where content is being sent from, your IP address, etc.) passing through ISPs, why is it so difficult for ISPs and the police to track down websites that host illegal content and particularly child abuse pictures?

A) if they're hosted in the US, it's not hard. A court order and they're done. (Assuming that law enforcement takes it as a priority.) b) if it's overseas it's much harder, as many foreign governments are less than tech-savvy, and often less than cooperative. Most problem sites are in the later category.
Leo
11-Nov-2010

Me
November 9, 2010 2:26 PM

From what I understand, the police need a court order or something to get information from ISPs. But Im not sure how hard those are to get. And a lot of them I imagine are outside of jurisdiction.

Long Dong Schlong
November 9, 2010 2:37 PM

If your internet provider is Charter nothing of yours will be private. Charter is known for giving away your private info to anyone. Charter does NOTHING to protect your privacy, NOTHING!! They would sell their own mother out. Do yourself a favor and find out if the have fiber optics in your area. If they don't have it in your area yet, find out when your area will come into the 21st century and get it. Fiber optics is the future and it's WAY better than cable. It's at least 10 times faster than cable. If you use fiber optics for your internet provider you will be SO MUCH HAPPIER. Cable is becoming OUTDATED, FIBER OPTICS is for the young and modern!!

Ivor Nelluvanitch
November 9, 2010 5:58 PM

Will BTGUARD (which is an anonymous proxy) make it likely that the peer to peer user is "cloaked"?

john neeting
November 9, 2010 6:11 PM

Hate to burst 'knowledgeable' bubble experts in communications. I've been reticulating for 44 years.
Optic degrades 6 times faster than co-axial which means you have to strip it out and replace it every 6-10 years otherwise it becomes useless. Coaxial has a life of 50 years plus and is %10 of fiber cost. 90% of internet users [ non commercial] don't NEED 100mb/sec as 10mb/sec is just fine [2 sec verses 20 sec ??]. Cost for connection of fiber escalate out of sight compared to coaxial cable. Coaxial is far easier to repair, resists damage where optic will crack, split, fracture, break and is a pain in the proverbial to join - joins further degrade efficiency. $1.6 billion to fiber optic a small city, $160 million with coaxial.

Ken
November 10, 2010 1:00 AM

Not being too knowledgeable about bandwidths etc, I thought that all the massive movie streaming, tv catchups etc that were being urged to watch (and my wife does due to the hours she works) would use more bandwidth than just downloading file-sharing material or am I wrong? I have music playing on the internet all day, am I being greedy? What's an acceptable limit for daily use? Why don't ISPs give us programs and guides to let us monitor our usage? Why don't ISPs limit the amount of customers they take on if there's not enough to go around??
Getting back to the original question, I think I read somewhere that they can only track what we upload and not download, or am I wrong. It's all so confusing.

Sandy Smith
November 10, 2010 2:10 PM

For further info in what encrypted ports (465) are capable of read this link:

http://luxsci.com/blog/the-case-for-email-security.html

In particular this paragraph...

"By using SSL for Webmail, POP, IMAP, and SMTP (see SMTP TLS) you ensure that communications between your personal computer and your email service providerís computers will be encrypted. Your message contents, username, and password will be hidden from eavesdroppers ó but only hidden from eavesdroppers between you and your service provider! SSL services do not protect your messages once they leave your SMTP Server and head to their destinations. So, it doesnít really protect your message contents, but it does completely protect your username and password from detection. This is very important because it prevents identity theft, forged messages, etc."

I do not use LuxSci for email - but have learned quite a bit about email security from their website and others. Getting to the truth of encryption and email has been difficult to say the least....

Rod Alys
November 16, 2010 10:21 AM

I use a VPN!

How and what are the protections of this vs. my ISP Co., and also what limitations does this have?

Can they "see" what I'm doing (like using a Bit Torrent,) etc., and that is coming from my Acct."?

Thanks Leo for your GREAT Newsletter!

You want this article: How does a VPN protect me?
Leo
03-Dec-2010

Wakkierob
July 16, 2011 7:01 AM

They even know where your money is coming from so if you have a agreement and go over and you have a direct debit they're charge direct from your bank. And you wont know until the next bank statement.

If you Have or use a Elite Proxy your untraceable! lol

Atari
August 28, 2011 2:58 PM

To get around this, just download your movies using direct downloading (Hotfile/Fileserve/Filesonic/Mediafire/Megaupload/Rapidshare/Uploading) instead of using P2P. P2P, in fact, is ludicrously amateurish, and you will discover that once you learn to use Google.

I would expect direct downloading sites to come under the same scrutiny as P2P. If not now then eventually since direct download is definitely becoming a larger repository for illegally shared files.
Leo
30-Aug-2011

Bob63
December 18, 2011 2:56 PM

Can my ISP see that I downloading files from a UseNet Server and if so what can they see? Filename, data type, etc? This seems to be the correct article to ask this question. Please don't delete.

Last I checked usenet was not encrypted so they can probably see everything - groups, files, file contents - everything.
Leo
19-Dec-2011
Peter
January 25, 2012 3:44 AM

Hi Leo, thanks for your insight and you were correct about your comment on 30 Aug 2011! SOPA, Megaupload, etc.

john
January 30, 2012 3:44 AM

Great article Leo,

I just bought an elite proxy for a few dollars per month.

If I use this proxy on windows mail, will it stop my isp or others being able to view the data being sent etc.

I'm not familiar with that proxy, so you'll have to check with them.
Leo
31-Jan-2012

Stephen
February 1, 2012 8:59 AM

I recently (past 3 weeks) began downloading movies off of torrent sites. As soon as the file was completed downloading I stopped it from seeding. After downloading about 80 movies I started receiving emails from my ISP saying that they were contacted by the movie distributors (ie. Sony, Universal, etc.) and forwarded the message to me. Each email listed the title of the movie in question and demanded that I remove the files and stop downloading or I will be disconnected.

I have stopped downloading and removed the PSP sharing software (Vuze) from my computer but can they (my ISP or the movie distributor) see if I have actually deleted the movies off of my computer or personal shared network media drive?

I understand how the ISP sees what I am doing but how did the movie distributor know I downloaded one of their movies? Do they upload the torrent themselves and watch to see who downloads it?

Sorry for the long post but you obviously know what you are talking about and I hate to completely delete all of those movies if I don't have to. But at the same time, I really don't want to get in trouble or have my internet disconnected (guess I should have thought about that before I started downloading movies, haha!).

Your input is much appreciated, Leo.

Mark J
February 1, 2012 10:25 AM

@Stephan
Ask Leo can't, or won't, respond to questions that ask to do
something illegal, or ask for help with something that would
be illegal or improper.

Geoff
February 15, 2012 12:27 PM

Nice informative article Leo, Can I just add that over here (UK) British Telecom Slow down but don't stop file sharing, but after midnight to 7am they allow full speed.

GW McClintock
May 14, 2012 4:45 PM

You said, "That means that they (ISPs) can disallow file sharing protocols whether or not you're using them to perform illegal downloads."

I am 63 and I do not d/l copyrighted material me being in the music business, so; my question would be: "Isn't the ISP acting as a de facto agent of Law Enforcement, and just how did the ISP come to insert themselves as de facto law enforcement?" Granted it is "their" ISP however, when an intity inserts itself in to what may or may not be legal without sworn legal authority I'd think they are letting themselves in for a nice law suit especially if that ISP is the only "game" in town? Yes? No?

I do believe that various government agencies are indeed asking, or perhaps even requiring ISPs to act as their enforcers. It's aweful. However even where they don't the ISPs will claim NOT that you're downloading illegal content, but rather that the filesharing protocols use too much of their bandwidth and therefor must be disallowed.
Leo
14-May-2012
Mama
May 15, 2012 8:40 AM

There are a lot of activities that use a lot of bandwidth, are all of them going to be disallowed? If so, I might as well kill myself now.

Mama
May 15, 2012 8:57 AM

A bettter title would be "How can my ISP not know what I'm doing? Afterall, they are almost up my butt."

Brandon Hunter
June 22, 2012 5:50 PM

Im very sorry for posting here but i am completely out of ideas!! please someone help! I have a question, is it legal for a comcast internet tech to tell me i have to install something on my computer that in turn erased all my bookmarked pages that i use for reference for work? He had me install some "xfinity" software and told me i could just remove it when it was finished if i did not want it on my computer. Well, as soon as it was finished installing I imediatly opened google crome to start my work (writing ebooks on political topics). To my dismay, ALL of my reference matirial I had spent months looking for and bookmarking was gone!! No bookmarks!! I called the service center, they sent out a tech guy to my place again. He told me that he was not sure why they make people install this software because people are unhappy about it usually. He also told me that other people have had the same problem before and that there is nothing they can do about it. This is unacceptable to me!! It has ruined my focus and direction associated with my writing as I now have absolutely no references!! Please someone tell me this is illegal so i can put a stop to this kind of guided misfortune!! Thank you! B

Illegal? No idea - you'll need to ask a lawyer. I do have to say, though, that regular backups - particularly one taken just before this incident, could have restored your bookmarks.
Leo
23-Jun-2012

Debra
November 30, 2012 12:47 AM

Just wanted to thank you for this simple, clear and concise post on downloading! It really helped me to understand this topic. I really appreciate it!

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.