Is My ISP Tracking My Internet Activity?

What your ISP can see

Your ISP can see: every domain you look up (via DNS requests), the IP addresses you connect to, connection timing and volume, and — on unencrypted HTTP connections — the full URL and content. On HTTPS connections, they see the IP and domain (via SNI in the TLS handshake) but not the content of the page or your requests.

What your ISP typically does with the data

In the US, ISPs are permitted to sell anonymised browsing data to advertisers since the 2017 FCC rule rollback. Major ISPs including Xfinity, AT&T, and Verizon have faced regulatory scrutiny for data sharing. They are required by law to retain connection logs for compliance with court orders and government requests. Check your ISP's privacy policy for their specific data retention period.

How to limit ISP DNS tracking

The most effective first step is changing your DNS provider. Your ISP's default DNS server logs every domain you look up. Switching to Cloudflare (1.1.1.1) or Google (8.8.8.8) moves logging away from your ISP to a third-party with a published privacy policy. Enable DNS-over-HTTPS to also encrypt the lookup so your ISP cannot intercept it in transit.

How a VPN limits ISP visibility

A VPN encrypts all your traffic before it leaves your device, including the DNS lookups and connection destinations. Your ISP sees only that you are connected to a VPN server — not which sites you visit or what you do. The tradeoff: you are shifting trust from your ISP to your VPN provider. Choose a VPN with an audited no-logs policy (Mullvad, ProtonVPN, IVPN).

HTTPS and its limits

Most websites now use HTTPS, which encrypts content in transit. However, HTTPS does not prevent your ISP from seeing which domains you visit — the domain is visible in the TLS SNI field and in DNS lookups. Encrypted Client Hello (ECH) is an emerging standard that also hides the SNI, but browser and CDN support is still limited as of 2026.

What your ISP cannot see

On any HTTPS connection, your ISP cannot see: the specific URL path, search queries, form data, messages, or content you view. They see the domain and approximate data volume. This is meaningful privacy protection — switching from HTTP to HTTPS was a significant improvement. For the domain-level tracking that remains, DNS-over-HTTPS or a VPN are the tools.

Frequently Asked Questions

Can my ISP see what I search on Google?

No — Google Search uses HTTPS. Your ISP sees that you connected to google.com but not the search query, results, or clicks. Your DNS lookups for google.com are visible unless you use DNS-over-HTTPS. Google itself, however, does see your searches.

Does incognito mode hide browsing from my ISP?

No — incognito mode only prevents the browser from saving history locally. Your internet traffic still passes through your ISP exactly the same way. Incognito does not encrypt traffic or mask destinations from the ISP.

Is it legal for my ISP to sell my data?

In the US: yes, under current law ISPs can share anonymised browsing data with third parties. In the EU: no — GDPR prohibits selling customer data without explicit consent. Check your ISP's privacy policy and opt out of any data sharing programs they offer.