Can your internet provider see your search history?

Yes. Your ISP (Internet Service Provider) can see your search history. Exactly how much of your search history your ISP can see depends on your service agreement, where you live, and the web pages you visit.

Let’s explore how much of your online activity ISPs can monitor and retain, from browsing history to search queries and social media visits, and learn how to protect your privacy.

Updated on: August 16, 2024

Can your internet service provider see…

…your browsing history?

Yes, your ISP (Internet Service Provider) can see your search history. Internet providers have access to all the information related to your browsing activity. Exactly how much of your search history your ISP can see depends on your service agreement, where you live, and the web pages you visit.

…your mobile browsing history?

Your mobile data provider is just another internet service provider. It can see all your online activity and browsing history the same way your home ISP does. Have a look at the privacy policy of your mobile data provider to learn just how much data it collects. 

…your Youtube history?

Your ISP can’t see the exact videos you watch on YouTube. However, they can see how much time you spend on YouTube and how often you visit the site. If you watch a lot of videos, your ISP will also notice the large amount of data you’re using.

…your deleted history?

Yes, your internet provider can see your deleted history as it logs the domains you visit in real time. Deleting history only removes it from your device, not from the ISP’s records—this is true for both regular ISPs and mobile networks.

…what I search on incognito mode?

Yes, your internet service provider can see what you search on incognito mode. Using incognito or private mode won’t hide your browsing history from your ISP. These modes only prevent your device from saving your online activity—your ISP, school, or employer can still access your browsing history.

Why does the ISP have access to my browsing history?

ISPs need access to their customers’ internet history for management and security purposes. Here’s what they use it for:

• Network management: ISPs use data to optimize their networks, ensuring efficient data transmission and minimizing congestion, ultimately leading to better customer service quality.

• Security: Monitoring data helps ISPs detect and mitigate security threats, such as malware, phishing attempts, or denial-of-service attacks, to protect customers and maintain network integrity.

• Billing: ISPs track data usage for billing purposes. The goal is to ensure that customers are accurately charged for the data they consume.

• Compliance: ISPs may collect data to meet legal requirements and cooperate with law enforcement or government agencies in investigations, including responding to subpoenas or court orders.

• Marketing and advertising: ISPs may use, share, and store data to deliver targeted advertising or content. 

If you have concerns about the potential use of your browsing history, you’re not the only one. In addition to collecting and monitoring your online activity, some IPSs share the information they collect without users’ consent.    

What do internet service providers (ISPs) usually see?

Your ISP owns or rents the infrastructure through which all of your web traffic passes. It allows data packages to travel between your device and the internet. Therefore, it has easy access to your internet browsing history. Here’s the online data most ISPs have access to and what is often referred to as ISP tracking. 

The websites you visit

Your ISP can see the websites you visit, like theoceancleanup.com or wikipedia.org. That said, if you only browse HTTPS websites, it will not see which pages you visited or what you did there. This is because your ISP doesn’t have access to encrypted web traffic. In practice, whenever you’re on a secure URL (starting with https://), your ISP cannot see what exactly you do there. 

Your browsing history after you deleted it

Even after a user deletes their browsing history, internet service providers may retain certain records of their online activity. ISPs can store metadata, such as DNS records, which include the domain names and IP addresses associated with previously visited websites. While traces of specific page content may be deleted from the user’s browser, records of domain visits and IP addresses remain in the ISP’s logs. 

Incognito browsing history?

Incognito browsing enhances privacy on your device by, among other things, deleting your browsing history once you close the incognito mode tab or window. This way, the websites you visited are not stored by your browser. However, your ISP logs them just the same, together with your IP address.

Search queries

The majority of search engines use the HTTPS protocol to encrypt the connection between users and their services. This means your search queries are not visible to your ISP, even if you type them into the address bar of your browser.

That said, even on an encrypted connection, metadata connected to your search activity may be visible, such as the domain of the search engine used, the timing of the query, and the frequency of data exchanges. This metadata can provide some insights into user behavior.

YouTube videos you watch 

As YouTube is an HTTPS-encrypted website, your ISP will see that you visited youtube.com, when you visited, and how much time you spent there but will not see the content you watched.

Social media 

Your ISP can see that you’re engaging with social media because it logs the web pages you visit. However, the specific content of your interactions on social media, including your posts, messages, and comments, is encrypted when using HTTPS connections. The same is true when you connect to social media using an app on your phone.

It’s important to note that social media companies themselves have access to the content of your interactions on their platforms, as they provide the services and manage the data.

IP address

Your ISP can see your IP address. Your IP address is essential to how data packets are routed on the internet. When you connect to the internet, your ISP assigns you an IP address, which is used to identify your device and route data to and from it.

Downloads

Provided you download files from websites protected by HTTPS, the ISP cannot see the contents of your downloads or the names of the files you’re downloading. ISPs do, however, monitor the amount of data you are downloading to evaluate network usage. Based on this information, they may charge you more or reduce your bandwidth (the latter is called bandwidth throttling).

DNS requests

DNS, or the Domain Name System, acts as the internet’s address book, translating human-readable domain names into numerical IP addresses. By monitoring DNS requests, ISPs can discern the websites users visit, which can reveal their web activity and interests. Additionally, ISPs may track DNS server interactions, which, in turn, may expose specific DNS settings used by individuals. However, if you visit HTTPS web pages exclusively, your ISP cannot see anything beyond the domain, main page, time, and frequency of your visits.

Metadata

ISP monitoring encompasses collecting various types of metadata, including details about the timing and frequency of data exchanges, data usage, connection logs, and, sometimes, device information.

A detailed look at the privacy policies of the main internet service providers

All ISPs track their customers’ data. In fact, if you live in the US, UK, EU, or Canada, the ISP is legally obliged to monitor your internet activity and retain it for a specific period (more about this later). 

If you want to check how much of your internet browsing data your ISP can see, read the privacy policy first. It’s likely to be attached to your service agreement, or you can view it online.

AT&T

AT&T is the most popular ISP in the US, together with Verizon. We had a look at its privacy policy to understand just how much customer browsing activity, together with other data, it collects. Here’s what we found.

In addition to personal information needed to start using its services (account information), AT&T collects extensive data on your equipment, network performance and usage, location, and biometric information. The paragraph on web browsing and app information is the longest one by far. In it, we read that AT&T logs the websites you visit, the apps you use on your mobile phone, your IP address, how much time you spend and the ads you click, the search terms you enter, and they even have a peek into your shopping cart. That’s a lot of data. 

Note that the company does not “decrypt information you transmit using a secure website or app.” This means that there are ways in which you can hide your browsing traffic.

Verizon

Verizon’s privacy policy is very similar, if slightly more vague. In addition to screen recordings and cursor movements, it also records “other attributes” which are not specified.

The information your ISP can legally share (and sell) in the United States

In the US, ISPs can share customer data with third parties under certain conditions, subject to compliance with federal laws. This includes sharing data with:

1. Government agencies: for law enforcement, national security, and regulatory purposes.
2. Affiliates: ISPs can share data with affiliated companies, such as subsidiaries or corporate partners, for business purposes.
3. Third-party advertisers: ISPs can share customer data with third-party advertisers and data brokers, but they must offer opt-out options to customers.
4. Service providers: ISPs may share data with service providers who assist with network management, billing, or other operational aspects.

As some of this information is very valuable, you may wonder if ISPs in the US also try to profit from selling it to third parties. Sadly, the answer is yes. The Federal Communications Commission (FCC) law preventing ISPs from selling users’ data without their consent was repealed in 2017. Furthermore, the FCC is forbidden to issue similar consumer privacy protections in the future.

How long do internet service providers keep your browsing history?

Internet service providers typically store your browsing history for six months to two years or longer. To learn the exact retention period, check the contract you signed with your internet provider.

That said, some ISPs hold on to users’ data for much longer than that, with AT&T retaining it for seven years.

Moreover, the information your internet service provider (ISP) legally shares with third parties is subject to data retention laws. In the United States, for example, ISPs must retain all subscriber information for one year after they cancel their service.

How to stop ISP tracking

There are several ways in which you can limit ISP tracking. Some level of network monitoring is necessary for ISPs to deliver their services, which is why it’s impossible to stop ISP tracking completely. That is unless you decide to start providing internet access yourself (which is possible). 

Here are a few tried and tested options.

Using a virtual private network

Using a virtual private network (VPN) is one of the most effective ways to limit ISP tracking. With a VPN service, your internet traffic is encrypted and routed through a VPN server, which masks your actual IP address and makes it more difficult for your ISP to track your online activity. A VPN connection creates an encrypted tunnel between your device and the internet. All of your browsing activity passes through this tunnel, meaning that any transmitted data is encrypted and, therefore, hidden from your ISP. This means that your ISP can still see the overall amount of data you send over your internet connection but has no records of the domains and pages you visit.

Private browsers

Private browsers also play a role in limiting the visibility of your browsing history. Some, like the Brave browser or the Tor browser, offer encrypted connections by default at the device level. Others (Firefox, Oracle, and Google Chrome) will connect to HTTPS websites only if you enable a HTTPS forcing mode. To determine which private browser is the best option for your needs, read our recommendations here.

Private search engines

Most private search engines use encryption protocols and anonymization techniques to prevent the tracking of users’ IPs. One crucial aspect is limited data retention. Unlike mainstream search engines that may store user browsing history for extended periods, a private search engine typically does not retain or collect personally identifiable information or search history data. 

The future of internet privacy

As technology advances, so does the potential for more sophisticated tracking and data collection methods. While governments and regulatory bodies recognize the need to protect individuals’ online privacy rights, the implementation of stronger privacy laws and data protection measures in some regions is lagging. In the meantime, we must proactively ensure the privacy of our online activities, including browsing history, by using the tools at our disposal: a VPN service, a privacy-focused browser, a private search engine, as well as being mindful of the data we share online.

FAQ