Many people are often worried about their privacy and anonymity on the Internet. Does the ISP see my visited sites? Is it possible to somehow understand that you are being followed? Does my mobile operator store my sent messages? How does the provider see my traffic? In this article, we will try to answer these and many other questions as simply as possible and without delving into terminology.
Surveillance at the legislative level.
Let's start with the fact that all providers and operators in the Russian Federation are required to analyze user traffic in accordance with the norms of Russian legislation. This is described in the Federal Law of 07.07.2003 N 126-FZ (as amended on 01.03.2020) “On Communications”, in Article 64. Also, paragraphs 1.1 and 1.2 state:
Telecom operators are required to store
Information about facts of reception, transmission, delivery and (or) processing of voice information, text messages, images, sounds, video or other messages from users of communication services - within three years from the date of completion of such actions;
Text messages from users of communication services, voice information, images, sounds, video, and other messages from users of communication services - up to six months from the end of their reception, transmission, delivery and (or) processing. The procedure, terms and volume of storage of the information specified in this subparagraph are established by the Government of the Russian Federation.
This means that all operator user actions are stored in the database. For a certain time.
The provider naturally does not store the traffic. However, it performs automatic processing and classification. The results are recorded in log files for simplified, temporary storage.
In general, the provider only sees the sites you visit, in the form of URLs and IP addresses. This does not in any way imply targeted espionage, but storage of data for a certain period of time, which communication service companies are required to do at the legislative level.
Mobile operators.
Recordings of conversations with the operator:
Listening to conversations is carried out directly. At the moment, there is no system for total recording of all conversations on a federal scale. In the past, this was technically impossible, recently there are fewer and fewer technical obstacles, but not all equipment is yet ready for this, especially in the regions.
SMS from the operator:
There is a requirement according to which SMS (as well as metadata about conversations) must be stored for at least three years. But, since storing SMS technically does not cause problems, and only the minimum storage period is legally limited, in reality SMS are stored almost forever.
Data:
Operators are also required to send all data to SORM (system of operational investigative measures) - the internal ID of the subscriber with the operator (tied to the contract with all personal data), phone number, IMSI of the SIM card, IMEI of the device, CI - identifier of the cell in which the subscriber is located.
Location:
Location is recorded at the following moments: entering/exiting the network, moving from one cell to another, and upon manual request at any time. There is nothing stopping the operators themselves from tracking the location continuously with recording of the entire track; this remains at the discretion of the operator; practice may vary depending on the region.
Queries in the search engine and the "Incognito" mode.
What exactly you write and look for in the search line - the operator does not see. Since many major browsers use a secure HTTPS connection. But, operators and providers, as mentioned above, can see the URL and IP of the sites visited.
Is traffic hidden in incognito mode? I think everyone knows that no. This mode simply does not save history and cookies. This is where his capabilities end. The provider will see the same amount of traffic log as in normal mode.
Does the operator know what content you consume?
Operators and providers do not know what videos or photos you watch on the Internet. This is connected with article number 63 of the Federal Law “On Communications”. Paragraph 2 states:
Telecom operators are obliged to ensure the confidentiality of communications.
I don’t think that operators will violate the laws of the country.
But they see the URLs of the sites they visit. As well as the IP addresses of visited services.
Does the operator know what content you consume?
Operators and providers do not know what videos or photos you watch on the Internet. This is connected with article number 63 of the Federal Law “On Communications”. Paragraph 2 states:
Telecom operators are obliged to ensure the confidentiality of communications.
I don’t think that operators will violate the laws of the country.
Information about downloaded files.
Internet providers have the opportunity to view connection statistics. They can track: the amount of data transferred, source IP addresses and port numbers. The provider can also examine a lot of data: when the download started or ended, when the distribution started, how much traffic was distributed.
In Russia, piracy is still safe - all laws limit the capabilities of the administration of trackers and other distributors of pirated content, but not ordinary users. However, in some European countries, using torrents is fraught with heavy fines. So if you're traveling abroad, don't get caught.
Tor browser and VPN.
If you use a VPN, the provider sees that encrypted traffic is sent to a specific IP address. In addition, he may find out that IP addresses from this range are sold for VPN services. Some VPNs cooperate with operators and, in some cases, automatically transfer traffic to them.
The provider cannot automatically track where the traffic from the VPN service goes. But if you compare subscriber traffic with the traffic of any server using timestamps, you can perform further tracking. It just requires more complex and expensive technical solutions. Out of boredom, no one will definitely develop and use something like this.
When you connect via Tor, the provider also sees encrypted traffic. And he will not be able to decipher what you are doing on the Internet at the moment.
Unlike a VPN, where traffic is typically routed to the same server over a long period of time, Tor automatically changes IP addresses. Accordingly, the provider can determine that you were likely using Tor based on encrypted traffic and frequent address changes, and then reflect this in the logs. But according to the law, nothing will happen to you for this either.
You won't get anything for using VPN + Tor. Since according to the law, these manipulations are not prohibited.
Surveillance at the legislative level.
Let's start with the fact that all providers and operators in the Russian Federation are required to analyze user traffic in accordance with the norms of Russian legislation. This is described in the Federal Law of 07.07.2003 N 126-FZ (as amended on 01.03.2020) “On Communications”, in Article 64. Also, paragraphs 1.1 and 1.2 state:
Telecom operators are required to store
Information about facts of reception, transmission, delivery and (or) processing of voice information, text messages, images, sounds, video or other messages from users of communication services - within three years from the date of completion of such actions;
Text messages from users of communication services, voice information, images, sounds, video, and other messages from users of communication services - up to six months from the end of their reception, transmission, delivery and (or) processing. The procedure, terms and volume of storage of the information specified in this subparagraph are established by the Government of the Russian Federation.
This means that all operator user actions are stored in the database. For a certain time.
The provider naturally does not store the traffic. However, it performs automatic processing and classification. The results are recorded in log files for simplified, temporary storage.
In general, the provider only sees the sites you visit, in the form of URLs and IP addresses. This does not in any way imply targeted espionage, but storage of data for a certain period of time, which communication service companies are required to do at the legislative level.
Mobile operators.
Recordings of conversations with the operator:
Listening to conversations is carried out directly. At the moment, there is no system for total recording of all conversations on a federal scale. In the past, this was technically impossible, recently there are fewer and fewer technical obstacles, but not all equipment is yet ready for this, especially in the regions.
SMS from the operator:
There is a requirement according to which SMS (as well as metadata about conversations) must be stored for at least three years. But, since storing SMS technically does not cause problems, and only the minimum storage period is legally limited, in reality SMS are stored almost forever.
Data:
Operators are also required to send all data to SORM (system of operational investigative measures) - the internal ID of the subscriber with the operator (tied to the contract with all personal data), phone number, IMSI of the SIM card, IMEI of the device, CI - identifier of the cell in which the subscriber is located.
Location:
Location is recorded at the following moments: entering/exiting the network, moving from one cell to another, and upon manual request at any time. There is nothing stopping the operators themselves from tracking the location continuously with recording of the entire track; this remains at the discretion of the operator; practice may vary depending on the region.
Queries in the search engine and the "Incognito" mode.
What exactly you write and look for in the search line - the operator does not see. Since many major browsers use a secure HTTPS connection. But, operators and providers, as mentioned above, can see the URL and IP of the sites visited.
Is traffic hidden in incognito mode? I think everyone knows that no. This mode simply does not save history and cookies. This is where his capabilities end. The provider will see the same amount of traffic log as in normal mode.
Does the operator know what content you consume?
Operators and providers do not know what videos or photos you watch on the Internet. This is connected with article number 63 of the Federal Law “On Communications”. Paragraph 2 states:
Telecom operators are obliged to ensure the confidentiality of communications.
I don’t think that operators will violate the laws of the country.
But they see the URLs of the sites they visit. As well as the IP addresses of visited services.
Does the operator know what content you consume?
Operators and providers do not know what videos or photos you watch on the Internet. This is connected with article number 63 of the Federal Law “On Communications”. Paragraph 2 states:
Telecom operators are obliged to ensure the confidentiality of communications.
I don’t think that operators will violate the laws of the country.
Information about downloaded files.
Internet providers have the opportunity to view connection statistics. They can track: the amount of data transferred, source IP addresses and port numbers. The provider can also examine a lot of data: when the download started or ended, when the distribution started, how much traffic was distributed.
In Russia, piracy is still safe - all laws limit the capabilities of the administration of trackers and other distributors of pirated content, but not ordinary users. However, in some European countries, using torrents is fraught with heavy fines. So if you're traveling abroad, don't get caught.
Tor browser and VPN.
If you use a VPN, the provider sees that encrypted traffic is sent to a specific IP address. In addition, he may find out that IP addresses from this range are sold for VPN services. Some VPNs cooperate with operators and, in some cases, automatically transfer traffic to them.
The provider cannot automatically track where the traffic from the VPN service goes. But if you compare subscriber traffic with the traffic of any server using timestamps, you can perform further tracking. It just requires more complex and expensive technical solutions. Out of boredom, no one will definitely develop and use something like this.
When you connect via Tor, the provider also sees encrypted traffic. And he will not be able to decipher what you are doing on the Internet at the moment.
Unlike a VPN, where traffic is typically routed to the same server over a long period of time, Tor automatically changes IP addresses. Accordingly, the provider can determine that you were likely using Tor based on encrypted traffic and frequent address changes, and then reflect this in the logs. But according to the law, nothing will happen to you for this either.
You won't get anything for using VPN + Tor. Since according to the law, these manipulations are not prohibited.
