NSA Director Paul Nakasone confirmed such purchases in his letter to Wyden, saying the data collected “may include information associated with electronic devices being used outside - and, in certain cases, inside - the United States.”

      • capital@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        9 months ago

        This assumes the only source these companies collect from is your internet traffic. It’s not.

        And even if it was, VPNs don’t protect against fingerprinting.

        For the past few months I’ve been using kanary which is a service that searches for your information on hundreds of different data mining sources and submits deletion requests for you.

        I started with ~225 exposures and it’s gone down over time but I’m still sitting at ~50 exposures and it seems to have plateaued.

        This information was data like who I’d married and when, past and current addresses, family members, etc. None of which was gleaned from internet traffic.

        • AwkwardLookMonkeyPuppet@lemmy.world
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          Right, but you’re talking about two distinctly different things. The ISP doesn’t own the websites you visit. They only have a record of your traffic. The individual websites that you visit can bust your privacy through 3rd party cookies, browser fingerprinting, cross-site tracking, and a bunch of other methods created to circumvent the user security features built into the browser. Nobody shares that information back to the ISP for free. The real issues are that huge companies like Google, Amazon, and Facebook have scripts running on millions of websites, so they can track you everywhere you go. But they’re still just single companies. The linchpin is that they then sell that information to Big Data brokers like Cambridge Analytica, and Informatica. Those companies combine literally everything you do online, everything you submit, all your history, all your data points, and build these fully accurate pictures of you. You need to take proactive measures to prevent this sort of data harvesting that go well beyond a VPN. But your ISP doesn’t have these systems in place. So unless the ISP is buying your profile from Big Data, and then selling it to the NSA, having a VPN is enough to thwart your ISP, and the issue identified in the article. You still have to take a bunch of other precautions to prevent the larger issue if you truly want any anonymity, and they’ll probably figure you out anyways.