ISP data collection from home routers

Joel Busch joel.busch at
Thu Mar 24 11:07:08 UTC 2022

Hi Giovane

On 24.03.22 11:43, Giovane C. M. Moura via NANOG wrote:
> Hello there,
> Several years ago, a friend of mine was working for a large telco and 
> his job was to detect which clients had the worst networking experience.
> To do that, the telco had this hadoop cluster, where it collected _tons_ 
> of data from home users routers, and his job was to use ML to tell the 
> signal from the noise.
>   I remember seeing a sample csv from this data, which contained 
> _thousands_ of data fields (features) from each client.
> I was _shocked_ by the amount of (meta)data they are able to pull from 
> home routers. These even included your wifi network name _and_ password!
> (it's been several years since then).

Creepy. And the provided CPE usually sucks too, what a deal...
I feel validated in preferring to use my own router at home.

> And home users are _completely_ unaware of this.
> So my question to you folks is:
> - What's the policy regulations on this? I don't remember the features 
> (thousands) but I'm pretty sure you could some profiling with it.

For the policies probably this is a good place to start if you are 
interested in US legislation (you didn't specify any location), as it's 
not federally regulated from what I gather:

> - Is anyone aware of any public discussion on this? I have never seen it.

I remember reading some discussion around ISPs selling browsing behavior 
data that they collect from their subscribers in the tech press during 
Pai's term as the head of the FCC. It was probably on Ars Technica or 

> Thanks,
> Giovane Moura


Joel Busch, Network

Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 30, direct +41 44 268 16 58

More information about the NANOG mailing list