Are ISPs Allowed to Sell Web Browsing History to Advertisers?

Social media iconsWell, if you are a citizen of the US, here’s the bad news.

The US Congress and President Trump are definitely willing to ease up the the process of selling and sharing our privacy for the ISP providers - it refers to the information related to our web browsing records and app usage.

After the senate of US voted in favor of permitting the ISPs to be able to sell their customers’ browsing data to advertisers for marketing purposes, now people are in a position to feel less secure and to look for ways to protect their browsing history privacy.

What's the problem all about?

You are able to connect to the internet because your ISP gives you acess to the internet connection they own. As one of the most trusted and well-known service providers in India, delivering the best broadband in Delhi, we at Excitel decided to clarify what's the actual situation with the data privacy of ISPs' customers.

While you are using their internet infrastructure, they are able to see every webpage you visit, every link you’ve clicked on, etc. This information is the most precious one, related to the data which Facebook and Google stores about their users, and this is why advertisers are paying a lot of money to ISPs in order to access it.

The worst thing is, these private records of you will be offered and sold to the most generous bidder without even opting for your permission. You will never know that your privacy was traded. In case the US House of Representatives approve this law, this will cause a massive loss of internet browsing history privacy.

Data privacy in India: Is there a law, which protects it?

The term "data privacy protection" is not mentioned anywhere in the Indian laws. Still, there is some kind of regulation. The Information Technology Act 2000 (IT Act) is the national law which regulates the collection and use of personal data, after its amendments in the year 2009. It applies to the whole of India, but its exterritorial effects are not entirely comprehensible.

  • Section 43-A of the IT Act focuses on the remissness in implementing good security procedures and practices in every organization which operates with private personal information
  • Section 72A of the Information Technology Act provides punishment for the disclosure to third parties and the use of "personal information" in violation of the lawful contract or without the consent of the owner who provided that information.

Personal data protection also complies under Article 21 of the Constitution. It provides an interpretation of the right to life and personal liberty. The curious thing is that the Supreme Court of India still can not decide and express a standpoint whether the right to privacy is a fundamental human right, or not. The Apex Court of India is expected to take this decision in the near future.


Lately India has been going through a number of lawsuits with the social media monsters Facebook and WhatsApp and their data protection and privacy policies. Some of the questions raised in the Supreme Court of India were never addressed before. The companies and the Telecom Regulatory Authority of India are required to explicate their position over data privacy concerns, which were raised in a petition related to the data sharing policy of WhatsApp.



Association of Corporate Council

Practical Law