When you use a virtual private network to obfuscate your web communications, your Internet service provider is the first party that could feasibly pick up on what you’re doing. In theory. In practice, it might not even know what’s going on in the first place. More importantly, it likely isn’t in a hurry to find out.
Why your ISP might know much less than you fear
Yes, an ISP could probably see that you’re using a VPN, assuming it actually cared enough to look. *Actually* look to see whether the public IP address assigned to your household is behaving in a way that corresponds to your usage patterns. It’s likely not doing that, though. As that would require spending money in order to produce results that can’t be monetized en masse. Or at all, depending on how cynical you are.
Here’s the thing, though: the fact that many of us *are* cynical when it comes to our ISP’s intentions and willingness to act in good faith is precisely why we probably shouldn’t be worried about whether they’re going to any lengths to snoop on us. The U.S. is already among the most expensive countries in the world when it comes to the cost of broadband Internet access. And its irregular population density means that anyone not living in the suburbs or big cities probably receives horrible service relative to how much that service costs because regional monopolies are a thing, whether the FCC is feigning otherwise or not.
In effect, the ISPs became much more strategic about when to push consumers’ gears. Privacy is a big issue these days, sure. But because of digital advertising behemoths such as Google and Facebook, not 20th-century telecoms struggling to grapple with this new reality. If this was 2005, you could at least argue there’s no way of telling whether or not your ISP stores detailed browsing history logs of every individual user. Today, we know they don’t – they can’t, owing to the fact that SSL is everywhere.
And the main reason SSL is everywhere because Google Search started penalizing websites that don’t use HTTPS. You’d think Google would be fine with the world not using cutting-edge cryptography to secure bank transactions and searches for “funny cat videos” as equals. But Google already knew what you were doing and where your queries were directing you thanks to your reliance on Gmail, Chrome, or any other out of a dozen or so “free” and widely popular services it’s managing. The aggressive SSL adoption primarily crippled ISPs with data-harvesting ambitions – it’s not like they could afford to protest much in public.
That would be the gist of why most ISPs don’t go to great lengths to keep logs of user traffic. Plus, storing that information costs money so until they figure out how to make us pay for those logs, they’ll do their best to avoid upsetting shareholders with any unnecessary expenses. So, assuming you use any VPN, at all, your browsing history is at the very least safe from the prying eyes of your ISP.