How important is IP address really when it comes to tracking?

TL;DR: With a privacy focused browser and other services, no social media and a privacy focused DNS server; is there any need to hide my IP? Will my other privacy enhancements be of any use if I still expose my IP address? Or is my IP address of little concern, if at all, since I don’t worry about neither government nor ISP?

So on my journey on becoming more privacy aware online I have stumbled upon the question of IP address and tracking. I’ve read through several threads in several different subs elaborating on the subject, but haven’t become much wiser.

I understand that IP address generally seems to be a rather bad way of tracking people since it’s mostly dynamic and changes a lot depending on network etc. Also several people may share the same IP.

To enhance my privacy I use a privacy focused dns, have a privacy tuned browser. Also removed a lot of bloatware on my phone in steps, social media and Google accounts/apps.

My main threat level is mostly centered around big corps and ad tracking. I live in Sweden and am not very concerned with government tracking. I’m also in the process of changing ISP to a well known privacy focused one that I trust don’t track, even though my current seems pretty solid according to their privacy policy.

So basically I just don’t want Google, Facebook or other data brokers or companies to have the freedom to track me. So my question here is: With a privacy focused browser and other services, no social media and a privacy focused DNS server; is there any need to hide my IP? Will my other privacy enhancements be of any use if I still expose my IP address? Or is my IP address of little concern, if at all, since I don’t worry about neither government nor ISP?

It’s not really the IP address, but in combination with everything else.

The IP on it’s own is just a number, but with cookies, search history, purchase history, browsing habits, phone location information, calls, texts and more, it can now be tied to your ISP.

Things get even worse if you check off the box, “keep me signed in”, and especially when you authorize websites like Amazon and Google to “no longer require authentication on this machine.”

Those things are reasonably secure, and not always a risk for theft. They can be, but not usually.

But convenience comes with a price: those things are like a virtual cross hairs on you, along with a microscope, and the agencies or businesses that control those conveniences have a detailed record of your life.

Being truly secure and private is a massive endeavor.

You have to use a VPN, and rotate IP address and locations every 24 hours.

You have to use a security-based OS, such as Linux Tails, burned as a “live distro dvd,” meaning it spins up the OS from the DVD, and not the hard drive.

You have to stop using a hard drive and design your machine to be RAM-only, so it gets flushed every time you turn it off.

You have to block Google, Amazon, Facebook, Twitter and ALL of their associated sites and tracking systems, which means the majority of websites simply won’t work.

Encryption for your messages and email must become the standard, not the exception.

You have to encrypt your messages BEFORE you load them into the email or message, or everything you typed will be read.

Physical security keys and dongles are your new existence. You do nothing without plugging it into your machine.

Nobody will want to email you or send messages, because you’ll have to make your system vulnerable to do it. The only people who will be able to communicate, will be those who understand the level of security you need, and are both willing and technically savvy to do so.

The world is designed to monitor your every single move.

Thwarting that makes you suffer, and stand out.

Your ISP probably has no reason to care about you. But they do have the data relating IP address to your identity and will turn it over if presented with a court order from somebody who does care about finding you.

Always keep in mind your goal, what are you trying to achieve.

Estimate the time and cost to mitigate and maintain a “vulnerability” and decide if it is worth it for you.

If you want to hide from a government, you must hide your IP and more.

If you want less targeted advertising then don’t. In my experience IP alone isn’t enough.

IP-Address

The link between you and the internet. Most people have a ‘Dynamic address’, but in reality, this address rarely changes. If you leave your router off for a prolonged period of time, then you might get a new address the next time you turn it back on. Your IP-Address is very relevant to people that does not want to be tracked online. It’s the trail between you and the webserver you are visiting. The data you were looking for has to get back to your house somehow.

DNS provider

If you type Google.com into your browser, then what you do is really ask your DNS-provider what IP-Address you can find Google.com on. A non-privacy oriented DNS provider might note down your IP-Address and your request and save it. That’s the issue with them. After they receive your request, and give back their response, the DNS-provider is done with their job. A site you are visiting can’t see which DNS-provider you used.

Google.com

When you visit google, you request a webpage from their webserver. The webserver receives this request from your IP-Address, and replies to the same address so that the data gets back to your browser. So, the webserver can note down your IP-Address and make a timestamp. If they have this IP-Address, they can contact your ISP (They can’t just do this, the law and stuff. But they can.) and request your identification. However, as other people have noted, if they see that [email protected] keeps logging on from the same IP-Address, then they might be able to use their huge brain and put two and two together.

VPN

A VPN service acts as the middleman between you and the internet. From your home computer, you visit bing.com. Your VPN client on your machine puts your request into an envelope, and puts your VPN servers IP-Address on the envelope. Your ISP can’t look into the envelope, but they can see the destination IP-Address, so they forwards it. When the VPN server receives the request, they peel off the original address and puts their own before forwarding the address to bing.com. When the request arrives at Bing.com, they’ll see your VPN’s IP-Address and return the requested information to that address. When the envelop returns to the VPN service, they put your address back on, and forward it to your ISP. When your ISP receives the envelope, they still can’t see inside it, but they can see that it’s your address.

​

I’m not a network technician and the above is simplified… The process can be complicated.

If you have a static ip, your ip is definitely relevant for tracking. I would say, it is probably the first thing used after cookies for tracking.

My ISP uses dynamic IP and even can share a same dynamic IP with 4 different customers (using different ports), leading to a great confusion regarding tracking i suppose.

Local? Not very, Public, VERY VERY.

I’m surprised you haven’t set up a PiHole.

I agree whole heartedly with this but blending in is sometimes better than standing out.

Yes, this I am aware of. For the time being I feel safe and confident that that’s not going to happen. I live in Sweden and am not in any way suppressed by my government, I’m not involved in any illegal activity, no file-sharing, not a journalist and not an activist. If however things were to change politically, or I were to start file-sharing again, I would definitely get a VPN and protect my IP.

However, at the moment, all I want is to minimize corporations from tracking me for advertising purposes as much as possible. And it’s for that reason I wonder if my IP address actually is important for tracking companies, and if it’s worth the money to protect it?

Thanks for this explanation! Most of this I already know, but it’s still nice to get it in a really simplified way.

At the moment I only use a VPN on my phone since that’s the device I use the most. Might actually not be worth getting for my home network right now since I mainly use my desktop for some gaming and on my android TV I’m already signed in to a Google account so they’ll definitely track me anyway.

That’s actually pretty cool, with your ISP. Never heard of it before. Not sure if that kind of service is available with any of the ISP in my country though, but definitely going to look in to it.

Actually something I might look in to ahead, but don’t have the time nor energy to do it at this moment.

I have absolutely no knowledge when it comes to IPv6, so the first question that comes to mind is if disabling IPv6 doesn’t break some sites or services?

Yeah, VPNs induce a fair bit of lag when gaming. You could however use an extension for your browser, by doing that, you’ll get the online protection from the VPN, and keep the reduced latency from your direct internet connection for your applications, such as games.

Not a bad idea actually. I’m in the process of changing ISP as well and saw that you can have a private network address within their fiber network, which stretches through half of Europe. This way you will share public IP with several people, and it will change more often, which will make it harder to track. So it’s kind of like a VPN, but without the encryption.