I don’t know who NetZero are/were, but a number of UK ISPs were selling email and browser keywords to advertisers in the early aughts, including big players like BT and FreeServe. Some even tried to launch a project that would use DPI to inspect all web and email traffic and dynamically inject ads into email and webpages.
These are all excellent. Can I add my recommendation: buy a domain name and set up so all emails sent to it are diverted to your real mailbox. Then, when you sign up for services you can give them, say, ebay@yourdomain.eggs, youtube@yourdomain.eggs, bankname@yourdomain.eggs, etc. This makes it easy to tell who is selling your details since the only people who know, say, amazon@yourdomain.eggs is Amazon, plus it makes it harder for them to associate your identity on one service with that on another service.
Some risks are necessary :)
No, it’s zero-trust all the way down!
not really about IT not knowing
All true, and I’m sure your IT doesn’t care as long as you’re not taking stupid risks
If you’re going to be that deranged, at the very least be discreet
…
I’ve seen things you people wouldn’t believe… a folder full of photos of a sales rep’s feet taken under the table at a meeting… a bookmarked playlist of adult baby porn labelled “Potential Suppliers”… I watched a modded BitTorrent client try to fake VLAN tags for unrestricted Internet access. All those moments will be lost in time, like that expensive label printer from my locked desk drawer… time to get another coffee…
That might not be enough. I could monitor that on all the devices I manage, if I need to. There are tools to dump browsing info as it’s being committed, or it’s easy to pipe all the traffic from your machine through a VPN to a firewall I manage with a trusted cert injection into your device and inspect the traffic in transit. If you don’t want your employer to see what your up to, don’t use their infrastructure.
*Whomstnt’ve