Your W-Fi router is accountable for transmitting almost all of your internet traffic. This involves a significant amount of data — sufficient to raise concerns about privacy. a reasonable concern when picking one out.
So, how do you know if your router is collecting data about you? The first place to start looking for answers is your router manufacturer's privacy policy. Unfortunately, those privacy policies are often brutally long and full of dense and often contradictory language.
Data-collection practices are inherently complex to start with, and privacy policies often fail at elucidating them for the typical web user. Despite reading the entire policy, you might still have more queries than clarity.
Luckily, I possess a robust tolerance for intricate details, and following several years of assessing and critiquing routers, here on Pawonation.com Most manufacturers usually reply to my emails when I have questions. Therefore, after reviewing more than 30,000 words of privacy policies from seven key router makers and discussing with several specialists, this is what I discovered.
Top Wi-Fi Routers for 2025: See at Pawonation.comEvery issue related to privacy policies
Although I have extensive experience with routers, the terms of service and policy documents I reviewed for this piece were not easy reads. Generally, privacy policies are not crafted with complete clarity in mind.
"A privacy policy can essentially only assure you with reasonable certainty that nothing detrimental will occur," stated Bennett Cyphers, who works as a staff technologist for an organization focused on privacy concerns. Electronic Frontier Foundation , "but it won't I'll let you know if anything negative happens. is going to happen."
What typically happens is that companies state they gather information such as X, Y, and Z, and they mention sharing this data with their business associates, along with potential use across those seven distinct categories," Cyphers went on. "These statements tend not to be particularly specific. This does not automatically imply that the firm is engaging in the most egregious practices imaginable; however, it gives them flexibility should they decide to misuse your personal details.
He isn’t incorrect: The majority of the privacy policies I examined for this article were riddled with “loophole-filled” language as Cyphers pointed out, featuring ambiguous wording and scant concrete details. To make matters worse, numerous policies are drafted broadly enough to encompass all aspects of an organization’s operations—ranging from their services and websites to their handling of data derived from sales activities and employment applications.
This indicates that a significant portion of what is outlined in a manufacturer’s privacy policy may not pertain to routers at all.
Firstly, we have the matter of length. To be direct, all these privacy policies are far from being brief reads. They're predominantly composed in complex legal jargon primarily aimed at safeguarding the corporation rather than enlightening consumers like yourself. However, some companies are beginning to improve slightly by incorporating summary segments meant to outline crucial details in simpler terms. Nonetheless, such summaries generally lack depth, so for thorough insight into how your information is handled, one must delve further into the detailed clauses within each policy.
When a business employs an external partner to provide extra services such as threat detection or a virtual private network , you might have to review several privacy policies to understand where your information ultimately goes.
Everything combined made the task quite intimidating as I began to carefully go through all the material, so I concentrated on uncovering the responses to several crucial queries for every company involved.
Every policy I reviewed indicated that the firm gathered individual information with the intention of promoting products. Personal information such as your name and address is generally gathered when purchasing a router or contacting support for assistance. However, does this mean that companies share or sell this personal data to external entities not under their management? Additionally, do these router makers monitor online activities, specifically the sites browsed during navigation?
Let's examine more closely what I discovered.
*CommScope, the maker of Arris Surfboard networking devices, states that they do not sell personally gathered information from their products. However, certain aspects of their operational activities such as order processing and data analysis might be classified as sales according to Californian legislation. For further clarification regarding this matter, please refer to the "Is my data being sold?" segment.
Is my router actually monitoring the webpages I access?
To start with, let me point out that this piece focuses on the privacy policies of router manufacturers rather than those of various service providers. internet service providers . If you're hiring a router from your Internet Service Provider , the details provided here probably won't be relevant to you since Your internet service provider might monitor your router according to their needs. .
Nearly all of the internet traffic within your household goes through your router, making it hard to believe that it doesn’t monitor the sites you visit while surfing online. Each significant producer I examined mentioned that they gather certain types of user information for advertising or technological reasons. -- However, nearly all the policies I reviewed did not specifically address whether routers keep logs or maintain records of internet browsing histories. .
The sole exception? Google.
Notably, the Google Wifi app, as well as the Wi-Fi features within the Google Home app, along with your Google Wifi and Nest Wifi devices, do not monitor the sites you browse or gather the data contained in any network traffic, The support page from Google regarding privacy for Nest WiFi Nonetheless, your Google Wifi and Nest Wifi devices gather information like Wi-Fi channels, signal strength, and device types, which are essential for enhancing your Wi-Fi performance.
For this article, I reached out to the six other companies I researched regarding whether they monitor the websites visited by their users. Although these details aren’t mentioned in their privacy policies, representatives from five of those firms—Eero, Asus, Netgear, TP-Link, and CommScope (the company behind Arris Surfboard network equipment)—explicitly informed me that they do track such activity. their products do not track the sites that users visit on the web .
"Eero does not track and does not have the capability to track customer internet browsing activity," an Eero spokesperson said.
"Asus routers do not track what the user is browsing nor do our routers include targeting or advertising cookies," an Asus spokesperson said.
"Netgear routers do not track any user web activity or browsing history except in cases where a user opts in to a service and only to provide information to the user," a Netgear spokesperson said, offering the examples of parental controls that allow you to see the sites your child has visited, or cybersecurity features that let you know what sites have been automatically blocked.
Top Mesh Routers for 2024: See at Pawonation.comTP-Link informed Pawonation.com that they do not gather user browsing histories for advertising reasons; however, their privacy policies include vague and conflicting statements which complicate matters. Specifically, as stated in section 1.2, The primary privacy policy of the firm states that browsing history is gathered exclusively when you utilize parental control features to supervise your child's internet activity -- but a distinct page for California residents In regions with stricter disclosure regulations, it is stated that browser activity is gathered through the use of cookies, tags, pixels, and comparable technologies. This data is subsequently anonymized and shared internally within the TP-Link group for direct marketing initiatives.
When I inquired about that inconsistency, a TP-Link representative clarified that the cookies, tags, and pixels referenced in the California statement pertain to tracking mechanisms employed on TP-Link’s website rather than indicating any activity related to their routers.
"I will say our policy can be clearer," the spokesperson said. "That's something we're kind of working on right now, internally."
CommScope, too, says that its products don't collect a its users' browsing history -- though the company makes a distinction between retail products sold directly to consumers and the routers it provides via service partnerships with third-party partners, most notably internet service providers.
"Regarding our retail Surfboard products, CommScope has no access or visibility to an individual users' web browsing history or the content of the network traffic flowing through these retail products," a company spokesperson said.
In the meantime, D-Link has failed to address several inquiries regarding their data gathering methods, leaving it uncertain whether the firm’s devices monitor individual web-browsing activities. I will revise this entry as soon as new information comes through.
Exactly where is my router sending the data?
Despite not monitoring individual web pages you browse, your router gathers information whenever you're connected. This largely consists of technical details regarding your network and the gadgets using it—information necessary for smooth operation and threat detection. Typically, routers accumulate personal data along with location specifics and identification markers. As mentioned earlier, each service provider I examined clearly stated their usage of such data for promotional activities in some form or fashion.
If a company is "using your data for marketing," that often means that your data is being shared with third parties. In that case, there is a risk that the company may share your data with a third party outside of its control, which would then be free to use and share your data however it likes.
"When data is used to target ads, it's usually not just used by the company that's collecting the data," said Cyphers. "The company is going to share it with a number of advertising companies who might share it downstream with a number of other, vaguely ad-related companies. All of them are going to use that data to augment profiles they already have about you."
With respect to routers, all of the companies I looked at acknowledged that they share user data with third parties for marketing purposes. However, the majority of these companies claim that these are in-house third parties bound by the company's own policies, and all of the companies I reached out to said that they don't share data with third parties for their own independent purposes.
Is my data being sold?
I additionally reached out to the companies mentioned in this article to inquire if they sell data that could lead to the personal identification of a user, as outlined by the GDPR. California Consumer Privacy Act of 2018 That legislation defines “sale” quite extensively to encompass actions such as selling, renting, releasing, divulging, spreading, providing access to, moving, or otherwise sharing a consumer’s personal data verbally, in writing, electronically, or through other methods between businesses or with a third party in exchange for financial compensation or something of comparable value.
Many businesses state in their privacy policies that they do not trade personal information. , but the CommScope privacy policy recognizes that it discloses personal data such as identifiers along with details about online activities and web interactions for objectives like advertising, which may be considered a sale under California law.
As per a strict interpretation of Californian legislation, data utilized for certain aspects of our business activities such as processing orders and analyzing performance metrics, along with the deployment of 'cookies' on our CommScope.com and Surfboard.com sites, might be considered the 'sale' of 'personal information,' according to a statement from a CommScope representative.
The answer to whether the company sells data has some subtleties, particularly because activities such as order fulfillment and cookies on CommScope’s website aren’t directly connected to their home networking equipment. However, it's significant that CommScope admits certain practices might be considered sales under California legislation, whereas most other companies I examined didn't acknowledge this.
"We can say that we do not sell data collected from the modems nor is that data used for marketing purposes by CommScope," the company added. "But where modems are ordered from us directly or where we provide customer support, that information is 'sold' (our read of the California law) only as part of filling that order and providing those services.
"Where we supply modems/gateways to service providers, they control their own privacy policy controls," the company added.
Individuals in California can inform CommScope to refrain from selling their personal information. on this website , however, CommScope states that it "retains the option to adopt a differing method" when addressing inquiries from users residing in other locations.
In the meantime, TP-Link informed Pawonation.com that they do not sell their customers’ personal data and emphasized that the information gathered from their routers isn’t utilized for promotional purposes whatsoever. Nevertheless, the company’s privacy statement seems to leave some flexibility regarding this matter: “Unless we have explicit consent from you, we won't share your private details with others. Nonetheless, under Californian legislation, the definition of ‘share’ can be quite broad, potentially encompassing practices like employing personalized ads within our products or services as well as how external parties use these features.”
Is it possible for me to completely decline participating in data collection?
For certain manufacturers, the response is affirmative. For others, they allow you to ask for access to or removal of the information gathered on you. Despite these differences, various companies exhibit varying degrees of effectiveness when it comes to offering straightforward and useful choices for safeguarding your privacy.
The most effective strategy is to provide individuals with a readily accessible means to submit an opt-out request. For instance, Minim, which oversees Motorola’s home networking software, serves as a solid case study. Navigate to the settings portion of the firm's Motosync application designed for routers such as these. Motorola MH7603 , you will see a straightforward option to opt-out of data collection entirely. Similarly, Asus provides an equivalent choice, informing Pawonation.com, "Users can choose to opt out or revoke their consent for data collection through our router settings interface anytime by selecting the 'revoke' button."
Unfortunately, that approach is more exception than norm. The majority of manufacturers I looked into make no mention of opting out of data collection within their respective apps or web platforms, choosing instead to process opt-out and deletion requests via email or web form. Usually, you'll find those links and addresses in the company's privacy policy -- typically buried towards the end, where few are likely to find them.
That's the case with Netgear. Pursuant to Apple's policies, the company discloses its data collection during setup on iOS devices, complete with options for opting out, but there's no way to opt out in the app after that. Android users, meanwhile, get no option to opt out at all.
"A Netgear representative stated, 'Users from the Android application (or iOS) can access the Privacy Policy through About > Privacy Policy and find the web form link mentioned in Section 13 to remove their personal information.' We plan to make this feature more prominent in upcoming updates," they added.
Other manufacturers, including D-Link and TP-Link does not provide an immediate way to opt out of data collection. Instead, it guides privacy-minded individuals on how to opt out of targeted ads through platforms such as Google, Facebook, or Amazon, or suggests installing comprehensive Do Not Track cookies provided by self-regulating marketing organizations like the Digital Advertising Alliance and the Network Advertising Alliance That’s an improvement over having nothing at all, but a straightforward way to opt-out would be even more effective—especially considering that certain businesses may disregard Do Not Track signals altogether.
"As of now, TP-Link does not recognize Do Not Track signals," according to the company’s privacy policy.
This leads us to Eero. The firm doesn’t provide an opt-out choice for data collection; they state that the sole method to prevent their gadgets from collecting information is by avoiding their usage altogether.
"You can stop all collection of information by the Application(s) by uninstalling the Application(s) and by unplugging all of the Eero Devices," the Eero privacy policy notes.
You may request Eero to remove your personal information from their database by sending an email. privacy@eero.com However, the company asserts that deleting the collected data would require disconnecting from Eero’s servers, which would make the devices non-functional.
The privacy policy also notes that the company "may be permitted or required to keep such information and not delete it," so there's no guarantee that your deletion request will actually be honored. Even if Eero does agree to delete your data, that doesn't mean that the company won't keep a backup.
Eero’s policy states, 'Once any data is removed, it will be erased from the live database; however, it might still exist in our backup systems,'
How to opt out of router data gathering, regardless of the router model you have
Gathering data has become quite routine in contemporary consumer technology, raising various worries. smartphone apps , social media , phone carriers , web browsers and plenty more. I'd rank my concerns with routers beneath those -- but your home networking privacy is still worth paying attention to.
From my perspective, opting out of data collection whenever possible is typically a good idea, even if the collection itself seems harmless. There's simply no good way to know for certain where your data will end up or what it will be used for, and privacy policies will only tell you so much about what data is actually being collected. To that end, here are some options for opting out with each of the manufacturers covered in this post below. And, as I continue to test and review networking hardware, I'll keep this post up to date.
Asus
To revoke permission for data collection, navigate to the settings part of the Asus web interface, select the Privacy tab, and click “Revoke.” Access this web interface either by typing your router’s IP address into your browser’s search bar when you're connected to its network, or open the Asus Router application, tap the options symbol located at the upper-left corner, and choose "Go to Web Interface."
CommScope (Arris)
If you reside in California, you have the option to inform CommScopes that they should refrain from selling your data by completing a specific form. on this website However, the company does not ensure that they will comply with such requests if your residence is outside their designated area. While there’s no straightforward way to opt-out of data collection within the applications utilized for setting up and managing CommScope products, the firm points out that you have the ability to cancel subscriptions to marketing emails whenever you wish.
D-Link
D-Link doesn’t provide a straightforward way to opt out of data collection directly. Instead, they guide users to opt out of interest-based ads from participating firms through an alternative method. The Do Not Track cookies offered by the Network Advertising Initiative a marketing industry body operating under self-imposed regulations.
Eero
Eero has no opt out setting for data collection, as Eero claims that its devices are unable to function without sending device data to Eero's servers.
Google Nest
You can control your Google Wifi or Nest Wifi privacy options and choose not to participate in specific types of data gathering by launching the Google Home app and selecting tap. Wi-Fi > Options > Confidentiality Settings .
Netgear
Netgear does not provide a way to entirely opt-out of data collection, however, you can complete a form to adjust your preferences. on this website To download and review any information that Netgear has gathered or ask Netgear to remove that data.
TP-Link
TP-Link does not provide a straightforward way to opt-out of data collection directly through their platform; however, they do include guidelines on how to opt-out from interest-based ads using services like Facebook, Google, and Amazon. on its website . The site also offers information about Do Not Track cookies available from the Digital Advertising Alliance and the Network Advertising Initiative, which are self-regulatory marketing industry groups.
For more Wi-Fi tips, check out where you should set up your mesh router and Why your internet service provider could be slowing down your connection .
Post a Comment