Can someone please tell about ISP spying in India?
- Like how far they can legally collect data? And illegally collect data?
- How, and what data they collect?
- How long does they store the logs?
- What are the privacy practices to prevent these ISP spying?
Unless they are also a certificate authority, they cannot read the encrypted content of you communications since today almost all sites use TLS encryption. They can see the names of the domains you go to and the number of packets. You can determine a lot from such meta data and it is valuable. They likely sell this information (hopefully anonymized ) to advertisers and data brokers.
Note this is true of all ISPs and may be more or less applicable in India.
You can avoid ISP spying to an extent by using a vpn.
Doesnt DoH solve this?
Assuming you have it enabled and configured correctly, yes