Beware of prying eyes: ISP-based Behavioral Targeting

Congress has called on a few major internet players to answer to privacy concerns. The "get together" includes: Microsoft, Google, Facebook and....a little known company called NebuAd.

NebuAd came to the public's attention when it Charter Communications, the 4th largest ISP in the US, announced they were testing out the company's technology. Said technology "snoops" on a user's visits to various websites to "help web advertisers deliver targeted ads".

NebuAd had previously tested its technology with another smaller ISP, WOW. Free Press and Public Knowledge reported back in June that when a WOW subscriber visited Yahoo or Google, part of the page returned by Google to the user was modified midway to embed javascript that placed cookies on the user's browser to help track where the user visited. These cookies reported back to a domain owner by NebuAd - faireagle.com. This allows partner web sites to deliver targeted advertising based on the information collected on the user's browser.

From an advertising point of view - this is huge. If other ISPs adopt this technology then it would be the single golden source of information of the surfing patterrns of nearly every internet user in the US, no matter where the web site they visit since NebuAd's technology allows intercepting your traffic at the point of origin, your ISP.

The technology gives rise to concerns that someone is listening to your communications in order to serve more targetted ads. Some compare this to AT&T eavesdropping to your phone conversations during the entire day in order to sell you a product during dinner time.

Robert Topolski, a technology consultant to Public Knowledge and Free Press compares this to "AT&T listening to your phonecalls all day in order tofigure out what to sell you in the middle of dinner.

Earlier this month the Washington Post reported NebuAd had put on hold its plans to widely deploy its online advertising technology while Congress reviews privacy concerns. At issue is whether ISPs should be expected to make such programs "opt-in" or if "opt-out" is acceptable.

Reported on MSNBC

No comments: