Blog Post

Internet Watchdogs Attack NebuAd

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Two non-profit organizations, Free Press and Public Knowledge, have ridden down the data trail of ad insertion technology provided by NebuAd and declared that it violates “several fundamental expectations of Internet privacy, security and standards-based interoperability.” In a report published today, the two compare NebuAd to malware and accuse it of Internet wiretapping.

NebuAd provides a deep-packet inspection appliance that sits on the network of an ISP. The appliance tracks information about the type of sites a user visits and serves up ads against that information. The company got a lot of attention after Charter Communications signed a deal to test the technology.

One of the biggest issues with the technology highlighted in the report include a consumer’s inability to truly opt out of having his Internet communications intercepted. In an interview with NebuAd CEO Bob Sykes in May, he told me all ISPs have to provide opt-out information to consumers, and defended the legality of the product on those grounds.

However, the investigation shows that even if a consumer opts out, they can only opt out of seeing an ad, not out of having their Internet usage tracked. Furthermore, the decision is tracked by a cookie installed in the browser software, which many users delete and is rendered ineffective if the user changes computers or browsers anyway. In response to the report, NebuAd issued the following statement:

“We are disappointed with the misleading characterization of NebuAd in the Free Press and Knowledge Review report issued today. Specifically, we take issue with the inaccurate statements made in reference to NebuAd’s consumer privacy standards and apparent disregard for the controls and policies we have in place to inform and protect internet subscribers. Transparency and consumer privacy protection are core to our business. Reasonable review of materials that have been made available online would have educated the organization that NebuAd requires its ISP partners to provide robust notice to their subscribers prior to deployment of the service.”

In general, the technology may be irritating much in the same way ISPs using forced redirects after a user types in a web site incorrectly is irritating, but it’s not illegal. Congress has threatened to get involved, but I doubt that much will be done any time soon (especially in an election year) to protect consumers from this type of scheme. With ISPs resorting to metered pricing or traffic throttling in a supposed effort to protect their video business, and inserting themselves between consumers and their choice of web sites in an effort to snag ad revenue, you’d think they believe they have a monopoly and can do whatever the hell they want. Oh, wait.

17 Responses to “Internet Watchdogs Attack NebuAd”

  1. So let’s see here… so why aren’t you writing about direct marketers and all the personal information they have about you like your physical home address, phone number, household income etc. etc. None of which technologies like Nebuad have nor will have. They don’t even know your IP address let alone physical home address or phone number.

    You are severely paranoid for all the wrong reasons.

  2. Actually I think that it’s the same war. ISPs are just trying to get the money back from Google using the exactly same method.

    A solution protect your privacy against any data-profiling (search engine or ISP) is to pollute the recorded data.

    Two FF extensions generate fake queries on search engines to pollute the collected data (at search engine level, but it also pollute ISP data): SquiggleSR ( TrackMeNot( Notice that the former also clicks on non-sponsored results so it may simulate realistic browsing activity.

  3. Stacey Higginbotham

    Hines, you bring up a good point about search engines seeing and storing search data. That’s a different battle in the same online privacy war.

  4. Who will look into how Google, Yahoo, and Microsoft search engines track us? I guess since they say they’re not evil they must not be. Or maybe we all prefer to demonize everyone else instead of giving equal review to all major providers.

  5. Herman Manfred

    So now a NEW product comes along – a proxy server at a single location that your browser/PC =always= uses to surf – all HTTP requests automagically convert to a form like “http:///” (that better not work for real!) and NebuAd thinks you really REALLY like the site “”…

  6. duncan

    You all throw around some very strong opinions for being as uneducated about the issues as you are. You take the words of extreme organizations like the Free Press are for their word and cry “big brother”. Get your facts straight before you cast stones and cry woe is me.

  7. rajkumar

    Even though it far fetched it is necessary to have encrypted communication between end users and destination servers in all internet usage.packet sniffing is not new either robbery.both requires to be guarded against vigilantly.