Two non-profit organizations, Free Press and Public Knowledge, have ridden down the data trail of ad insertion technology provided by NebuAd and declared that it violates “several fundamental expectations of Internet privacy, security and standards-based interoperability.” In a report published today, the two compare NebuAd to malware and accuse it of Internet wiretapping.
NebuAd provides a deep-packet inspection appliance that sits on the network of an ISP. The appliance tracks information about the type of sites a user visits and serves up ads against that information. The company got a lot of attention after Charter Communications signed a deal to test the technology.
One of the biggest issues with the technology highlighted in the report include a consumer’s inability to truly opt out of having his Internet communications intercepted. In an interview with NebuAd CEO Bob Sykes in May, he told me all ISPs have to provide opt-out information to consumers, and defended the legality of the product on those grounds.
However, the investigation shows that even if a consumer opts out, they can only opt out of seeing an ad, not out of having their Internet usage tracked. Furthermore, the decision is tracked by a cookie installed in the browser software, which many users delete and is rendered ineffective if the user changes computers or browsers anyway. In response to the report, NebuAd issued the following statement:
“We are disappointed with the misleading characterization of NebuAd in the Free Press and Knowledge Review report issued today. Specifically, we take issue with the inaccurate statements made in reference to NebuAd’s consumer privacy standards and apparent disregard for the controls and policies we have in place to inform and protect internet subscribers. Transparency and consumer privacy protection are core to our business. Reasonable review of materials that have been made available online would have educated the organization that NebuAd requires its ISP partners to provide robust notice to their subscribers prior to deployment of the service.”
In general, the technology may be irritating much in the same way ISPs using forced redirects after a user types in a web site incorrectly is irritating, but it’s not illegal. Congress has threatened to get involved, but I doubt that much will be done any time soon (especially in an election year) to protect consumers from this type of scheme. With ISPs resorting to metered pricing or traffic throttling in a supposed effort to protect their video business, and inserting themselves between consumers and their choice of web sites in an effort to snag ad revenue, you’d think they believe they have a monopoly and can do whatever the hell they want. Oh, wait.