Article 43


Thursday, April 10, 2008

The Mother of All Privacy Battles


By Saul Hansell
NY Times
March 27, 2008

All of the outrage over privacy on the Internet is nothing compared to what may be coming. For years, Web companies have been trying to gather shreds of information about users in order to show them ads for things they are most likely to buy. These schemes have been accelerated over the last year, as the big Web companies like AOL, Microsoft and Yahoo have been trying to combine information they gather on their own sites WITH DATA about users gathered from networks that place ads on other sites.

In Thursday’s Times, Louise Story WRITES ABOUT A NEW YORK STATE LEGISLATOR who wants to regulate these systems. She also wrote a SIDEBAR ABOUT PHORM, a British company, that is taking a much more comprehensive approach to targeting ads to users by gathering data about everything they do on the Web from their Internet service providers. Phorm, already is WORKING WITH THREE INTERNET PROVIDORS BT, Carphone Warehouse and Virgin Media.

If this approach works, the approaches by AOL and the rest may well be rendered useless as a blindfolded spy by some new companies that want to TAP INTO THE RECORDS of Internet service providers. If they can track every single click users make, they will, in theory, have the best ability to find ads that can indulge each user’s passion of the moment.

In addition to Phorm, there are other companies trying to get into the same business including NEBUAD and FrontPorch. NebuAd’s chief executive, Robert Dykes, wrote an ARTICLE Thursday on the iMediaConnection site describing the coming world where more data is collected about users than ever before.

There will be a business fight here. These new companies want to use I.S.P.s to gather data about what users read and what they search for that Web sites and search engines believe that they own. If NebuAd can tell that you searched for cheap flights while on AOL, there is less reason to pay for a targeted ad from AOL’s network.

And, of course, there will be a huge battle over privacy too. In many ways Phorm, NebuAd and so on are actually doing what people thought DoubleClick and other online ad companies were trying to do. Phorm already spawned a chorus of outrage. The FOUNDATION FOR INTERNET POLICY RESEARCH published a LETTER to the British information commissioner arguing that Phorm violates privacy law. Phorm argues its system is legal and respectful of people’s privacy because it doesn’t store any personally identifiable information. What’s more, users can chose to opt out of the system entirely.

Separately, the Register, the British technology news service, REPORTED that BT tested the Phorm service last summer. But the company had denied any such tests last year, when it was confronted with technical evidence of the a link with Phorm, the Register wrote. BT told the site that it was conducting a very small technical test that didn’t violate the privacy of its users.

And in yet more related news, Sir Tim Berners-Lee, the pioneering developer of the World Wide Web, told the BBC he would switch Internet providers rather than have his usage monitored. He said:

I want to know if I look up a whole lot of books about some form of cancer that that’s not going to get to my insurance company and I’m going to find my insurance premium is going to go up by 5% because they’ve figured I’m looking at those books.

This is just the beginning of what is becoming a serious debate. There is a strong incentive for Internet providers to sell data for companies. Eventually, cellphone companies will start to face the same choice. If there is a G.P.S. unit in your phone, it will be able to keep track of what stores you visit, among many other things. How much would Honda pay to be able to send ads to people who’ve been in Toyota dealerships lately?

As they have with all the other behavioral targeting systems, proponents of these new I.S.P. monitoring services, argue that the worst that will happen is people see advertising that is related to their interests. Of course, it’s not so simple. There is a real risk that personal data could leak out of these systems, just like credit card numbers sometimes are revealed by online stores, by means of theft or accident.

More broadly, how comfortable are we in allowing private companies to snoop on us so long as they promise to forget all the juicy bits?



How Should ISPs Tell You if They Want to Track Your Surfing?

By Saul Hansell
NY Times
April 8, 2008

The term unavoidable noticeӔ has been bandied about by a group of Internet advertising executives recently as they explored whether to endorse proposals for Internet service providers to keep track of where their customers surfed and what they searched for.

One theory goes that such systems would be acceptable if customers were informed of the plan in a way that they were sure to see, with a clear way for users to choose not to have their activities recorded. (There are some who say that it is simply unacceptable for an ISP to record the content of its customers communications under any circumstances.)

One of the leading companies involved in this concept, Phorm, says it is developing a plan that would in fact force users to see an explanation of its program and give them an explicit choice about whether to participate. Since the company wonҒt start operations for a few weeks, the details, which are very important, havent been disclosed.

The other company, NebuAd, which started operation last fall, seems to be going out of its way to avoid being noticed by the users it monitors. It wonҒt disclose the Internet providers or advertising companies it is working with. And after THE WASHINGTON POST DISCOVERED two Internet providers it works with - EMBARQ and Wide Open West those companies have refused to answer any questions about their relationship with NebuAd.

It always struck me that one good test of an idea is whether the people behind it are willing to stand up in public and say exactly what they are doing and why. And that seems a particularly apt way to look at these companies, which claim that their seemingly invasive plans are in fact very sensitive to the privacy of Internet users.

Both NebuAd and Phorm understand this. Both have hired public relations consultants and reached out to privacy advocates. Indeed, as Iגve written, the chief executives of both Phorm and NebuAd reached out to me and spent a long time discussing their companies and how their systems worked.

Its early, but so far Phorm appears to be more committed to openness than NebuAd. It may have more of a hurdle to overcome to build trust. The company, under its previous name 121 Media, distributed software that displayed pop-up ads on usersҒ computers. Privacy groups, like the Center for Democracy and Technology, said the companys software was spyware because it wasnҒt disclosed properly when it was installed and was hard to remove.

Now that it has changed its business, Phorm says it is pursuing an open approach. It has published the names of the ISPs it is working with and some sites that will use its advertising system. It has hired Ernst & Young to audit its system. And it says it will allow others to examine the system as well.

Most significantly, Kent Ertugrul, Phorms chief executive, told me that it would not start monitoring users until after it pops a screen in front of their browsing to explain the system. He wouldnҒt say what the screen would look like. And the choice to opt out of the system, he said, might be on a second screen, not right next to the choice to opt in. Still, he promised that the opt-out will be more transparent than anything else,Ӕ referring to other ad targeting systems.

BT Broadband, one of the three British Internet providers that are working with Phorm, will in fact give users the choice to participate or not on the same screen, at least in its initial tests. Emma Sanderson, BTs director of value-added services, sent me this in an e-mail message describing how the disclosure will work:

The concept though is pretty straightforward҅. the webpage will appear when a customer starts browsing, there will be a description of the service and three buttons - Yes I want the service, No I dont want the service and I want more information (not these words exactly). If they request more information they will be taken to another page with more detail on it.

She said the company would start testing the service with 10,000 customers in coming weeks. It will be presented as a way to both reduce the number of irrelevant ads users see and also as an aid to online safety because Phorm also helps detect some fraudulent Web sites.

Ari Schwartz, the chief operating officer of the Center for Democracy and Technology, said that this approach may well be appropriate, depending on how easy it is for consumers to understand and how actions are interpreted. If someone closes the pop-up windowwithout making an explicit choice, he said, it should not be considered consent to have their actions monitored.

NebuAdҒs approach to disclosure, by any measure, is much further away from unavoidable notice.Ӕ Robert Dykes, NebuAds chief executive, told me the company would force I.S.P.Ғs that participate to notify their customers about the program. But this can be by e-mail, an insert in a billing statement or some other format where boilerplate that consumers dont read is placed. Of course, it requires that the companies also disclose the system in their privacy statements, another graveyard for unread legalese.

THE PRIVACY STATEMENT OF EMBARQ is particularly terse. It doesnҒt mention NebuAd. It does have a link to opt out of the system which goes to a Web site called FAIREAGLE, which is run by NebuAd. Wide Open West has a somewhat more articulate privacy statement. It gives a brief example of how the system may work. It names NebuAd and gives several links where consumers can get more information.

In what other way, if any, did these companies notify their customers? That is one of many questions I had for them that they refused even to consider answering. Peter Smith, the vice president of programming for Wide Open West, declined to comment and declined to say why he was declining to comment.

I then called David Burgstahler, a partner of Avista Capital, the private equity firm that owns Wide Open West. He wouldnt talk to me either. Amanda Heravi, an Avista spokeswoman, said she would see if she could find someone to talk to me, but I havenҒt heard back yet.

At Embarq, Debra Peterson, the company spokeswoman, e-mailed this statement, saying she would entertain no further questions:

Like other companies, we are evaluating behavioral marketing tools, but we have not decided whether to move forward with them. Our Privacy Policy anticipates and alerts customers to possible future use of these tools, and offers customers the opportunity to simply and quickly opt out. EMBARQ takes its customers privacy very seriously and we take every precaution to ensure information about our customers remains secure and anonymous.

Embarq by the way is the big local phone company unit spun off from Sprint that is publicly traded.

In my conversation with Mr. Dykes, I asked several times why he wouldnҒt name the Internet providers he works with. He said, It is inappropriate for a vendor to talk about its customers.Ӕ

I asked him why users should feel comfortable being involved with a system when the companies using it are afraid to stand up in public and discuss it. I also suggested that customers may want to know in advance whether Internet providers they may choose to do business with will sell information about their browsing to ad targeting firms. He said there is no need to disclose that in advance, particularly because NebuAd allows people to go to its site and request a cookieon their computers that will indicate they dont want to participate in its tracking program on any Internet provider.

ғIf someone thinks this is really important, they should simply opt-out, Mr. Dykes said.

ItԒs not clear to me that these are the policies that will build the trust level that Mr. Dykes says he needs in order to convince the large Internet providers to sign up for his service.




Posted by Elvis on 04/10/08 •
Section Privacy And Rights • Section Broadband Privacy
View (0) comment(s) or add a new one
Printable viewLink to this article
Page 1 of 1 pages


Total page hits 9707121
Page rendered in 1.4004 seconds
42 queries executed
Debug mode is off
Total Entries: 3222
Total Comments: 337
Most Recent Entry: 05/04/2020 08:41 am
Most Recent Comment on: 01/02/2016 09:13 pm
Total Logged in members: 0
Total guests: 7
Total anonymous users: 0
The most visitors ever was 172 on 12/25/2019 07:40 am

Email Us


Login | Register
Resumes | Members

In memory of the layed off workers of AT&T

Today's Diversion

He who sacrifices liberty for safety winds up with neither. - Anonymous


Advanced Search



June 2020
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

Must Read

Most recent entries

RSS Feeds

Today's News

ARS Technica

External Links

Elvis Picks

BLS Pages


All Posts



Creative Commons License

Support Bloggers' Rights