backtop

Print E-mail del.icio.us 33 comment(s) - last by ultra laser.. on Apr 9 at 2:51 PM
Providers testing ways to use the goldmine of data locked away in their tubes

ISPs throughout the United States and UK are using deep packet inspection to track surfers’ online activities – search queries, web sites visited, and information entered, among other things – in order to sell gleamed data to advertisers interested in better targeting their advertisements.

The practice, largely swept under the rug “for fear of [a] customer revolt,” says one unnamed executive, currently targets about 10 percent of all internet customers in the United States. Front Porch, a U.S. advertiser that buys data from ISPs’ deep packet programs, says that it has detailed web-use data for more than 100,000 customers.

None of the advertising firms involved would name whom they are buying data from, instead telling the Washington Post that “it’s up to the providers to announce how they deal with customer data.”

A number of ISPs, however, have already altered their customer service agreements: Embarq, the fourth largest provider of data services in the United States, calls it a “preference advertising service,” and providers Wide Open West and Knology have openly disclosed the fact that they are working with advertising firm NebuAd.

Proponents of deep packet inspection claim that it’s a win for everyone involved: customers see more ads that are relevant, ISPs make money, site owners see better returns, and advertisers catch better data.

ISPs claim to remove customers’ personal data, with significant effort taken to strip surfing histories of anything that could identify an individual user. “I don’t view it as violating any privacy at all,” says Knology marketing VP Anthony Palermo, “My understanding is that all these companies go through great pains to hash out information that is specific to the consumer.”

NebuAd says that it protects users’ data in two ways: by identifying customers with an arbitrary number untraceable to their original IP address – a technique that Lilburn, Georgia resident Thelma Arnold, also known as AOL Searcher No. 4417749, could easily disprove – and by filtering out all data that relates to sensitive activities, such as e-mail and visits to banking, health, or pornography sites.

Bob Dykes, chief executive of NebuAd, says that in some ways its method of protecting consumer data is even better than that of Google, which stores search logs by easily-traceable IP addresses and parses Gmail accounts for advertising information.

Privacy advocates are not satisfied, however, by ISPs’ efforts to empower customers with control over their data: an easily-lost browser cookie tracks users that opt out, meaning they could be back in the system if they clear their browser cache or switch to another computer. Further, text acknowledging the advertising partnership is buried deep within service agreements: Knology customers have to search through 27 pages of legalese in order to find one “vague reference” to the company’s tracking system.

Many ISPs have a long and storied history with deep packet inspection, as it is an effective means of monitoring and controlling customer activity: Comcast’s BitTorrent controversy, recently resolved, uses deep packet inspection hardware from Sandvine to prevent users from contributing to the BitTorrent swarm after they’ve finished downloading, and Canadian ISP Rogers uses similar technology to inject subscriber notices into surfers’ web pages.

Web surfers east of the Atlantic recently found themselves in the middle of a similar, secret arrangement between UK ISP BT and advertising company Phorm, after a handful of intrepid users noticed “dodgy redirects” in their internet service. An online petition against the arrangement, hosted by the British government, has so far gathered over 10,600 signatures.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
legality?
By Gul Westfale on 4/8/2008 2:30:04 AM , Rating: 2
i'm wondering how legal this is... companies spying on their customers. and this is spying. a total invasion of privacy. here is a recent article from the BBC, about "phorm"
http://news.bbc.co.uk/2/hi/technology/7301379.stm

i can only hope that our lawmakers try to rein them in, instead of accepting "campaign contributions" from the telecoms to turn a blind eye to this.




RE: legality?
By BarkHumbug on 4/8/2008 3:51:48 AM , Rating: 3
Exactly, I guess the quotes:
quote:
for fear of [a] customer revolt

and
quote:
it’s up to the providers to announce how they deal with customer data.

says it all, they know it's a deal too good to be true but who thought the costumer would find out/can say no to cash?


RE: legality?
By TomCorelis (blog) on 4/8/2008 4:19:34 AM , Rating: 2
Well, now that the cat's prematurely out of the bag, I wouldn't be surprised if I find myself writing stories about how some of the internet companies are suddenly changing course.

One can hope...


RE: legality?
By erikejw on 4/8/2008 9:06:38 AM , Rating: 2
"Many ISPs have a long and storied history with deep packet inspection, as it is an effective means of monitoring and controlling customer activity"

Wow, imagine if phone companies did the same. Stored all calls
and controlled customer activity.
Just cause you can do it doesn't mean you should.

If it is so beneficial to the customers as they claim why not be upfront about it and put it on the pages where we order broadband connection.


RE: legality?
By erikejw on 4/8/2008 9:12:21 AM , Rating: 2
I'd like to see a site that writes about what policies and how the broadband companies act.
It should contain a black list of companies who does not abide
to some criterias we as users want.

They will stay on that black list for a year after they changed policies to right side of the fence.

If they knew the black list existed and was easily found by those who ordered broadband they would think twice before they pulled stunts like that in the future.

The bottom line is all the interests them.

Maybe dailytech should start something like that. Might draw lots of trafic from nonregulars if the word got around.


RE: legality?
By darkpaw on 4/8/2008 10:43:03 AM , Rating: 5
Sounds like a good idea, too bad most people only have a choice of 1 or at most 2 ISPs. That's the problem with a lack of competition, the companies can do anything they want and all we can do is say thank you, can we have some more?


RE: legality?
By xxsk8er101xx on 4/8/2008 2:41:49 PM , Rating: 5
"Proponents of deep packet inspection claim that it’s a win for everyone involved: customers see more ads that are relevant, ISPs make money, site owners see better returns, and advertisers catch better data."

What I don't understand is what makes them think we want Ads to begin with?


RE: legality?
By BarkHumbug on 4/9/2008 4:36:08 AM , Rating: 2
quote:
what makes them think we want Ads to begin with?

I hear you brother, I hear you...

(+1 from me, but I've already posted)


RE: legality?
By MrDiSante on 4/8/2008 6:41:57 PM , Rating: 3
quote:
One can hope...

One can also do one's best to act. Making this news available to the public is the first step - the next is making sure that there's a wide group of people who know about it. Digg the hell out of this one: http://digg.com/world_news/U_S_UK_ISPs_Track_Web_H...


RE: legality?
By desertvet on 4/8/2008 7:36:18 AM , Rating: 4
If someone has a phone conversation with another individual, I would consider that a private conversation. However, if two people are on the street having a conversation, I would say they are in the public’s eye. I believe the internet is no different. It’s about the same as a department store’s security camera’s analyzing the make-up of their market (i.e. sex, race, approximate age). While you and I may agree that we don’t like ISP’s tracking and selling our movements on the information super highway, I don’t see any way of preventing it from occurring.


RE: legality?
By Proteusza on 4/8/2008 7:50:06 AM , Rating: 3
Considering how TCP works, I'd say the internet is more like a private conversation between two people. Just because you communicate with a publicly accessible server most of the time, doesnt mean private companies should be able to intercept that for their own gain.

Besides which, if two people are having a discussion in a public place, its still considered rude to eavesdrop.


RE: legality?
By AlexWade on 4/8/2008 8:50:48 AM , Rating: 2
The only difference between this and spyware is where the software is located. Spyware is on your computer; this is on the ISP. If spyware is wrong (and it is), then this wrong.

Where does it end? Advertisers are always looking to get more and more intrusive all the while wondering why people are looking to dodge them. What advertisers don't get is that we are inundated with ads and thus tuned them out. If you want us to pay attention, use less. Their answer is to use more. Their answer is sensory overload, which doesn't work.

What is next? Lexus using GPS to sell my "anonymous" driving habits? T-Mobile selling "anonymous" location statistics? Visa selling my "anonymous" buying data? Or worse: telephone companies install voice monitoring programs to sell conversation data. What is next?

I'm glad I don't have Embarq. It doesn't surprise me though about Embarq. Embarq was a separation of of Sprint. Sprint became wireless and took all the patents, Embarq became local telco. It doesn't surprise me because Embarq is a telco and thus a deprecated dinosaur. VoIP is the future, Embarq's days are numbered. But, if they can make more money, they can delay reality. Embarq's claims their DSL price is fixed for all eternity, well if you make money from advertisers I guess you can keep the price the same despite inflation.


RE: legality?
By eye smite on 4/8/08, Rating: 0
RE: legality?
By HighWing on 4/8/2008 1:37:18 PM , Rating: 3
quote:
and this is spying. a total invasion of privacy


While I'm not going to totally disagree with you, I have to wonder, how is this practice really any different then using your computer and work e-mail? I work in tech support for a company and recently re-wrote our companies computer policies. The ones I'm specifically targeting are what is usually the same at any company. That is that your work e-mail is NOT private, and any data going over your companies network is to not be considered private. So basically at any work place your tech support people can and DO check your e-mails and monitor net traffic to make sure your not browsing youtube too long or at all and other things of that nature.
With that in mind, why is it so surprising that the very companies we use to connect our networks to other networks, do the same things on their networks that we would do internally on our own?


RE: legality?
By eye smite on 4/8/2008 8:20:37 PM , Rating: 3
Oh, this all goes back to ethics, which is an antiquated word not used in the USA anymore. Criminals of the executive world, enjoy your exploitation.


RE: legality?
By MrPoletski on 4/8/2008 11:28:22 PM , Rating: 2
I can see the compromise being an official and clear 'opt out' option for you ISP account. Unfortunately the lost revenue from ad sales by the ISP will be passed on to you, the consumer, in the form of higher ISP pricing.<p>

I'm suprised we havent seen free internet access (but maybe a one off installation fee) but mandatory adverts in the top 10% of every explorer window (is it called AOL?;) That way anyone can have internet no matter how poor they are. They just need a phone line.


For more information
By Proteusza on 4/8/2008 5:00:20 AM , Rating: 2
Go here: http://www.theregister.co.uk/2008/02/29/phorm_roun...

Phorm is the company in the UK that is developing the system that will track browsers habits. Their clients include BT, who illegally did a trial last year without customers consent and when they found out, told them they had spyware. As it turns out, thats not far from the truth, problem is that it was spyware provided by BT.

All of here in the UK are pretty outraged at this, so we've done the usual - call MPs, set up 10000 strong petitions, and contact various government agencies, and moan at BT and Phorm, but of course nothing is done. A government privacy watchdog, FIPR, called it illegal, because it requires the consent of both the website and the end user, but their advice was ignored by the ICO (Information Commissioner's Office I think).

Phorm says it will lead to less advertisements for web surfers, but I fail to see why any website would reduce its ads, even if they were more relevant, because of this. Adblock Plus FTW! They also say it doesnt violate privacy because user data is digested, not stored, but the fact of the matter is that packets are still inspected, which should be private "conversations". Imagine if someone listened in on your phone calls but only wrote down a summary - is that not still a violation of your privacy?

I'm surprised something like this isnt a bigger deal in the US - Phorm is the first such thing I've heard of, and there is heavy opposition to it, and if we are lucky it will be declared illegal altogether.




RE: For more information
By derwin on 4/8/2008 6:29:15 AM , Rating: 3
In all honesty, here in the US we just don't care anymore.
Yeah, there are still a few who whine and moan about this and that, but god's honest truth, we really couldn't care less about anything anymore here. We have our HD TVs, our superfast internet, our porn, who knows why really, but needless to say, we just don't care about just about anything anymore. I am more surprised by the fact that you thought we would care over here than by the fact that we don't - much more surprised.

The only time this stuff is a big deal is when it will sell ad time on the evening news. In which case somebody somewhere in government (nobody knows where really, because they just make up commisions and panels and jesus, probably regulatory agencies) will "lead the charge," and once somebody in government has stepped up to "take care of the problem," it will disappear entierly from our view and concern, at which point nothing will really be done about it, as that costs too much in sooo many ways, and once the people don't care again, it doesn't really matter anyway. It would probably be more of a hassle to actually do something anyway, because then some other people might disagree with that, and this new fix will end up on the news, and we will have to start this whole process over again.


RE: For more information
By Proteusza on 4/8/2008 7:11:48 AM , Rating: 1
Well, given the recent fuss with your telecoms companies providing the Bush "administration" with warrantless wiretapping, I thought privacy and interception would still be seen as important.

I think us in the UK are worried because, where does it end? Its an intrusion of privacy in order to facilitate advertising. I hate both adverts more than I hate intrusions on my privacy, but I still hate it. Next our phonecalls will be monitored and adverts inserted into phonecalls. Or maybe more adverts will be used on websites in the hopes of extra revenue. Or perhaps some script kiddie will hack the system and divert all of the traffic to his server, harvesting credit card details galore.

Its a steep slope.