ATM for ISPs or Spy in a Box?

Security and privacy concerns
The big questions surrounding this company and others in the targeted advertising space concern security. What data is collected, how secure is it, and is collecting this or any data ethical or legal? These and other questions have many concerned.

Dykes says that NebuAd does not map user's raw data, rather it "translates the user into a one-way hash number so we can see that user over and over again anonymously. With the one-way hash we only map the fact that you qualify for an information category. By mapping in this way, we really address the privacy concerns."

He adds the company does not run any advertising of a sexual nature and doesn't capture or track this type of information.

NebuAd also requires ISPs to inform their customers that their browsing activities are being monitored and that targeted ads will be sent to them. Users have the ability to opt in or opt out of the service.

Mangum says that at the request of NebuAd, they are giving all of their customers the chance to decide for themselves if they want to take part in the program. "We are constantly looking at ways to grow our business and our revenue, but we don't want to do that at the expense of customer privacy because in the long run that will backfire. What we liked about NebuAd is that they seemed so concerned about privacy."

But many believe that even these efforts are not near enough to protect the consumer. Jeff Chester, executive director for the Center for Digital Democracy calls NebuAd "completely hypocritical."

In his words, "They say they are privacy sensitive, but in essence they have made deals with ISPs to turn on the tap to get a flood of consumer data for targeting purposes. It is kind of a private, mini version of the National Security Agency. ISPs should be very cautious about working closely with, and providing user data to, any marketer or government in absence of a warrant."

While noting that he is not entirely familiar with NebuAd's business plan, Ray Mueller, a small ISP in the Los Angeles area, said the whole idea of tracking users should be viewed with extreme caution by any ISP. "This is not a new idea. It has been done before and is being done by many other companies. Personally, I think it is stupid. It may even be one of the dumbest plans I have every heard."

What did you know and when did you know it?
Responding to the defense that the user is identified only by an 'hash number' so browsing habits are anonymous, Chester counters that "the hash number is linked to an individual and an individual computer. If you read [NebuAd's] documents, it is clear it is individually targeted."

He explains that in today's high tech society, if someone can track your computer, know who you communicate with, and what websites you visit, whether this is via a hash number or a cookie, they can find out who you are."

Chester does concede that if the consumer agrees to allow browsing information to be collected, then targeted advertising would be acceptable. However, he adds that the consumer should be rewarded and share in the revenue.

Both Chester and Mueller agree that by allowing NebuAd to place a tracking appliance in the ISP's network, the ISP becomes the gate-keeper who is responsible for obtaining consumer approval to track browsing.

"The ISP is the one who will be sued if the collected data is misused," claims Mueller. "I would be very, very cautious about putting myself and my company in that position, especially since I have no control over what NebuAd does with the data they are gathering."

NebuAd is "not privacy respectful," declares Chester. In his view, "it's the same old kind of data collection system with a clever P.R. facade. … I think it is a very dangerous business. An ISP turning over data to a marketer is like a private wire tap system. One should not even consider this sort of thing. It's a bad strategy for the ISP."

Dykes claims that NebuAd adds value for both the service provider and the website owners without losing sight of the privacy issue. "Because of where we are placing our appliance, we had to structure [NebuAd] from the ground up with a focus on privacy," he claims.

— End

< Back to page one