Feeds

NebuAd makes meal of opt-out cookie

Whither the opt-in?

Top 5 reasons to deploy VMware with Tegile

As it prepares for a Congressional pow-wow on the "Privacy Implications of Online Advertising," behavioral ad targeter NebuAd has vowed to eat its infamous opt-out cookie.

"NebuAd is...developing a network-based opt-out mechanism that is not reliant on web browser cookies," reads a company press release. "Leveraging this advanced technology, ISP partners can offer this to their subscribers in order to honor their opt-out choices in a more persistent manner than current systems widely used today."

In Phorm-like fashion, NebuAd tracks the online activity of net surfers from inside ISPs, before shuttling this data to various online advertising networks. The technology does not require an opt-in, and at the moment, the opt-out mechanism is rather crumbly.

If you opt-out, NebuAd places a cookie on your system so it knows you've opted out. And if that cookie disappears, you're no longer opted-out. Among other things, this makes life ridiculously difficult for those privacy-minded folk who regularly rid their machines of browser cookies.

It's nice to know that NebuAd plans to eat its opt-out cookie. But this solves only half a problem. There should also be an opt-in.

US Congressmen Ed Markey, chairman of the House Subcommittee on Telecommunications and the Internet, and Joe Barton, a ranking member of the House Committee on Energy and Commerce, say that if ad targeters like NebuAd don't move to an opt-in model, they could violate Section 631 of the US Communications Act.

"Any service to which a subscriber does not affirmatively subscribe and that can result in the collection of information about the web-related habits and interests of a subscriber, and achieves any of these results without the 'prior written consent of the subscriber,' raises substantial questions related to Section 631," the Congressmen say.

Markey has urged American ISPs to freeze their behavioral ad systems while Congress looks into the matter. And many have obeyed.

Meanwhile, the Center for Democracy and Technology (CDT) has unveiled a new report (PDF) that questions whether an opt-in-less NebuAd skirts federal wiretapping regulations laid down by he Electronic Communications Privacy Act (ECPA) of 1986 and the Cable TV Privacy Act of 1984.

"We believe [NebuAd] may run afoul of current laws, which prohibit copying or use of the internet communications without the consent of the subscriber," CDT vice president of public policy Jim Dempsey tells us. "We believe that in this case, consent means prior express opt-in consent."

It's worth noting, however, that these federal statutes were enshrined before the internet changed the universe. They may or may not apply to newfangled privacy invasions like Phorm and NebuAd.

"I'm not so easily convinced the wiretapping laws come into play here. The purpose and techniques of true wiretapping are really very different from tracking someone on the internet," says Jonathan Kramer, a telecoms-savvy attorney with the Kramer Telecom Law Firm. "These laws are like rubber bands. You can stretch them to new technologies - but they may pop right back at you."

Congress will tug a few rubber bands this very morning, when the Senate Committee on Science, Commerce, and Transportation meets to discuss Phorm and the Phormettes. NebuAd CEO Bob Dykes will be on hand to defend the Silicon Valley startup, which likes to call itself "an online media company that provides state-of-the-art online privacy protection for consumers."

He may be fighting for the company's life. With an opt-in in place, a NebuAd has little hope of corralling the web surfers it needs to make its ad-happy technologies commercially viable. Heck, if an opt-in is required, most ISPs won't even sign the contract. They're more than willing to pimp your data, but not without an ample return. ®

Bootnote

Like Charter Communications, CenturyTel, Bresnan Communications, Embarq, and others, Midwestern ISP WOW! has suspended its use of NebuAd amidst those Congressional conversations. And other ISPs have frozen their use of Front Porch, another behavioral ad targeter. Unlike NebuAd, Front Porch says its system is opt-in only. But it's unclear whether the company has used an opt-out model in the past.

Choosing a cloud hosting partner with confidence

More from The Register

next story
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
HBO shocks US pay TV world: We're down with OTT. Netflix says, 'Gee'
This affects every broadcaster, every cable guy
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.