Feeds

NebuAd makes meal of opt-out cookie

Whither the opt-in?

The smart choice: opportunity from uncertainty

As it prepares for a Congressional pow-wow on the "Privacy Implications of Online Advertising," behavioral ad targeter NebuAd has vowed to eat its infamous opt-out cookie.

"NebuAd is...developing a network-based opt-out mechanism that is not reliant on web browser cookies," reads a company press release. "Leveraging this advanced technology, ISP partners can offer this to their subscribers in order to honor their opt-out choices in a more persistent manner than current systems widely used today."

In Phorm-like fashion, NebuAd tracks the online activity of net surfers from inside ISPs, before shuttling this data to various online advertising networks. The technology does not require an opt-in, and at the moment, the opt-out mechanism is rather crumbly.

If you opt-out, NebuAd places a cookie on your system so it knows you've opted out. And if that cookie disappears, you're no longer opted-out. Among other things, this makes life ridiculously difficult for those privacy-minded folk who regularly rid their machines of browser cookies.

It's nice to know that NebuAd plans to eat its opt-out cookie. But this solves only half a problem. There should also be an opt-in.

US Congressmen Ed Markey, chairman of the House Subcommittee on Telecommunications and the Internet, and Joe Barton, a ranking member of the House Committee on Energy and Commerce, say that if ad targeters like NebuAd don't move to an opt-in model, they could violate Section 631 of the US Communications Act.

"Any service to which a subscriber does not affirmatively subscribe and that can result in the collection of information about the web-related habits and interests of a subscriber, and achieves any of these results without the 'prior written consent of the subscriber,' raises substantial questions related to Section 631," the Congressmen say.

Markey has urged American ISPs to freeze their behavioral ad systems while Congress looks into the matter. And many have obeyed.

Meanwhile, the Center for Democracy and Technology (CDT) has unveiled a new report (PDF) that questions whether an opt-in-less NebuAd skirts federal wiretapping regulations laid down by he Electronic Communications Privacy Act (ECPA) of 1986 and the Cable TV Privacy Act of 1984.

"We believe [NebuAd] may run afoul of current laws, which prohibit copying or use of the internet communications without the consent of the subscriber," CDT vice president of public policy Jim Dempsey tells us. "We believe that in this case, consent means prior express opt-in consent."

It's worth noting, however, that these federal statutes were enshrined before the internet changed the universe. They may or may not apply to newfangled privacy invasions like Phorm and NebuAd.

"I'm not so easily convinced the wiretapping laws come into play here. The purpose and techniques of true wiretapping are really very different from tracking someone on the internet," says Jonathan Kramer, a telecoms-savvy attorney with the Kramer Telecom Law Firm. "These laws are like rubber bands. You can stretch them to new technologies - but they may pop right back at you."

Congress will tug a few rubber bands this very morning, when the Senate Committee on Science, Commerce, and Transportation meets to discuss Phorm and the Phormettes. NebuAd CEO Bob Dykes will be on hand to defend the Silicon Valley startup, which likes to call itself "an online media company that provides state-of-the-art online privacy protection for consumers."

He may be fighting for the company's life. With an opt-in in place, a NebuAd has little hope of corralling the web surfers it needs to make its ad-happy technologies commercially viable. Heck, if an opt-in is required, most ISPs won't even sign the contract. They're more than willing to pimp your data, but not without an ample return. ®

Bootnote

Like Charter Communications, CenturyTel, Bresnan Communications, Embarq, and others, Midwestern ISP WOW! has suspended its use of NebuAd amidst those Congressional conversations. And other ISPs have frozen their use of Front Porch, another behavioral ad targeter. Unlike NebuAd, Front Porch says its system is opt-in only. But it's unclear whether the company has used an opt-out model in the past.

Eight steps to building an HP BladeSystem

More from The Register

next story
Major problems beset UK ISP filth filters: But it's OK, nobody uses them
It's almost as though pr0n was actually rather popular
Microsoft unsheathes cheap Android-killer: Behold, the Lumia 530
Say it with us: I'm King of the Landfill-ill-ill-ill
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
All those new '5G standards'? Here's the science they rely on
Radio professor tells us how wireless will get faster in the real world
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
Oh girl, you jus' didn't: Level 3 slaps Verizon in Netflix throttle blowup
Just hook us up to more 10Gbps ports, backbone biz yells in tit-for-tat spat
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.