Feeds

Netizens sue NebuAd, data pimping ISPs

More woe for American Phorm

Boost IT visibility and business value

Fifteen American netizens have sued behavioral ad targeter NebuAd and several of its data pimping ISP partners, alleging wiretapping, packet forgery, and browser hijacking.

Filed Monday in a California federal court, the class action accuses NebuAd and its partners of violating the US Electronic Communications Privacy Act, the US Computer Fraud and Abuse Act, California’s Invasion of Privacy Act, and California’s Computer Crime Law. And that's just a start.

Using deep packet inspection, NebuAd's ISP-level hardware tracks a web surfer's search and browsing activity and shuttles it to various advertising networks, where it's used to target ads. If you search for, say, French vacations, you'll soon see ads for French vacations.

By the late spring, NebuAd had deployed its hardware inside several mid-sized American ISPs. The Silicon Valley outfit claimed these partners explicitly notified customers before turning the system on, but this wasn't always this case. NebuAd did provide a cookie-based opt-out and claimed to anonymize all user data with a one-way hash, but the law may require an opt-in.

In mid-May, after weeks of press coverage, Congress publicly questioned the legality of ISP-level ad targeting, and lawmakers eventually asked all American ISPs to put their data pimping plans on hold. By August, NebuAd had downsized its workforce, and in September, after Congressman Ed Markey accused him "beating consumers," CEO Bob Dykes declined to go down with the ship.

Monday's lawsuit names NebuAd, its Fair Eagle subsidiary, and six ISPs: Bresnan Communications, Cable One, CenturyTel, Embarq, Knology, and WOW (formerly WideOpenWest).

"The collection of data by the NebuAd device was wholesale and all-encompassing," the suit reads. "Like a vacuum cleaner, everything passing through the pipe of the consumer's internet connection was sucked up, copied, and forwarded to the California processing center.

"Regardless of any representations to the contrary - all data - whether sensitive, financial, personal, private, complete with all identifying information, and all personally identifying information, was recorded and transmitted to the California NebuAd facility."

The suit goes on to question whether user data was actually anonymized and claims that even if it was anonymized, it was done so too late. "Any alleged anonymization of subscriber’s identity during any phases after the point of initial interception of the online communication," the suit continues, "did not 'anonymize' the intentional initial interception of online communication."

The complaint, which seeks class action status, also cites research from net crusader Robb Topolski in alleging packet forgery and browser hijacking. ®

Boost IT visibility and business value

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Speak your brains on SIGNAL-FREE mobile comms firm here
Is goTenna tech a goer? Time to grill CEO, CTO
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.