Feeds

Netizens sue NebuAd, data pimping ISPs

More woe for American Phorm

Providing a secure and efficient Helpdesk

Fifteen American netizens have sued behavioral ad targeter NebuAd and several of its data pimping ISP partners, alleging wiretapping, packet forgery, and browser hijacking.

Filed Monday in a California federal court, the class action accuses NebuAd and its partners of violating the US Electronic Communications Privacy Act, the US Computer Fraud and Abuse Act, California’s Invasion of Privacy Act, and California’s Computer Crime Law. And that's just a start.

Using deep packet inspection, NebuAd's ISP-level hardware tracks a web surfer's search and browsing activity and shuttles it to various advertising networks, where it's used to target ads. If you search for, say, French vacations, you'll soon see ads for French vacations.

By the late spring, NebuAd had deployed its hardware inside several mid-sized American ISPs. The Silicon Valley outfit claimed these partners explicitly notified customers before turning the system on, but this wasn't always this case. NebuAd did provide a cookie-based opt-out and claimed to anonymize all user data with a one-way hash, but the law may require an opt-in.

In mid-May, after weeks of press coverage, Congress publicly questioned the legality of ISP-level ad targeting, and lawmakers eventually asked all American ISPs to put their data pimping plans on hold. By August, NebuAd had downsized its workforce, and in September, after Congressman Ed Markey accused him "beating consumers," CEO Bob Dykes declined to go down with the ship.

Monday's lawsuit names NebuAd, its Fair Eagle subsidiary, and six ISPs: Bresnan Communications, Cable One, CenturyTel, Embarq, Knology, and WOW (formerly WideOpenWest).

"The collection of data by the NebuAd device was wholesale and all-encompassing," the suit reads. "Like a vacuum cleaner, everything passing through the pipe of the consumer's internet connection was sucked up, copied, and forwarded to the California processing center.

"Regardless of any representations to the contrary - all data - whether sensitive, financial, personal, private, complete with all identifying information, and all personally identifying information, was recorded and transmitted to the California NebuAd facility."

The suit goes on to question whether user data was actually anonymized and claims that even if it was anonymized, it was done so too late. "Any alleged anonymization of subscriber’s identity during any phases after the point of initial interception of the online communication," the suit continues, "did not 'anonymize' the intentional initial interception of online communication."

The complaint, which seeks class action status, also cites research from net crusader Robb Topolski in alleging packet forgery and browser hijacking. ®

New hybrid storage solutions

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Turnbull: NBN won't turn your town into Silicon Valley
'People have been brainwashed to believe that their world will be changed forever if they get FTTP'
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
ISPs' post-net-neutrality world is built on 'bribes' says Tim Berners-Lee
Father of the worldwide web is extremely peeved over pay-per-packet-type plans
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.