Behavioral Targeting May Be Illegal

from the smells-like-wiretapping dept

A bunch of ISPs have been experimenting with systems such as Phorm and NebuAd that monitor their users' online behavior and create profiles that help third parties create more targeted advertisements. Back in March we noted that behavioral advertising may be illegal under UK law. And last week we reported that Congress was asking some tough questions about the plans. CNet's Declan Declan McCullagh has an in-depth look at American law, and concludes that such systems are probably illegal here too. The problem is that what Phorm and NebuAd do sounds a lot like wiretapping, and wiretapping is illegal under several federal laws. At least three federal laws govern when electronic communications providers can disclose their customers' communications to third parties. One of the key questions Declan looks at is consent: the law generally allows eavesdropping with customer consent, but the exact nature of the consent isn't clear. ISPs have tended to be very secretive about their use of these systems, so at the very least, privacy laws would require that ISPs disclose what they're doing and give consumers a way to opt out. But Declan suggests that this might not be sufficient. Some of the legal experts he talked to think the law would require the ISPs to obtain the affirmative consent of customers before commencing the use of these programs. Since it's hard to imagine customers being enthusiastic about having their ISPs eavesdrop on them, such a requirement might make these programs non-starters.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: behavioral targeting, clickstream data, privacy, wiretapping
Companies: nebuad, phorm


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 22 May 2008 @ 10:00am

    "Since it's hard to imagine customers being enthusiastic about having their ISPs eavesdrop on them, such a requirement might make these programs non-starters."

    Unless the ISP wants to cut me a break on my monthly bill. If it's a substantial rate cut, I'd jump all over it (and start tunneling most my traffic through a secure proxy, most likely).

    link to this | view in chronology ]

  • identicon
    suckerpunch-tm, 22 May 2008 @ 10:12am

    "ISPs have tended to be very secretive about their use of these systems, so at the very least, privacy laws would require that ISPs disclose what they're doing and give consumers a way to opt out." It should't be a matter of having to opt OUT, it should be a program for people who want to opt IN. F@%k that.

    link to this | view in chronology ]

    • identicon
      Jake, 22 May 2008 @ 3:36pm

      Re:

      Doesn't personal responsibility come into this? Yes, the opt-out should be reasonably simple to perform and the ISP has to be transparent about what they're doing, but as far as I'm concerned anyone too lazy and/or ignorant to take a little bit of control over their own privacy has no right to complain that nobody else is willing to do it for them.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 May 2008 @ 6:19pm

        Re: Re:

        I do not think you are aware of the method being employed here. It is entirely possible that even if you do opt out, your click history is still recorded.

        I would change ISPs

        link to this | view in chronology ]

      • identicon
        John Wilson, 23 May 2008 @ 7:39am

        Re: Re:

        I don't know about the United States but here in Canada it's not considered consent to offer, in small print (or any kind of print) an opt-out of these things and pretend it's informed consent.

        The customer has to be given the opportunity to opt-in after the "service" is fully explained to them.

        That said, I doubt many people would opt-in which is why ISPs tend to want to wait till they get caught with their collective pants down. By then, of course, in terms of privacy it's too late.

        ttfn

        John

        link to this | view in chronology ]

  • identicon
    Nate, 22 May 2008 @ 11:10am

    They better make this go away. I don't want some 3rd party group monitoring my activities online. They are getting free consumer data that they should have to pay to learn. I will gladly opt in if I recieve compensation for the knowledge they gain. Otherwise, what I do is my personal business.

    http://www.custompcmax.com

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 May 2008 @ 11:51am

    What kind of behavior is watched by a system called Phorn?

    link to this | view in chronology ]

  • identicon
    Shane C, 22 May 2008 @ 12:04pm

    Click-through-agreements

    Some of the legal experts he talked to think the law would require the ISPs to obtain the affirmative consent of customers before commencing the use of these programs.

    Maybe I'm not fully aware of how this law would play out, but this doesn't seam like a major stumbling block to me. All an ISP would have to do, is bury the "agreement" within their standard "YOU MUST AGREE TO THIS TO USE OUR SERVICE" legal mumbo-jumbo.

    Where I live I have two broadband providers (well, nine according to the FCC, but that's another story). If both of them make agreeing to this snooping as part of their service agreements, what choice would I have?

    link to this | view in chronology ]

  • icon
    Steve R. (profile), 22 May 2008 @ 12:43pm

    Innovative Application

    By extension. If it is illegal to profile persons of interest (the new politically correct phrase for suspect) based on religion, race, sexual orientation, ethnicity, etc. then targeted advertising would also be illegal. Hadn't thought of that innovative twist before.

    Ironically, I don't mind targeted advertising, what does bother me is the degree of intrusion and the arrogance of the advertisers.

    link to this | view in chronology ]

  • identicon
    ed, 22 May 2008 @ 4:45pm

    Why should you have to constantly be on the lookout for your privacy being violated? Oh, well if you took a little effort you could get it removed from site x and site x and site x... well guess what.. I shouldn't have to kthx.

    link to this | view in chronology ]

  • identicon
    Alex Har, 23 May 2008 @ 5:28pm

    Ethics Issues abotu data usage

    Everyone probably hopes that computers can become increasing more intelligent so we can interact more meaningfully with it. This would certainly make our lives much more pleasant. However to do so it has to get to know us, collect information about us, analyse and understand as much as a human is ablwe to do.

    As human we automatically use information about people we know to improve our interaction with them. We talk to ojur wives, friends, parents and kids differently. Often we use information to manipulate people, target at their soft spots to get what we want.

    The latter is of course not exactly moral or ethical. It is often difficult to differentiate between someone using our information to be nice to us or to manipulate us....and it is in this area that legislations may become vexatious and cumbersome.

    Legislations if any should stay within the big areas like...do not murder, rape, steal,cheat...be a real nuisance. If legislations actually prevent computers from being more intelligent in interacting with humans, or in helping humans to interact better with each other, it would do the world a disservice.

    link to this | view in chronology ]

  • identicon
    Alex Har, 23 May 2008 @ 5:30pm

    Ethics Issues about data usage

    Everyone probably hopes that computers can become increasing more intelligent so we can interact more meaningfully with it. This would certainly make our lives much more pleasant. However to do so it has to get to know us, collect information about us, analyse and understand as much as a human is ablwe to do.

    As human we automatically use information about people we know to improve our interaction with them. We talk to ojur wives, friends, parents and kids differently. Often we use information to manipulate people, target at their soft spots to get what we want.

    The latter is of course not exactly moral or ethical. It is often difficult to differentiate between someone using our information to be nice to us or to manipulate us....and it is in this area that legislations may become vexatious and cumbersome.

    Legislations if any should stay within the big areas like...do not murder, rape, steal,cheat...be a real nuisance. If legislations actually prevent computers from being more intelligent in interacting with humans, or in helping humans to interact better with each other, it would do the world a disservice.

    link to this | view in chronology ]

  • identicon
    Matt Wood, 23 May 2008 @ 8:08pm

    Internet Privacy? What a Concept!

    Ever wonder what your secure proxy knows about you? And who pulls their strings while you're distracted by headlines? Even if you were to go back to paper and verbal communications, you're already in too many databases to even think about privacy.

    link to this | view in chronology ]

  • identicon
    John, 24 May 2008 @ 12:12pm

    This will decrease usefulness of the internet!

    As soon as things are 'targeted, it means that other things are 'de-targeted'. As you get, for instance, search results based on your 'interests' of, say, your previous search, then the newer search is degraded. It is also madness, as many websites don't have the commonsense to even manage properly what they are doing now, without trying to do more, especially 'secret' things. I agree with Matt Wood, they already have enough to know you - my thinking is that they just have to decide how to use it to annoy you.

    link to this | view in chronology ]

  • identicon
    Greg, 25 May 2008 @ 9:11am

    Amazon was the pioneer of behavioral targeting and built their entire business model around it.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.