AT&T Says It May Inject Its Own Ads In Your Surfing... And You'll Like It

from the oh-really? dept

Fri, Aug 15th 2008 2:50pm — Mike Masnick

Various ISPs have long made extra cash by selling your clickstream data to various tracking outfits. But in the last few months, it's come out that many have been either testing or considering taking things a step further by inserting their own ads based on your surfing history, using technology from firms like NebuAd and Phorm. Both of those companies have run into some trouble lately, as there are serious questions as to the legality of such practices, which have gotten the attention of folks in Congress.

While most ISPs have shied away from giving too detailed answers to Congress, apparently AT&T has decided to take a different stance. While the company says it has not tried any such ad insertion technology, it vehemently defends the idea, claiming that it would implement it "the right way" and that it "could prove quite valuable to consumers and could dramatically improve their online experiences, while at the same time protecting their privacy."

This is an old line that's been used before about these types of services: that it somehow enhances your surfing experience by throwing less crappy ads at you. Of course, this is based on the somewhat faulty assumption that people actually care about most banner ads, no matter how relevant. Also, it's hard to see how it "protects" a customer's privacy, when the whole point of these programs is to make use of your surfing details (which most people believe is private) to make your ISP more money.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: clickstream tracking, isps, legality
Companies: at&t

41 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Stephen Downes (profile), 15 Aug 2008 @ 3:10pm

Irony
The irony is reading this article in my RSS reader with an advertisement injected (by Techdirt? By Feedbuirner? By Google?) into the feed.
[ link to this | view in chronology ]
- ehrichweiss, 15 Aug 2008 @ 3:49pm
  
  Re: Irony
  I don't get anything of the sort reading the RSS feed but I get mine through "i-google" so maybe they remove them or maybe Adblock Plus does it for me.
  [ link to this | view in chronology ]
wasnt me!, 15 Aug 2008 @ 3:25pm

i think ppl who are annoyed by adds like myself all use add blokers, so as far as im concerned is what happens to the data collected more than anything else.

as long as my email isn't involved im not sure i care much.
[ link to this | view in chronology ]
- Anonymous Coward, 15 Aug 2008 @ 4:09pm
  
  Re:
  The ISP doesn't need your E-Mail, they got your IP and Account Info.
  Along with your Name, Billing Info, Address, ECT.
  [ link to this | view in chronology ]
  - hasarmor, 17 Aug 2008 @ 2:10pm
    
    Re: Re:
    thats why they have to outsource it to someone who doesnt have this and intentionally strips this out.
    W/PII theres much more regulation involved- better for them to do it without
    [ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 3:25pm

They're just exploring a new "business model." It's not really "feasible" to stop this. Businesses "will always share information," for profit, "as is their natural inclination. Trying to make that illegal is like trying to outlaw breathing."

Didn't we just see a post asking Congress to stay out of legislating business models?

I use quotes from a recent post due to the irony here. If the information is made by someone else, and makes danceable noises when run to your sound card, Congress should stay out of it. If the information is made by you, and someone else gets something for free out of it, Congress should step in.

The equivalent form of DRM here would be all sites moving to optional SSL, which would make these sorts of intrusive activities more difficult.
[ link to this | view in chronology ]
Peet McKimmie (profile), 15 Aug 2008 @ 3:28pm

These ads they're injecting...
Are they in addition to the existing ads on the page, thus ruining the layout of the site you're viewing, or do they replace existing ads, thus depriving the site of its income stream?
[ link to this | view in chronology ]
- hasarmor, 17 Aug 2008 @ 2:08pm
  
  Re: These ads they're injecting...
  Neither; they pay off the existing ad to go away and put in a more valuable one based upon their anon profile of you.
  [ link to this | view in chronology ]
Joshua BA, 15 Aug 2008 @ 3:34pm

Copyright.
How is this not copyright infringement? They are taking a copyrighted document, modifying it, and then distributing the modified copy for profit. Is their legal council THAT stupid? How long until some company like Google, rightly, sues them into oblivion?
[ link to this | view in chronology ]
- Another Anonymous Coward, 16 Aug 2008 @ 6:34am
  
  Re: Copyright.
  ISPs might be able to avoid copyright infringement claims by intercepting the webpage request when you click on a link and inject a whole page advert before loading the genuine webpage.
  
  When you click on the add to cart button on Amazon for example the ISP's dpi system could inject a page from one of the ISP's partners offering to sell you the same item at a lower price.
  
  The ISP could even provide partner sellers with detailed stats on sales made by major e-tailers to their customers so their sellers could decide which products were most profitable to target.
  [ link to this | view in chronology ]
Pangolin (profile), 15 Aug 2008 @ 3:37pm

How to tell if they are doing it?
There was a story (here I think) sometime back about a url you could visit that would check to see if what you were being served was what was really being served or if something was being inserted into the stream.

Does anyone have that link?

Also - wouldn't ssl defeat this?
[ link to this | view in chronology ]
- Peet McKimmie (profile), 15 Aug 2008 @ 4:11pm
  
  Re: How to tell if they are doing it?
  http://www.eff.org/testyourisp/switzerland
  [ link to this | view in chronology ]
james jo (profile), 15 Aug 2008 @ 3:47pm

been done before....
Anyone remember the original netzero, when they were free but you had to deal with their banner ads? At&t are just doing the same thing, except you actually pay them for the opportunity to get those wonderful, relevant ads. *sarcasm*
[ link to this | view in chronology ]
Paul, 15 Aug 2008 @ 4:24pm

Why Worry?
This can't be the same AT&T that supplied customer data to the government illegally and then had the law changed to absolve them of responsibility.

It also can't be the same AT&T that spent tens of millions of dollars lobbying to forestall broadband competition and destroy net neutrality, and backed out on commitments to unbundle DSL from phone service after promising this in return for a merger permission.

Just trust them. But bring your own lube.
[ link to this | view in chronology ]
Another Anonymous Coward, 15 Aug 2008 @ 4:24pm

It's the protocol that's the problem
I haven't seen anyone in the press comment on the technical problems that this introduces, or their legal implications. Intercepting and modifying the data stream from a web server to a client is *bound* to break some web pages. But more importantly, this sort of packet interception and tcp hijacking is already deemed to be illegal hacking when it is done by teenagers or Russian gangs.

If ISPs are free to break the internet protocols, then the "I" in ISP doesn't really apply anymore. Also, if we allow this to be done by the ISP near the client, what's to prevent other network carriers between the server and the ISP from doing the same thing? A given web page can pass through a handful of network carriers on it's way from the server to the browser. In that kind of internet, how in the world do you get data from one place to another in a reliable way?

(This same argument applies to the whole Comcast bit torrent controversy as well. If they were only dropping packets, they would not be breaking the IP protocol, but they were actually *injecting* packets into the net with false address information.)
[ link to this | view in chronology ]
Jeff, 15 Aug 2008 @ 4:28pm

Wait
So, if one was to just surf porn sites, would AT&T show porn ads?
[ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 5:31pm

Ads from America's favorite NSA partner?

That sounds sexy.
[ link to this | view in chronology ]
Overcast, 15 Aug 2008 @ 5:43pm

And coming up next.... Ads on your iPhone!
[ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 5:49pm

Sure, but can AT&T prove any of us will like it?
I know most people, including myself, are aware that all this flash and java script advertisement is dangerous business. Not to mention any real links to advertised products are always routed through another website instead of the actual website. What does this mean? Well if the flash/java didn't already load you up with malware automatically, you're going to pick it up by clicking on the ad and going to the website who makes money off of infesting you with it, before they take you to the good product of course.

And once more, I know that most people are aware that if the shit is legit, a google search will give you a correct hit. Honestly, why click on an ad for something where the link says http://ads.doubleclick.com/tracker?=reroute39509135.slowing%20your%20pc%20lol.shitmel

In summation, if most people use ad-blockers as others have noted, and most people avoid advertisements to avoid getting clogged with malware, how the hell is AT&T suppose to know these ads will be ads we like? Of course the only reason people would like it is if it didn't have any of that tracking crap, but then that's another reason AT&T wouldn't know what they're talking about. Oh wait, obviously they're going to base it off of all the tracking cookies they send out to the people who click on ads as jokes to screw up public computers or a friend's computer.
[ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 5:52pm

I know one person that will never be using ATT again.
[ link to this | view in chronology ]
- Anonymous Coward, 16 Aug 2008 @ 5:30am
  
  Re:
  Funny funny
  
  You use a large number of ISP for every website you visit even though you have an account with only one.
  [ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 6:10pm

adS suck!
[ link to this | view in chronology ]
Anonymous Coward, 15 Aug 2008 @ 6:17pm

Javascript sucks
Of what value is your tracking data if you can not deliver the ad ?
[ link to this | view in chronology ]
- Peter N, 15 Aug 2008 @ 8:08pm
  
  Re: Javascript sucks
  "Of what value is your tracking data if you can not deliver the ad ?"
  
  It allows a company to build a profile. They will have you and your family catagorised and neatly packaged in a way that you have never thought possible.
  
  It's not just about selling you cars and fridges - it's about controlling you and your family as if you are caged animals being fed what your master choses when he sees fit.
  
  Unless you re the sort of person who fills in every online survey or gives all of their personal details to strangers with clipboards when you are out shopping then this is something that you need to fight against.
  
  The fact that these systems can be used to target adverts is just the start. Imagine what can happen when someone - be it a company or a government - has that much information about you. We are not criminals or terrorists and yet we are supposed to accept a level of surveillance that far exceeds anything that the police could do even with a warrant and with no control over the future use of such a system.
  [ link to this | view in chronology ]
Tom, 15 Aug 2008 @ 10:32pm

I suspect AT&T has been injecting for a bit now
I've been noticing, for about a week now, the same set of ads taking over my browser from time to time, Cisco is the only one I can remember at the moment. I thought it was odd that I would click the 'skip this add' button and end up at a completely different spot in the website than I was navigating to. Site so far that I can recall are Boingboing, Comedy Central, Drudge, Slashdot and The Register, plus a few adult sites.

Looking back, I find it odd that these sites would ALL be serving the same ad. And given that some of the sites I visit aren't in the US, I find it even odder.

Yes, I use AT&T.
[ link to this | view in chronology ]
Tom, 15 Aug 2008 @ 10:36pm

I suspect AT&T has been injecting for a bit now (a bit more info)
What's been happening, the site starts to load, then bam, the whole browser is taken over by a full page ad. You have a link to their website in the upper right hand corner and a 'skip this ad' link in the upper left hand corner. When you click skip this ad, you don't always end up at the page that you wanted to go to, and if it's some kind of dynamic content, it's never the right content.
[ link to this | view in chronology ]
Felix, 15 Aug 2008 @ 10:45pm

The Right Way
I'm sure by "the right way" AT&T means the right way for AT&T, not the right way for customers. For customers, "the right way" is to not do it.

Guess I'll be switching to Charter. Oh, wait . . .
[ link to this | view in chronology ]
Jack M, 15 Aug 2008 @ 11:00pm

My interpretation of the past 8 months
At&t are just doing the same thing, except you actually pay them for the opportunity to get those wonderful, relevant ads.

Do I hear an echo? Wasn't that the same promise of, I don't know, Cable TV, and Satellite Radio? At least they are being up front about it.

Exactly how will this work? Do they build their own ad platform to sell ads? If so, how will they get the audience? Maybe they didn't fully grasp what Yahoo had that Microsoft didn't. When Microsoft considered the nuclear option, what was the first thing Yahoo did? They outsourced ads to Google. Shortly thereafter, Microsoft was no longer interested in Yahoo. Final answer. No turning back. End of Story.

Then Yahoo HIRED Carl Ichann. Can you believe that? That's awesome! A day later, whats-his-nuts jumped HMS Microsoft to work at Juniper.

Think about that.

Really, now. How will AT&T out-maneuver that? Jerry Yang one-upped Microsoft!

Will AT&T get into bed with websites when it seems Google is already doing a great job? Do they hijack any images coming from Google or Doubleclick? It's just a wild guess, but that may have some sort of regulatory problems.

In the day which Yahoo is throwing in the towel to relevant ads as it's grilled by Congress, it seems this is a business idea that is being executed too little, too late.

Maybe AT&T, because of FISA, has personal data of value and needs to be sold. If that's the case, it would be a good move if Microsoft and AT&T to explore some options, maybe even a spin off of MSN, where AT&T could be a minority shareholder, to a new company which would focus on advertising as their core competency.

Who knows!
[ link to this | view in chronology ]
Anonymous Coward, 16 Aug 2008 @ 8:01am

And they want volume caps????
At the end of the day, you're paying for the data to see their ads...
[ link to this | view in chronology ]
Hoeppner, 16 Aug 2008 @ 8:34am

The legal right of an ISP to do anything to a website(particularly ownership, intellectual property rights, and whatever else a skilled legal team can come up with) is literally along the lines of going over to a strangers house(not neighbor a stranger you've never met or have never seen) and digging a hole there or painting an advertisement on the side of their house. And clearly falls under a breakage of IP rights since you are litterally changing someones creation without permission, without giving credit, and profiting to off it.

I feel really smart right now :D
[ link to this | view in chronology ]
Hoeppner, 16 Aug 2008 @ 8:35am

I'd feel smarter If I remembered I need to proof read more than once...
[ link to this | view in chronology ]
Anonymous Coward, 16 Aug 2008 @ 8:45am

Why use ATT
DSL = Damn Slow Link, TW cable offers 10-15 megabit for cheap in a bundle, 108/month tx with local phone, digital cable, and 10 mb internet. Why would anyone use ATT is beyond me.
[ link to this | view in chronology ]
Pete, 16 Aug 2008 @ 9:47am

Insane
This is just insane.

These people have no right to (in effect) corrupt data communications.

None what so ever.

This must not happen.

It simply must not happen. Marketing buffoons can't be allowed to do this. They are destroying the basic principles of data communication on the internet.
[ link to this | view in chronology ]
Martin Horak, 16 Aug 2008 @ 9:50am

SSL
SSL server is the solution. This is only another action to push more developers in to encrypting internet trafic. If the ISPs become too intrusive, they will get NOTHING (click stream wise). As a web designer, I wouldn't like when someone messing with my layouts or possibly inserting spyware and adware (!) and start encrypting all sites.
[ link to this | view in chronology ]
Anonymous Coward, 16 Aug 2008 @ 10:11am

i dont care about ads...the ones i do care about are the ones that pop up and you got to close them...annoying, they start injecting that in my stream and ill start injecting my fist in there face
[ link to this | view in chronology ]
John Wilson, 16 Aug 2008 @ 11:38am

What is it about NO that AT&T and their ilk don't understand?
Quite apart from the technical issues this sort of thing drags along with it, quite apart from dubious legality and quite apart from privacy there's something missing here.

Just what is it that leads companies to believe that we want that regrettable remnant of the dot-bomb era known as singing, dancing, bandwidth hogging banner ads?

No one I know downloads AdBlockPlus to ensure they never bring up the ads on the right side of a google search.

It's always banner ads.

Yet somehow AT&T seems to think there's some kind of demand for this crud.

Not only that but that I'll be happy to get it or that it will somehow enhance my internet experience.

I can see my AdBlock and NoScript blacklists getting longer and longer here.

ttfn

John
[ link to this | view in chronology ]
lordmorgul, 16 Aug 2008 @ 4:09pm

Simple solution...
What concerned internet savvy people should be doing is installing Firefox, AdBlock Plus, NoScript, Greasemonkey, and Stylish (for a good start) and telling these companies through obvious consumer behavior that their advertising is unwelcome.

Block the scripts, refuse to look at the ads (by removing them them from your displayed webpages), and click on none of them. Ad driven revenue requires clicks, and page views.

If you don't like targetted advertising, then un-target yourself, slip under the radar, and laugh in their faces.
[ link to this | view in chronology ]
John (profile), 17 Aug 2008 @ 5:53pm

Changing the subject...
But more importantly, this sort of [behavior] is already deemed to be illegal hacking when it is done by teenagers or Russian gangs.
You miss the point- the corporations can get away with "bad" behavior because they have the money to make their behavior legal.
If I loaned you money at a 25% interest rate, I'd be thrown in jail for loansharking and usury. If CitiBank charges a 25% interest rate, they call it "market rate plus prime".

But, yes, I agree with the above posters: this kind of ad-replacing behavior will only send more people to download programs like AdBlock and FlashBlock. Then, tech-people like us will help install ad blockers on our friends' computers.
After that, it's only a matter of time before there's no more revenue from any ads at all.
[ link to this | view in chronology ]
Dan O, 18 Aug 2008 @ 6:33am

To Solve AT&T Ad-Injection Issue
Someone could create software that generates millions of random sorts of web linking that would throw off their software - providing AT&T with crap link data, that would be sweet ... LOL ... they can eat it.
[ link to this | view in chronology ]
- Anonymouse, 19 Aug 2008 @ 8:03am
  
  Re: To Solve AT&T Ad-Injection Issue
  beta.bt webwise thread.
  
  Current User
  
  Posts: 116
  Registered: 11/8/04
  Re: BT Webwise Discussion Thread
  Posted: Aug 8, 2008 12:44 AM in response to: Paul H
  Reply
  It could work in a Simple form by using an rc4 randomizer linked to the Website URL requested & in the case of E-mails the destination E-mail address requested.
  This would be relatively fast with less overhead, would be difficult to Profile, but weak encryption when it comes to Law Enforcement Issues, which we obviously all want to avoid!
  
  The data would just be a mass of random data when going through the profiler unless more software is added to combat this method.
  Of course that would lead to a Software Race which they could not win!
  [ link to this | view in chronology ]
hegemon13, 18 Aug 2008 @ 6:49am

Possible option
IF the advertising is optional with a default opt-out, and IF the subscribed user gets free or substantially lower-priced internet access, I can see this as being a legitimate possibility. However, adding advertisements to a PAID subscription is not acceptable. AT&T will very quickly drive their market away.

That would be like paying for a movie ticket or DVD and being forced to watch commercials. Oh, wait...
[ link to this | view in chronology ]