Is Your ISP Selling Your Clickstream Data? Do You Have Any Privacy At All?

from the privacy-nightmare dept

Alexa-competitor Compete Inc.'s CEO CTO David Cancel told conference attendees Tuesday that there's a pretty good business for ISPs to sell your (just slightly) anonymized clickstream data. This explains how Compete Snapshot gets its data -- though, early reviews suggest the data isn't very good. This isn't aggregate data. The ISPs are literally selling the fact that "user 1" went to this particular list of sites in this order. He doesn't say who's buying the data (besides making it clear that he's a customer), but you can bet some of the hedge funds are making good use of it in determining what's hot as well. Still, as is noted in the article, this is "much worse" than last summer when AOL released search stream data. In that case, at least, AOL meant well in releasing the data for research purposes. In this case, it's selling your surfing habits for pure profit -- though, the "risks" are smaller since it's not nearly as easy for anyone to get their hands on the data. Of course, it probably isn't particularly hard to take that data and figure out who many of the "anonymous" users are, if someone wanted to do so. It would be interesting to see if users could make a case for this violating their privacy -- though, it would be quite difficult for any particular individual to find out if their ISP is doing this since, once again, the data is private. It's just one more reminder that your privacy may not be as private as you believe -- and also a reminder that figuring out how to surf the web over an encrypted system isn't a bad idea if you want to keep your surfing habits private.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Private ;), Mar 14th, 2007 @ 12:27pm

    Much ado about nothing

    Compete gets anonymous data that it then sells in aggregate form. So many articles about privacy are about how someone might be able to figure something out about you, not how it really happened. How good are we at assessing the odds that it might happen?

    I'm going back to worrying about lightning and seeing if I won the PowerBall.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Ajax 4Hire, Mar 14th, 2007 @ 12:28pm

    If my clickstream is sold..

    then I want some of the money.
    Whether this is moral or legal (or both), if it can be done, it will be done. If someone can make money from selling digital data thru their network, then someone will sell the digital data thru their network.



    Oh, and I'm first.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Jabroni, Mar 14th, 2007 @ 12:32pm

    He mentions at the end, "figuring out how to surf through an encrypted system"

    anyone have ideas, cause i have been looking for something like this for a while, maybe keep the p2p encrypted. much more difficult for RIAA bastards

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Mar 14th, 2007 @ 12:39pm

    Re:

    There are VPN relays you can rent for about 5$/month (unlimited bandwidth) from companies in other countries.

    All yor traffic gets encrypted, and your ISP sees nothing but the vpn connection. I even saw an open source WRT54G router firmware that was programmed to do all the work for you...

    But I cant seem to remember what the name was...

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Answer to Jabroni, Mar 14th, 2007 @ 1:05pm

    https://www.relakks.com/

    or the free one

    secureix

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Tor, Mar 14th, 2007 @ 1:55pm

    Use Tor

    Tor, http://tor.eff.org, is an alternative.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    JJ, Mar 14th, 2007 @ 1:56pm

    There are VPN relays you can rent for about 5$/month (unlimited bandwidth) from companies in other countries.

    All yor traffic gets encrypted, and your ISP sees nothing but the vpn connection. I even saw an open source WRT54G router firmware that was programmed to do all the work for you...

    But I cant seem to remember what the name was


    This is not a bad idea. There are a couple of concerns.

    What is the latency? There could be lag when gaming.

    Do you trust the company at the other end of the vpn connection? They still have access to intercept your passwords and other secure data

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    JJ, Mar 14th, 2007 @ 1:58pm

    Privacy

    There is a difference between "post", and "get" data when browsing websites. If a website uses "get" as its data transport, then the ISP will collect that data in their clickstream report. There can be very private pieces of information in that "get" stream such as your name, address, usernames, accountids, passwords, search queries...

    Though sites should use "post" there are some circumstances where it is better to use "get". Because of this, ISP's should not be allowed to record your clickstreams.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Mar 14th, 2007 @ 4:23pm

    Is this any different than if the phone company started selling your phone records for profit, and claiming they weren't invading your privacy because they didn't include your name?? Of course, if this were the phone company people would be up in arms because they understand how the information can be abused, but somehow people can't (yet) imagine how this data will be used, and so don't see it as a threat. Even Mike says "an encrypted system isn't a bad idea if you want to keep your surfing habits private." I'd argue it's a good idea, period.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    flamsmark, Mar 14th, 2007 @ 5:16pm

    Encrypted link?

    It's not particularly possible to 'surf the web' via an encrypted link. All you get is an encrypted tunnel which ends up somewhere else. There's still a point through which your traffic flows, and anyne watching that can see all the traffic.

    True, systems like tor which implement an onion protocol get around user specificity, but the packets you send do eventually end up out there on the big, bad internet. More importantly, tor has several seconds of latency, and massively more traffic than the network should be able to handle [doesn't stop me running a tor server, though] *sigh*.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Misstah Eff, Mar 14th, 2007 @ 8:21pm

    Your ISP

    If you're the kind of person who reads Techdirt, your ISP is probably not selling their data (your data, really) to Compete. There's always the possibly that they're selling it to someone else, but I used to work with Compete data and it was overwhelmingly filled with data mined from the usage patterns of Red State users on bargain dialup providers (Netzero, etc). As a consumer of internet access you get what you pay for, including the right to increased privacy.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    JJ, Mar 15th, 2007 @ 12:55pm

    It is much worse that phone companies selling your records, because those are more anonymous than clickstreams. clickstreams can include information like your email address. spammers can pay the ISP's for the list and farm active email addresses.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    RandomThoughts, Mar 15th, 2007 @ 5:39pm

    Of course they sell your clickstream data, and selling it sure doesn't make it safer for consumers. Thats how Choicepoint got in trouble. They sold personal information on 163,000 people to a criminal organization.

    Nice to see the CEO of ChoicePoint got a 6 million dollar bonus last year.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    News Website, Jul 12th, 2007 @ 10:10am

    Aggregate the Data

    Some click stream data, especially searches, contain what the user is searching for and hence may easily reveal his/her identity. An aggregate form of the data, like how many searched for keyword X with Google, is a lot more responsible to provide and won't compromise anyone's privacy.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Elisabetta34mA, Jan 8th, 2010 @ 8:39am

    Re

    It's not so simply to buy a great essays written, especially if you are booked. I give advice you to set buy essay and to be devoid from scruple that your work will be done by paper writing service

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    willington, Jan 29th, 2010 @ 4:37am

    comment

    thanks for giving useful information.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    arbitration Ukraine, Jun 28th, 2010 @ 6:00am

    Thank you for another great blog. Where else could I get that kind of information written in such a perfect way? I have a project that I am presently working on, and I have been on the look out for such info.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    honeymoons, Sep 7th, 2010 @ 7:07am

    honeymoons

    Th4t be an epic da shizzi4 post, th4nkie 4it & in da futures we'll be seeing more of it

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    cruises, Sep 7th, 2010 @ 7:07am

    We7ll I8be dat9 ogr6e speekie da speekie, gratz & than4x

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    flight center, Sep 7th, 2010 @ 7:08am

    heb7e sh8at be th34nkie 4it on da posting left & righ8ty

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    paper writing, Jul 8th, 2011 @ 4:12am

    hey, you must be kidding. it cannot be true

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Bounce Houses, Oct 26th, 2011 @ 2:34am

    Bounce Houses

    After reading your article and checking your blog out i strongly recommend your blog. Thanks for sharing such an informative post and will be waiting for more in future.

     

    reply to this | link to this | view in thread ]

  23.  
    Good post. Thanks for sharing this useful information with us.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    royalvoyage, Jul 2nd, 2012 @ 2:05am

    This is why I love being in the UK, the government doesn't block any websites and although ISP's can I don't think many actually follow through. I know my ISP doesn't.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This