Techdirt. Stories about "nebuad"

On Second Thought... NebuAd Not Really Dead... Re-Emerges In The UK Under An Assumed Name

Mike Masnick — Wed, 20 May 2009 14:11:00 PDT

After writing about how NebuAd had shut down, a commenter pointed out this wasn't quite true. Instead, it appears the company has just re-appeared under a different name in the UK... where officials have ruled that clickstream tracking behavioral advertising can be legal (though that's gotten the UK into trouble with the EU). Apparently, NebuAd had opened a UK office, and with the shutdown of US operations, the UK office re-branded as Insight Ready Ltd., but it appears to be the same basic company, including same employees. And the Insight Ready domain name was registered by NebuAd....

Permalink | Comments | Email This Story

Ding Dong, NebuAd Is Dead

Mike Masnick — Tue, 19 May 2009 20:20:00 PDT

While it took many months since Congress made it clear that NebuAd's somewhat sneaky clickstream tracking/behavioral advertising plans were almost certainly illegal, it appears that the company has finally shut down completely. The similar Phorm remains in operation in the UK, but is still facing significant legal scrutiny and has been running around trying to convince everyone that it's system doesn't violate anyone's privacy. Either way, there's a good lesson to be learned: while it may seem that individuals don't pay all that much attention to their privacy rights, if you cross the line and abuse what people feel is sacred, it's going to come back to bite you.

Permalink | Comments | Email This Story

ISPs: It Was All NebuAd's Fault!

Mike Masnick — Tue, 10 Feb 2009 01:10:51 PST

With Congress clearly indicating that it believed NebuAd's clickstream tracking behavioral advertising was illegal, there have been efforts underway to file class action lawsuits against the various ISPs who tested the service. It appears those ISPs have an interesting defense they're trying: it wasn't us! Specifically, they're claiming since all of the customer clickstream data resided on NebuAd servers, none of the blame can be put on the ISPs. That seems unlikely to fly in court, however, considering that the ISPs teamed up with NebuAd specifically for the purpose of tracking that data.

Permalink | Comments | Email This Story

Phorm Secretly Used By American ISPs As Well

Mike Masnick — Wed, 13 Aug 2008 18:33:09 PDT

Looks like Phorm may be facing another headache as The Register has found out that it was quietly used by some American ISPs, as well. Earlier stories had suggested that Phorm, which tracks your web surfing at the ISP level and customizes ads based on your clickstream data, was only testing the service in Europe, while competitor NebuAd was focused on the US. Phorm is facing some legal inquiries in Europe, while NebuAd is laying people off as Congress is investigating the legality of the service.

But the most bizarre aspect of this is Phorm's claim that its tests with US ISPs was "transparent." If that's the case, it's odd that no one had pointed it out before. That would suggest that it wasn't nearly as transparent as Phorm claims. In fact, it suggests the opposite.

Permalink | Comments | Email This Story

NebuAd In Trouble After Congress Suggests Its Entire Business Is Illegal

Mike Masnick — Wed, 6 Aug 2008 15:58:00 PDT

We've covered the saga of companies like NebuAd and Phorm, who basically worked with ISPs to access your clickstream data and place advertisements based on your overall surfing habits, rather than the specific page that you're on at that moment. It didn't take long before people realized that such services (beyond just being somewhat deceptively implemented by ISPs) were probably illegal. And, of course, given the public outcry over these services, it didn't take long for Congress to get involved, suggesting that it felt these activities were illegal.

So, of course, if you happen to work at Phorm or NebuAd, you've got a bit of a business model problem (not to mention the potential legal problem). The Register is reporting that NebuAd has now laid off a bunch of employees -- and also dumped its PR firm. Considering the fact that no amount of PR probably could have stopped consumer outrage over how these services were implemented, it seems like the PR firm may have been something of a scapegoat --- or, perhaps, the company just realized that any PR work at this point is simply futile.

Permalink | Comments | Email This Story

Charter Communications Realizes People Don't Like Having Ads Injected Into Websites

Mike Masnick — Tue, 24 Jun 2008 20:06:41 PDT

Last month, cable broadband provider Charter Communications said it was going to test the clickstream tracking/behavioral ad injection service NebuAd, claiming (hilariously) that snooping on you as you surf in order to present ads to you enhances your web surfing experience. It turns out that many Charter customers did not agree -- and they weren't made any happier when independent research into NebuAd's system discovered many, many problems with it, including the fact that you couldn't really opt-out. Also, Congress got involved, asking Charter to explain itself. That's never a good sign.

Charter has now agreed to back off plans to implement this clickstream tracking. However, the most hilarious part is Charter's explanation of why it went forward with this plan in the first place: Focus groups apparently indicated that "most broadband consumers would look upon this service favorably." Well, when you describe it as "enhancing" the broadband experience, rather than spying on your every action to present you with more targeted ads, people might say that. In the future, though, it may help to be a bit more straightforward with focus groups.

Permalink | Comments | Email This Story

Research Into NebuAd Finds Controversial And Potentially Illegal Tactics

Mike Masnick — Wed, 18 Jun 2008 23:07:50 PDT

NebuAd is a company we've discussed before, that basically works with ISPs to use your clickstream data to send targeted ads. It's quite similar to Phorm, which has received plenty of attention for its questionable behavior over in the UK. Now, some researchers have looked into the details of what NebuAd really does... and it's not pretty:

NebuAd exploits normal browser and platform security behaviors by forging IP packets, allowing their own JavaScript code to be written into source code trusted by the Web browser. NebuAd and ISPs together cooperate in this attack against the intentions of the consumers, the designers of their software and the owners of the servers that they visit.... NebuAd breaks the rules of acceptable behavior on the Internet. It monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it."

Perhaps Charter Communications and other ISPs that have signed up for NebuAd should have researched things a little more thoroughly. Congress is already investigating the legality of something like NebuAd, and one assumes that a report like this may find its way to many of those politicians pretty quickly.

Permalink | Comments | Email This Story

Behavioral Targeting May Be Illegal

Timothy Lee — Thu, 22 May 2008 09:43:00 PDT

A bunch of ISPs have been experimenting with systems such as Phorm and NebuAd that monitor their users' online behavior and create profiles that help third parties create more targeted advertisements. Back in March we noted that behavioral advertising may be illegal under UK law. And last week we reported that Congress was asking some tough questions about the plans. CNet's Declan Declan McCullagh has an in-depth look at American law, and concludes that such systems are probably illegal here too. The problem is that what Phorm and NebuAd do sounds a lot like wiretapping, and wiretapping is illegal under several federal laws. At least three federal laws govern when electronic communications providers can disclose their customers' communications to third parties. One of the key questions Declan looks at is consent: the law generally allows eavesdropping with customer consent, but the exact nature of the consent isn't clear. ISPs have tended to be very secretive about their use of these systems, so at the very least, privacy laws would require that ISPs disclose what they're doing and give consumers a way to opt out. But Declan suggests that this might not be sufficient. Some of the legal experts he talked to think the law would require the ISPs to obtain the affirmative consent of customers before commencing the use of these programs. Since it's hard to imagine customers being enthusiastic about having their ISPs eavesdrop on them, such a requirement might make these programs non-starters.

Permalink | Comments | Email This Story

Marketers Freak Out About Mandates To Make Clickstream Tracking Opt-In Only

Mike Masnick — Wed, 7 May 2008 16:38:00 PDT

With all of the fuss finally being raised concerning clickstream tracking by companies like Phorm and NebuAd, there's an effort underway to force ISPs to make any such tracking strictly opt-in. That is, users would have to proactively agree to allow their data to be used in this manner. In response, various marketers are complaining about how much data they would lose, claiming it would be an "armageddon" for the industry. Don't believe them. This is the same thing marketers warned about when the US instituted a "Do Not Call" system, and it's hardly decimated the marketing industry. Instead, it's improved marketing by making firms focus less on intrusive telemarketing and more on useful marketing. The same would happen if ISPs were required to make this an opt-in instead of opt-out setup. It would force the ISPs and companies like Phorm to make sure that the services really benefited customers in meaningful and noticeable ways so that customers would be happy to make use of the services. By whining about an opt-in solution, all these firms are really admitting is that they do not add value to the surfing experience of users.

Permalink | Comments | Email This Story

Anti-Spyware Companies Debate Blocking ISP-Injected Advertising

Mike Masnick — Mon, 28 Apr 2008 21:01:59 PDT

With a growing number of ISPs using services from companies like Phorm and NebuAd to inject ads into your web browsing based on your surfing habits, anti-spyware companies are starting to take notice and debate whether or not they should start blocking some of these activities. While there's no downloaded software, these services all use cookies to track your surfing habits, and anti-spyware offerings could certainly step in and block those cookies or more proactively warn users that their surfing data is being used in this manner. Considering how hard Phorm has worked to shed the "spyware" label it had been given in a previous life, the company can't be too pleased to hear about this development. Of course, it's probably more concerned with questions being raised about whether or not its service is even legal.

Permalink | Comments | Email This Story

Growing Number Of ISPs Injecting Own Content Into Websites

Mike Masnick — Thu, 17 Apr 2008 23:48:33 PDT

With growing concerns over companies like Phorm and NebuAd enabling ISPs to insert their own ads into your web surfing, some researchers decided to see if this is already happening -- and were surprised to find it more prevalent than they expected. It's still not a huge number, but in tests, they found that there definitely are some ISPs already using such technology to inject ads, though they tend to be smaller "no name" ISPs. The one big exception was XO Communications -- though XO claims that any ad injections must be done by downstream resellers of its wholesale service. Either way, this ought to raise some questions about what rights ISPs have to get in the middle and alter the data that you requested and which was served by a third party.

Permalink | Comments | Email This Story

ISPs Able To Use Your Surfing Data To Insert Their Own Ads Everywhere

Mike Masnick — Tue, 11 Dec 2007 09:38:14 PST

Earlier this year, we wrote about the fact that many ISPs were making good money selling your clickstream data to various companies for tracking purposes. Now there's a new advertising company that's come along to take advantage of this. The Associated Press has an article about NebuAd, a company that works with ISPs to use your clickstream data to better target advertisements to you. These aren't tracking cookies, which can easily be blocked, and depend on which websites you go to. This is your ISP, who has access to where you're surfing, using that data to insert more targeted ads. To its credit, the company has tried to be quite careful about keeping data private and setting it up in a way that it believes is impossible to trace the data back to an individual user. However, we've all heard stories about "anonymous" datasets that turn out to not be particularly anonymous. The company does also offer an "opt-out" solution, but how many people are even going to realize that their ISPs are a part of this program at all? It's also not entirely clear from the article where these ads are inserted, since most users spend little (if any) time on an ISPs own sites (however, some folks who have seen the ads suggest they appear... well... everywhere). While it's an extreme idea, just imagine an ISP combining this idea with something like what Rogers was caught doing in Canada (adding content to Google's page) and you could see how a greedy ISP might start putting its own, highly targeted, ads everywhere it wants, including places like Google's homepage. Hopefully, most ISPs recognize that this would lead to consumer outrage (and a lawsuit from Google), but would it be that much more complicated to be a bit more subtle and simply "replace" banner ads on certain sites without anyone really noticing? Yet another reason to encrypt all your traffic using a VPN or something to keep your ISP's prying eyes away from what you do.

Permalink | Comments | Email This Story

ISPs Selling Your Information Again

Dennis Yang — Wed, 26 Sep 2007 13:05:27 PDT

In the past, when ISPs have attempted to make money off their users' clickstream data, they have met with fierce objections. Now, a new company, NebuAd is asking ISPs to provide not only clickstream data, but also your personal information such as physical location -- and they then want to use this data to target ads to you. But not to worry, your embarrassing halitosis problem won't outed by a traveling salesman selling mouthwash, since according to the company's CEO, "We only look at consumer sites - not ones that are sensitive. So if you go to a sex site, we don't track that. If you look up something for HIV positive, we don't look at that. But if you are planning travel to the South of France or are researching a Lexus SUV, we do track that." Uh yah, right. Ad companies always have the users' best interests in mind, don't they?

Permalink | Comments | Email This Story