(Mis)Uses of Technology

by Mike Masnick

Filed Under:
advertising, clickstream data, isps


ISPs Able To Use Your Surfing Data To Insert Their Own Ads Everywhere

from the privacy?-schmivacy dept

Earlier this year, we wrote about the fact that many ISPs were making good money selling your clickstream data to various companies for tracking purposes. Now there's a new advertising company that's come along to take advantage of this. The Associated Press has an article about NebuAd, a company that works with ISPs to use your clickstream data to better target advertisements to you. These aren't tracking cookies, which can easily be blocked, and depend on which websites you go to. This is your ISP, who has access to where you're surfing, using that data to insert more targeted ads. To its credit, the company has tried to be quite careful about keeping data private and setting it up in a way that it believes is impossible to trace the data back to an individual user. However, we've all heard stories about "anonymous" datasets that turn out to not be particularly anonymous. The company does also offer an "opt-out" solution, but how many people are even going to realize that their ISPs are a part of this program at all? It's also not entirely clear from the article where these ads are inserted, since most users spend little (if any) time on an ISPs own sites (however, some folks who have seen the ads suggest they appear... well... everywhere). While it's an extreme idea, just imagine an ISP combining this idea with something like what Rogers was caught doing in Canada (adding content to Google's page) and you could see how a greedy ISP might start putting its own, highly targeted, ads everywhere it wants, including places like Google's homepage. Hopefully, most ISPs recognize that this would lead to consumer outrage (and a lawsuit from Google), but would it be that much more complicated to be a bit more subtle and simply "replace" banner ads on certain sites without anyone really noticing? Yet another reason to encrypt all your traffic using a VPN or something to keep your ISP's prying eyes away from what you do.

Reader Comments (rss)

(Flattened / Threaded)

  1. identicon
    jon burg, Dec 11th, 2007 @ 9:49am

    ISPs own the pipeline, not the user

    This is rediculous. This isn't clearly in the terms of service, and if we've learned anything from Comcast and Facebook it's that this is a BAD idea.

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, Dec 11th, 2007 @ 10:24am

    Go right ahead, ISP, I will block your ads just like I block everyone else's

    reply to this | link to this | view in thread ]

  3. identicon
    kc2keo, Dec 11th, 2007 @ 10:26am

    HRM... Dont like it...

    I don't like the fact that the ISP will stoop to this dirty level of AD insertion. I am against comcast for throttling my torrent traffic and now I suspect they are killing my apache traffic on port 8080.

    Maybe users who use Firefox with certain extensions on it like adblock plus and noscript will not see any inserted ads or suspicious scripts if any when browsing.

    reply to this | link to this | view in thread ]

  4. identicon
    Anonymous Coward, Dec 11th, 2007 @ 10:32am

    "what Rogers was caught doing in Canada (adding content to Google's page)"

    Jeez, please stop writing that. Rodgers inserted their message in the same browser window, above the Google page. They didn't modify the Google page.

    reply to this | link to this | view in thread ]

  5. identicon
    comboman, Dec 11th, 2007 @ 11:18am


    Rodgers inserted their message in the same browser window, above the Google page. They didn't modify the Google page.

    From the user's point-of-view, how is that not modifying the Google page?

    reply to this | link to this | view in thread ]

  6. identicon
    k0zl0, Dec 11th, 2007 @ 11:41am

    I find this to be quite amusing. This is exactly technology my previous company was reviewing a couple years ago as an additional income stream for serving free wifi at hotels. What the technology does is it steals ad revenue of the banners by replacing existing banners with their own. Very shady. This is taken it one step further by adding in tracking at the ISP level by a third party company, which is just a terrible Idea.

    reply to this | link to this | view in thread ]

  7. identicon
    Carme, Dec 11th, 2007 @ 12:35pm

    Which is it?

    I'm lost. Just a short while ago you couldn't see any problem with a Chinese programmer that wrote an add-on that replaced the ads in a software with his own ads. It's probable that in that case too users weren't aware that they were given ads from a different source. So, which is it? Is replacing someone else's ads "competing" or "greedy" and grounds for a lawsuit?

    reply to this | link to this | view in thread ]

  8. identicon
    Erik, Dec 11th, 2007 @ 12:56pm

    Just because they can serve more ads to users doesn't mean that they should. I'm pretty sick and tired of the nonstop marketing on the internet all the time. Places like Craigslist have proven that you don't need to be all-ads-all-the-time to turn a profit.

    By the way, the article notes that you can opt-out but I can't find a link to do so.

    reply to this | link to this | view in thread ]

  9. icon
    shanoboy (profile), Dec 11th, 2007 @ 12:57pm

    quick question

    So, besides using something like the Onion router to surf anonymously, what other ways is there for an average user to surf without being tracked by their ISP or anyone else? The Onion router is so slow.

    Is surfing through a VPN on personal home level a viable possibility for the average home user?

    reply to this | link to this | view in thread ]

  10. identicon
    Anonymous Coward, Dec 11th, 2007 @ 1:25pm

    I am not quite sure where or how these ads are to be inserted. Is the plan to use the data in a fashion similar to goggles ad sense, by individual publishers that subscribe to the service ?

    Interesting. Would that mean that if you say went to IMDB, instead of getting ads for movies you would get ads for dominance and submission web sites because that is where 80% of your time is spent ?

    THINK OF THE CHILDREN in the family !

    reply to this | link to this | view in thread ]

  11. identicon
    Anonymous Coward, Dec 11th, 2007 @ 1:45pm

    I don't think it will be long before some smart bugger works out how to block this crap coming from your ISP and produces a Firefox extension or the like.

    reply to this | link to this | view in thread ]

  12. identicon
    TSO, Dec 11th, 2007 @ 1:45pm

    Just what phisers have been waiting for!

    Once people get used to this "insert" and start trusting it...

    http://myphishingsite.com/ -->

    "Hi! This is Rogers ISP. Your balance is running out, and we are warning youu about that. Please enter your full name, address, credit card number and PIN here to refill your balance!"

    reply to this | link to this | view in thread ]

  13. icon
    Steve R. (profile), Dec 11th, 2007 @ 5:51pm

    Marketing - America's drug of choice

    As with any addict, the solution is more, more, ever more. The fact that our screen is cluttered beyond hope of reading is irrelevant. Feed me more.

    reply to this | link to this | view in thread ]

  14. identicon
    Brian Walsh, Dec 11th, 2007 @ 9:53pm

    What if they don't overwrite

    So what if the ISP/NebuAd doesn't write over websites but partners with sites, much like AdSense? They wouldn't be hijacking the user experience, but would be targeting the ad based on your habits. I agree that there may be privacy concerns, however, if ads can be a bit more targeted than they are now, I am interested. I know that the ad I just checked on my blog from AdSense is for Ambien. Not very targeted!

    reply to this | link to this | view in thread ]

  15. identicon
    frontierwv, Jan 5th, 2008 @ 8:48pm

    Frontier Communications now hijacking too

    Good article, I have not seen this posted enough, users need to be more aware of this! You can now add Frontier Communications to the list of web address hijackers. They do not go to any trouble to inform users of how this effects their privacy. So no we have to watch our own privacy from non-neutral ISP's. They are after the $$$'s and screw users privacy. FRONTIER REDIRECTING DOMAIN NAME REQUESTS REROUTING YOUR REQUEST AND COLLECTING INFORMATION ABOUT YOU!!! JANUARY 2008, LOCATION CHARLES TOWN WV, NEWLY IMPLEMENTED BY FRONTIER COMMUNICATIONS! I was typing in a URL address browsing the other day and typed the address wrong. suddenly I was directed to ┬╗search.myway.com. Frontier sponsored page. Usually and what is expected is that is "can't find " so I was thinking that I had a browser hijacker. After going through my system six ways from sunday. search.myway.com is commonly associated with spyware/virus issures and as far as I am concerned if I type in a URL just tell me it doesn't exist DO NOT REDIRECT MY INTERNET REQUESTS WITHOUT MY KNOWLEDGE!! I started looking at changing my DNS server to something other than frontier. Whammo problem fixed. SO if you think you have a virus problem, it may just be YOUR ISP!! After Calling tech support they told me that they are trying out DNS Redirects in Charles Town. So if you type in a URL address and Frontiers DNS server don't find it they redirect you to content provided my search.myway.com with frontier branding on it. Virus programmers do this if they can at a local level, but an ISP doing it on Domain Name Servers is DISHONEST, SNEAKY and WRONG. Especially if they don't tell you about it or make. Now, what to they do with this information. Here's their privacy policy ther is an IMPORTANT sentence at the end that has a lot of ramifications!! "MYWAY PRIVACY POLICY!! We do collect anonymous or non-PII about you in connection with your use of the Site. For example, each time you come to My Way, we collect the limited information that your browser makes available whenever you visit any website: including (a) your Internet Protocol (IP) address, (b) your domain (e.g., whether you logged on from compaq.com or whitehouse.gov), (c) the address of the last URL you visited prior to clicking through to the Site (d) your browser and platform type (e.g., a Netscape browser on a Macintosh platform), (e) your browser language, and (f) the data in any undeleted cookies that your browser previously accepted from us. In addition, we, our agents and our commerce partners may use cookies, "pixel tags," "clear GIFs" or other tracking technologies in connection with the Site. For example, when you visit My Way, we place a small text file -- called a "cookie" -- on your computer that allows us to identify your web browser. Cookies and other technologies are used on our site to assist us in understanding aggregate usage of the different areas of our service in order to improve the quality of our service. We also capture your source IP address which is a standard practice for most web sites. We in no way associate cookie and IP address data and also do not use IP address data in conjunction with any personally identifiable information. Cookies and other technologies are also used to customize the service based upon what site you arrived from and to store your preferences and settings. We note that information collected by our commerce partners will be subject to their privacy policies, not this Privacy Policy." After calling frontier and telling the tech I did not want this he Failed to tell me that I can opt out of their "REDIRECT SERVICE/DNS SPY/TRACKING PACKAGE" whatever you call it....heres the FAQ ┬╗www.frontierhelp.com/faq.cfm?qstid=587

    reply to this | link to this | view in thread ]

  16. identicon
    Nice User, Feb 1st, 2008 @ 9:57pm

    Don't Believe Everything You Read

    Use Mozilla Firefox with the AdBlock and Filterset.G add-on's and this article will be pointless. I never see ads. Never.

    reply to this | link to this | view in thread ]

  17. identicon
    H, Feb 3rd, 2008 @ 7:30am

    Re: Stopping ISPs from inserting in our personal e

    If you ever find a way to stop them from inserting in my email, would LOVE to do that. Am 64 and no whiz but don't like them using my email to hype their stuff.


    reply to this | link to this | view in thread ]

  18. identicon
    Whatchutalkinabout, Feb 19th, 2008 @ 3:29am

    Re: Frontier Communications now hijacking too

    Be a good chap and please learn to use the return key. I have no idea what your point is because there's no way I'm wading through all that text to find out.

    Ta-ta for now.

    reply to this | link to this | view in thread ]

  19. identicon
    Anne Onimus, Feb 20th, 2008 @ 7:58am

    This technology will be come more pervasive as time goes by. there are 4 or 5 companies developing the technology.

    The thing you folks are missing here is that the amount of ads you see isn't going to change, they will simply be more tailored to the things that interest you. If you go to a lot of automotive web sites then the system will feed you automotive ads, etc.

    The ads are injected by altering the requested web page enroute back to your browser. Any content being sent to your browser can be actively replaced, filtered, or redirected.

    ISPs can also use the same technology to enforce your paying your bill. In most cases programd like The Proxomitron can still be used to block these insertions. Microsoft is now also looking into incorporating it directly into it's products so that you will get ads inside of MS Word.

    You cannot stop this, there is too much money to be made and you cannot control what gets injected into the web pages you request. I work in this industry so I know for a fact that any data collected in not kept long term and user names are not retained, everything is session based.

    reply to this | link to this | view in thread ]

  20. identicon
    AD Dixon, Jul 1st, 2008 @ 4:22pm

    There is a very simple way to stop Microsoft from inserting ads into Word while you're using it. Use Open Office. But that's a different issue altogether. Word is a product you have paid for, and you have a right to expect it to be ad-free. I expect ads when I surf the web, but I resent having my private data shared.

    reply to this | link to this | view in thread ]

  21. identicon
    thomas, Apr 14th, 2011 @ 7:05am

    social networking site

    reply to this | link to this | view in thread ]

  22. identicon
    Kevin, Aug 5th, 2011 @ 11:16pm

    I have had both Verizon as well as Bright House and have noticed on CNN page while using Bright House there are more advertisements and a big popup that moves the entire page down then back up. Completely annoying.

    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.