ISPs' data collecting methods scrutinized
Reps. Markey and Barton are under pressure from privacy groups to regulate behavioral tracking
Controversy surrounds Internet service providers' (ISP) use of a technology called deep packet inspection (DPI), which allows an ISP to track a consumer's behavior online. This information can be shared with ISPs' business partners, usually a third-party firm, for behavioral advertising.
Fifteen of the nation's privacy and public interest groups, among them the Center for Democracy and Technology (CDT) and the Center for Digital Democracy, sent a letter to House Telecommunications and the Internet Subcommittee chairman Ed Markey (D-MA) and ranking member Joe Barton (R-TX). It urged the congressmen to investigate the plan of Charter Communications to capture all of the messages and activities of its Internet subscribers and share that data with NebuAd, a third-party firm, which plans to use the data to target consumers with specific ads. The groups also want Congress to hold public hearings about the practice of sharing data on private activities.
Markey and Barton have been investigating behavioral targeting. “We were pleased that you raised questions regarding the legal status of this plan under existing privacy laws relating to cable systems,” the letter read. “We are concerned that such ISP wiretapping schemes may violate multiple privacy laws and policies.”
“We think there are some privacy implications that deserve some attention,” says Alissa Cooper, chief computer scientist at the CDT. “Consumers need more information in general about how this type of behavioral advertising works and how this fits into privacy law.”
In an e-mail to DMNews, NebuAd CEO Bob Dykes said: “Corporate policy mandates that NebuAd or its ISP partners provide robust, direct notice and disclosure to subscribers, with ample opportunities to opt out both in advance of the deployment and on an ongoing basis.” The Federal Trade Commission and Charter did not comment by press time.
DPI can also be used for ISP service or tiered service offerings and, in some cases, copyright enforcement. Though DPI is used for lawful intercept when government agencies request citizen data from an ISP, the US has yet to mandate use of the technology for online commerce. ISPs have also faced scrutiny from law officials and music executives for not using the technology to protect copyrighted material. The International Federation of the Phonographic Industry (IFPI) and record labels EMI, Sony BMG, Universal Music and Warner Music have filed lawsuits against ISPs, including UK-based ISP Eircom, for not protecting their copyrights vigilantly enough.
At an April IFPI Music Matters conference in Hong Kong, Paul McGuinness, founder of Principle Management Ltd. and manager for bands including U2, reportedly accused the ISP community of profiting from increased peer-to-peer traffic at the expense of the music business.
“ISPs would argue they have been neutral bystanders to the spectacular devaluation of music and the consequent turmoil in the music business; I don't believe that is true,” he said, according to a transcript of his remarks.
He added that researchers estimate that, as of the end of last year, up to 80% of ISP traffic is on peer-to-peer networks such as BitTorrent and Limewire, and contended that the “large majority of that traffic is unauthorized music and movies.”