By William G. Korver, Reporter, BroadbandCensus.com
WASHINGTON, July 17 – With other panelists calling for comprehensive privacy legislation, NebuAd’s CEO told a House Energy and Commerce subcommittee on Thursday that the internet advertising company would be “satisfied” if an “opt-in” rule became mandatory.
During the a hearing on “What Your Broadband Provider Knows About Your Web Use: Deep Packet Inspection and Communications Laws and Policies,” before the Subcommittee on Telecommunications and the Internet, Chairman Ed Markey, D-Mass., said that most of subcommittee members favored an opt-in approach.
Under an opt-in rule, internet consumers would have to consent before personal information could be shared. Current law more closely replicates an “opt-out” model, with consumers required to affirmatively object to data-sharing by businesses.
Markey said that most Americans do not believe than the implied consent of the opt-out model should be the nation’s privacy standard.
In other words, under Markey’s approach (and that of a majority of the subcommittee), if a consumer did not give explicit consent, NebuAd would not be able to monitor a consumer’s web habits.
NebuAd’s business model gleans information from broadband carriers who are customers of NebuAd without prior consent of either the consumers or the owners of web sites that the internet consumers visit.
Charter Communications, for example, was considering using NebuAd.
David Reed, a professor in the Media Lab at MIT and a developer of the Internet in the 1970s, said that NebuAd’s actions are like a mailman opening and reading the contents of the mail before it is delivered.
Prompted to dismiss the analogy by Rep. Cliff Stearns, R-Fla., NebuAd Chairman and CEO Robert Dykes did so: the post office is a government-owned enterprise, while NebuAd is a private company.
UPS and FedEx are also private companies, yet the public does not expected them to engage in such activities, countered Markey.
Attempting to calm fears, Dykes reiterated his position over the past several weeks: NebuAd has and will continue to provide “robust” notice to users and allow a user to op-out of information-sharing with NebuAd.
When a user selects to opt-out, NebuAd immediately deletes the information that it has stored on the individual and ceases to monitor the individual, said Dykes.
He said NebuAd only surveys categories like travel and automotives and maps these categories against de-identified user profiles. The Center for Democracy and Technology and other privacy groups claim that NebuAd’s model is pseudononymous, not anonymous.
Alissa Cooper, CDT’s chief computer scientist, said her group had “warned that that consumers are increasingly concerned about the growing amount of personal data being collected by online advertising practices,” and urged the passage of comprehensive privacy legislation.
In his testimony, Dykes said that officials from his company met earlier this week to discuss privacy issues with CDT. He said that “self-policing” in the advertising world has worked.
Dykes also committed to a privacy audit of the company’s practices.
Attempting to steer privacy oversight to search engine giant Google, Scott Cleland, president of Precursor, a consultancy engaged in advocacy against network neutrality, blasted the company as “the worst privacy offender on the Internet” and engaging in “unauthorized web service surveillance.” He got a laugh out of his description of the company as “J. Edgar Google.”
Information about web clicks are a true treasure trove about sensitive personal data, he said. As a result, Congress should pay more attention to Google’s privacy practices than those of broadband providers, Cleland said.
Also testifying against NebuAd’s practices was Bijan Sabet, general partner for Spark Capital. Although such “deep packet inspection” is a milestone in technological innovation, Sabet counseled the members of the subcommittee that the practice threatens the openness of the Internet. He also championed Net neutrality.