NebuAd Program May Violate Wiretapping Laws

On the eve of a Senate hearing on behavioral advertising, the Center for Democracy and Technology has published a report everyone should read. Your Internet service provider doesn't want you to read it, nor do companies like NebuAd, which is all the more reason to check out the CDT research.

NebuAd, you may recall, is the Silicon Valley startup with the latest idea to strip away your online privacy in the name of increasing ISP advertising revenues. Under the scheme, an ISP allows NebuAd to copy the contents of the individual Web traffic streams of the ISP's subscribers. NebuAd then creates a record of each individual's online behavior and uses it to target ads to the consumer.

We're not talking tracking cookies here. NebuAd copies all or substantially all of your online movements, including destinations that do not use cookies, such as political, advocacy or religious sites.

"Based on what we know so far, this new advertising model appears to defy reasonable consumer expectations and may violate communications privacy laws," says CDT President and CEO Leslie Harris.

According to Harris, those violations may include federal and state wiretap laws if the ISP does not provide notice of the program and gain prior consent of users before subjecting them to 24/7 online tracking. How many users would agree to that? Not many, I'd bet.

Robert R. Dykes, NebuAd's chairman and CEO, will no doubt tell lawmakers July 9 that his company only wants to give users a more targeted advertising experience and provide ISPs with additional revenue streams. That's what they always say. They never, however, want an opt-in scheme, well knowing what the answer will be.

"Consumers do not expect their ISP to be copying their Internet communications and selling them to third parties," says CDT Vice President Ari Schwartz.

At least not without their consent.