Data Centers

Behavioral targeting: The government wants some answers

It appears Behavioral Targeting and similar applications are more prevalent than anyone knew. It's important for anyone using the Internet to understand this, especially if their ISP has incorporated Behavioral Targeting.

It appears behavioral targeting and similar applications are more prevalent than anyone knew. It's important for anyone using the Internet to understand this, especially if their ISP has incorporated behavioral targeting.

-------------------------------------------------------------------------------------------------------------------

Michael KassnerIn the article "Behavioral Targeting: What You Need to Know" I covered just the technical-side of behavioral targeting. I even mentioned that I'd leave the ultimate question of "What's it all mean?" to others. It seems the question is starting to be addressed; even the U.S. government is interested. The U.S. government's involvement and other interesting information can be found in Susan Albright's (MinnPost.com) article "Internet Privacy Gets Congress' Attention."

Letters and responses

Rep. Edward Markey (D-Mass) and his colleagues from the House Committee on Energy and Commerce are concerned enough to have sent formal questionnaires to 33 major Internet players, including Google and Yahoo. The letters asked very pointed questions, for example:

"Has your company at any time tailored, or facilitated the tailoring of, Internet advertising based on consumers' Internet search, surfing, or other use?"

As of today, 25 responses are posted on the committee's Web page, "Responses to August 1, 2008 Letters to Network Operators Regarding Data Collection Practices." You may want to see if your ISP is one of those chosen.

The two responses I focused on were from Yahoo and Google, initially due to their obvious importance. Then it hit me, they're not ISPs. So how do they get behavioral targeting information? That's hard to say as the written responses from the network operators are guarded at best, offering only minimal information. Ellen Nakashima of the Washington Post presented some clues as to how Google's behavioral targeting works in the article "Some Web Firms Say They Track Behavior without Explicit Consent":

"Google did note that it had begun to use across its network the "DoubleClick ad-serving cookie," a computer code that allows the tracking of Web surfing.

Alan Davidson, Google's director of public policy and government affairs, stated in the letter that users could opt out of a single cookie for both DoubleClick and the Google content network. He also said that Google was not yet focusing on "behavioral" advertising, which depends on Web site tracking.

But on its official blog last week, Google touted how its recent $3.1 billion merger with DoubleClick provides advertisers "insight into the number of people who have seen an ad campaign," as well as how many users visited their sites after seeing an ad. "

Yahoo readily admits to using behavioral targeting. What they don't mention is pointed out by Heather Green and Catherine Holahan of BusinessWeek in their article "Yahoo: Not So Private After All":

"Yahoo! says it won't target you... to your face. On Aug. 8, the Internet giant announced that it will allow users to opt out of behavioral targeting on its site. But in fact, that change only affects behaviorally targeted ads that users see. The company will still collect information on the Web sites visited by unique computers, it just won't serve ads to individual users based on the info.

"This isn't rejecting cookies outright, you are just preferring not to see the ads," says Anne Toth, Yahoo's head of privacy and vice-president of policy. "

Legislation

Rep. Markey wants to introduce legislation touted as an online-privacy Bill of Rights. The bill will place special emphasis on requiring Internet users to opt in, assuring the user makes a conscious choice. This would satisfy many privacy experts, as consumers aren't aware of the opt-out clauses already in use. It will be interesting to follow; even the committee has mixed opinions. Rep Cliff Stearns (R-Fla) feels this kind of legislation will damage small companies, preventing them from reaching customers with their ads. He favors transparent self-regulation as the best solution for all concerned.

Final thoughts

It's too early to tell what the Internet will look like when the dust settles. I'm just glad that all affected parties are becoming aware of behavioral targeting and its implications.

-------------------------------------------------------------------------------------------------------------------

Michael Kassner has been involved with wireless communications for 40 plus years, starting with amateur radio (K0PBX) and now as a network field engineer for Orange Business Services and an independent wireless consultant with MKassner Net. Current certifications include Cisco ESTQ Field Engineer, CWNA, and CWSP.

About

Information is my field...Writing is my passion...Coupling the two is my mission.

76 comments
Michael Kassner
Michael Kassner

I have recently read that the two main companies that are involved with behavioral targeting have fallen on tough times. NebuAd has lost all of its customers and their CEO. http://arstechnica.com/news.ars/post/20080905-nebuad-loses-ceo-business-model-in-wake-of-tracking-furor.html Phorm is also having its own problems with their stock plummeting to an all-time low. http://www.theregister.co.uk/2008/09/04/phorm_stock_market_announcement/

Neon Samurai
Neon Samurai

I responded in the other forum but it was worth a second happy face here too. Sometimes the market does the right thing and truly surprises me.

Dumphrey
Dumphrey

its good to know we have a bit more breathing room again. Ya know, I just realized, this could have also jepordized government use of the internet as well. Their traffic could have been sniffed, recorded, and not in their control. The privacy of the individual as well as of the government..

Neon Samurai
Neon Samurai

.. check out thelasthope.org/talks.php "privacy is dead, get over it". It's three hours listening to Mr Rambam tear apart the alusion of anonymity. As he says at the end; the information is out there already. You can't put the genie back in the bottle. You can't errase your already documented past. You can only be aware of it going forward. It's not to make everyone buy shares in the local tinfoil hat factory; information is power and right now the Gov is doing all it can to remove restrict that power to the elite. Information is the new "right to bare guns". I know it's already changed my own mindset when online. I'm not moving to a log cabin in the forest but I'm far more aware of what I'm doing and what information I'm handing out freely. (example; Nixon went on TV talking openly about US and USSR military strength during the cold war. That information is out there, open and public knowledge. The US gov re-classified that information recently in there efforts to take the guns (information) back from the public.)

Tearat
Tearat

It may be to late for people in the present to protect their information But they can do something to stop it happening to others in the future In other words do it for the children of tomorrow

Michael Kassner
Michael Kassner

Techno Rat and Neon Samurai You both make great points and are something that I'd like to see discussed more. I'm fortunate, my son is adult-age now and very tech savvy. Even still, I have to make deliberate attempts at informing him of privacy issues and how to manage his on-line presence.

Michael Kassner
Michael Kassner

My son is a senior with a double major in business and HR. He's looking at business law next. I'm definitely a proud single parent.

Neon Samurai
Neon Samurai

.. just keeping user seporation on the machines at home is going to be a nightmare for me; and, I look forward to each and every way she may get around my best efforts. If she doesn't take after me so much and shows little interest in the machines then that's just fine too. Either way, I should be so lucky as to have her grow up like the adult daughters of Info Sec/Admin I've heard of so far. Here's hoping that healthy self esteme and respect for personal privacy will help.

Neon Samurai
Neon Samurai

.. you can only be aware of it and what your putting out there from now on. I think it is worse for the children of tomorrow too as they currently have very little concept or expectation of privacy. Worse still, as a parent, how do I low-jack my child while still teaching her the value of privacy. And, if she turns out to be like me, she'll figure out ways around low-jacking or any other security device she takes interest in as a puzzle to solve. I actually just read about gps tracking children's watches that can be locked on the wrist. I have a few issues with this technology. At the same time, with one in five girls below age 14 being sexually active (too "fit in" rather than by desire), I have some thinking to do before my little one gets to that age. And all this in today's society where trying to retain one's right to privacy and remain anonymous is more often being met with; "why, what's the big deal? What have you got to hide?"

JCitizen
JCitizen

The crazies man! You have to hide from the crazies out there. Especially if they all ready know you personally exist; and you fall into a niche they are interested in. I fear that worse than the government, and have first hand experience with it. This is the primary reason I want anonymity. And one eye cocked toward the government too!

Tearat
Tearat

I will have look at that When people ask the question ?What do you have to hide? I wonder if they want you to tell them what they have forgotten In other words ?Is there something I have forgotten that I don?t want anyone else to know about? If not. I wish they would get out of the road and let others get on with the job of securing their privacy for them

Neon Samurai
Neon Samurai

I'm going to have to come up with a few different ways to mess with one's head in response to that question unless they are in uniform. "your bank account number" or "your passwords" Those are two off teh top of my head. pull them off with a deadpan delivery and see if they stumble. I'll think of some more today I'm sure.

Tearat
Tearat

Someone asks you what you have to hide Say Yes that?s right you got it Then when they look at you and wonder or ask what you mean Say That is for me to know Now tell me why you think you have the right to ask anyone that question? What make you sooo special that you think YOU have the right to know what I or anyone else has to hide? It?s not about what someone has to hide It?s about the right to hide the personal details of their life But here are some of the things I think are important to hide My bank account and credit card numbers and passwords All of the other financial details of my life Every thing else is none of your business That should shut most of them up Neon Also one of the things that will make the snoops run for cover Is a law that makes it illegal to hold any information about anyone without the permission of the person it is about Knowing whom the information is about is irrelevant There would have to be some exceptions Those would be legal groups like law enforcement And some government departments Everyone else should have to get permission from a judge Then all of a sudden all that info they have is not worth the fines or jail time And most important There is very few who will want it and you can forget about selling it That is a very good way to empty the databases of most snoops Just make it illegal to keep the info they have It also makes any unauthorised spying a very dangerous thing to do

Michael Kassner
Michael Kassner

As a writer, I had to make a conscious decision about my privacy quite awhile ago. I suspect you know know my conclusion. I'm just an optimistic type (I thank my wonderful mother). In my travels I find that everyone is in the same boat and for the most part exceptional in how they treat others. Let's face it everyone has bad days.

Neon Samurai
Neon Samurai

I know I've things out there that can't be taken back; bad days suck but we all have them. I just try to recognize the bad day early and save posting for another day. The test subject the Mr Rambam uses is actually a writer. They actually ended up writing a book after a year long bet to see if the fellow could be tracked and located so many times within the year. They also had to cancel the bet after about the sixth time he got a call out of the blue from investigator "your at blah blah location and your busted."

JCitizen
JCitizen

but, non-the-less keep one ear on the railroad track for abuse, by the government. We in the NRA have lived this, and fought the hard fight, and won! We did it peacefully, and totally within our rights. I think we can continue to be vigilant, and also be keenly aware when to come to action when something has gone too far. Because most of these arguments are within the wired technology, it really comes down to the same Constitutional rights(US) that phone tapping falls under, in my opinion. I realize this is seen as impractical because of open transmission of packets; but no one has challenged this in court, that I'm aware of. It could get interesting if proven things were getting out of hand. I feel they will too; and be found out. Remember, before Sept 11. 2001, we already had the actionable intelligence we needed to stop what happened. We don't really need much of a change to make us safe. We only needed a LITTLE cooperation between government enforcement entities. This is the crux of the matter. How much of this will stand the test of time? We will find out whether we want to or not.

ToadWiz
ToadWiz

I don't want to see ads, but I suggest that Opt IN is the correct answer. If Opt In is the law, ISPs will have to scramble to find reasons to convince us to sign up for it. I, for one, would like to know just how much of a break my ISP will offer me to accept advertising. Think about it - this is about MONEY. If my ISP has to give some of that money to me, it will give us an idea of the relative value of the ads, something that should clue in a thinking person as to how far the ISP will go to obtain the money in the first place.

seanferd
seanferd

When Phorm was doing DPI targeting in the U.S. (the company may have been under its old name at the time), they claimed that it was all opt-in. The problem with that story is that no one knew anything about it, or it would have made the news at that time. Yet they were still running these "tests" while no one knew to opt in. Strange, that. Better still, they still won't say which ISPs were doing business with them, which should not be a problem if the knowledge were publicly available at the time of the testing. I definitely think you have a good idea, though: some bit of compensation should be offered for opting in. They may get more people that way. I still don't like the DPI method of doing this, though.

seanferd
seanferd

I am sorry to have missed them until now. I hadn't even considered the potential for people abusing the behavioral targeting companies. :^0 As to the fact that a profile is still created even if you opt out, well, I must have been having a "senior moment". I suppose it is one of the reasons that I don't care for DPI being used in this manner.

JCitizen
JCitizen

I put the first link in my header straight away. Like you said, I'm going to have to have fun with the second one tomorrow(!!), if I don't get too many online remotes going on! Dang! I'm sure becoming increasingly indebted to you and others here at TR! I'm sure I can dream up some way to repay. Depending on what one's interests are, that is! I've been financially strapped lately so of course that is not what I am talking about. As I get a hold on what others interests are maybe I can come up with a trade? =) Information like this is one of my favorites!

seanferd
seanferd

I don't get to hang around like I used to do, either. Hi! I wish I could follow certain authors on TR more directly as well. This works better than it used to (sorted by date) http://search.techrepublic.com.com/search/michael+kassner.html?o=1 Or this: http://www.google.com/search?hl=en&newwindow=1&as_q=&as_epq=Author%3A+Michael+Kassner+&as_oq=&as_eq=&num=50&lr=&as_filetype=&ft=i&as_sitesearch=techrepublic.com.com&as_qdr=all&as_rights=&as_occt=any&cr=&as_nlo=&as_nhi=&safe=images If you "Show Options" you can sort by last 24 hrs, week, date range, etc. Besides, doing this brought me to a view of Wonder wheel which had this http://www.google.com/search?q=Author:+Michael+Kassner++site:techrepublic.com.com&hl=en&lr=&num=50&newwindow=1&output=search&tbs=ww:1&tbo=1#q=michael+kassner+breakdance&hl=en&lr=&num=50&newwindow=1&tbs=ww:1&tbo=1&fp=1&cad=b which I just find plain amusing.

JCitizen
JCitizen

But I musn't complain, I guess, as I've been extremely busy. I really hate missing Michaels articles though. I wish I could get just his articles, like I do the "Examiners".

seanferd
seanferd

frequently I see it as the result of a highly disorganized mind. No attention span, no recall. If something fails in short-term memory, it'll never make it into long-term storage. (Long-term here could mean 24hrs ;) ) I remember this from childhood, and I see plenty of youngsters in my little world. "I can't find my other shoe," fits nicely into this socket. :^0

Michael Kassner
Michael Kassner

I think that maybe what's considered selective though when considering youth. I seem to remember that very process.

Michael Kassner
Michael Kassner

It does seem like I'm at a saturation point. If I put something new in, it feels like something old is lost.

seanferd
seanferd

Some people never seem to have them, and I believe that they are largely age-independent. I believe that, while "senior moment" is a somewhat amusing and useful expression, it is a misnomer, somewhat like "dementia praecox" which is how schizophrenia had been described in the days of yore. There was an implicit assumption that all those who survived to "old age" would lose some control of their mind. Hence, the Latin for "early-onset dementia". From your writing, I believe that you are in no danger here. :)

Michael Kassner
Michael Kassner

Sean, if you are having a senior moment, I'm in serious trouble.

Neon Samurai
Neon Samurai

There was an Opt-In and compensation advertiser a while back. They dumped a small app on your computer to display adds and track when you where actually using your computer. The computer owner then recieved a small amount for each ad or hours online. When the amount hit a minimal level or more, a cheque was sent out. And did the autoclickers ever develop quickly. By the time they shutdown the system, most people where using a second utility that moved there mouse and clicked on things while they where away. I think the Opt-In and compensation would very quickly get abused in the same way by kids leaving there machine on over the weekend and automated to collect the money.

Neon Samurai
Neon Samurai

This was about '99 or '98 when the voluntary spyware hit the local university dorms. I didn't see anyone get rich from it though by ethical or crooked means. I can't even remember the name of it now though I'm sure there where a few companies exploring the method. It may well have been Phorm.

Michael Kassner
Michael Kassner

Neon Samurai, I think you are referring to Phorm in a former life when you refer to the advertiser. Phorm morphed recently from 121Media and that's exactly what they did in their previous life. Small world, huh.

Michael Kassner
Michael Kassner

The interesting thing in the opt in versus opt out debate is that a profile is still built. By saying that you don't want the service only means the ads aren't sent to your browser. I find that somewhat ironic as the part people have the problem with still takes place.

Doug Vitale
Doug Vitale

Yes, my ISP is on that list. While I certainly don't want my ISP keeping track of which sites I visit, I do not mind if Google or Yahoo target me with selective advertising so long as they cannot trace any information in Firefox's cookie cache to my real world identity. For example, if my browser accepts a cookie identifying me as "%2F71161889%2F204a802f96^" and then Google and Yahoo display certain ads based on which sites I have visited, that is fine since they are targeting my virtual identity and not my personal identity. Besides, I use AdBlock Plus :-)

Michael Kassner
Michael Kassner

You focused on the topic that have privacy experts concerned. Your ISP knows all about you (real identity), so without any oversight, mission creep could occur very easily.

Neon Samurai
Neon Samurai

I get the meat vs digital identity but I can't help but think that is a daydream born out of the same place that "keyboard courage" comes from; "No one knows who I am, I'm on the Internet. I can say things I'd never say in person." That belief of anonymity has already got many highschool students and younger kids in trouble. One of the examples often sited is a kid that left highschool and did law in University. When he went for interviews to do his time before writing the final exam, he couldn't find a placement. He'd been a dick in highschool to people online believing in anonymity and the myth that the internet is temporary. His perminantly recorded behavior kept popping up on the background checks and screwing his non-virtual life. (It was part of a discussion on the possability of a "children's internet" where user history would be destroyed at age of maturity; give them a sandbox to fight over dump drucks until they grow up then give them a clean slate in the grown-up's internet so they're not screwed by history.) It makes me wonder how anonymous a random identifier really is. Like Gibson's Netrunners, we all have a mono- filiment trail leading from our avatar back home.

JCitizen
JCitizen

but oddly enough, not for me personally. Once you've become a participant in activities that could potentially make you a target of interest, then you are always a target. In my past business, I had to be totally open with the government with my activities, and completely cooperate with them to operate my interests. They were very conjenial, and courteous. But a young associate of mine said I'm on a HomeLand Security flying watch list; basically like any other terrorist. I'm not concerned about it personally, as I've become too complacent about working with the feds. But I don't recommend this for the general public. I would still like to think Joe Citizen could still go incognito about his business; kind of like the character in the 1984 book of yore. Who hides from the monitors, to get a slice of privacy. Yeah! Joe(Jay) Citizen! Hmmmm!

PasserDomesticus
PasserDomesticus

Yahoo and Google have browsers. When you use them they can extract and store information. That is one reason why I never use a Google product. For browsing I have used Ixquick (www.ixquick.com)for the last couple of years. They promise to throw away the IP address within 48 hrs (why they keep it even for a short period I don't know). They are now the first to have the European Privacy Seal. So I made them my home page.

gparsons
gparsons

Yep. I quit Google a long time ago. I've never used their apps for the xact same reason -- privacy! I now use Clusty.com as a subsitute (for the privacy policy). But now I'll only use their search engine if I really find myself in a bind. I've had doubleclick.net targeted as a delete or disallow on my home machines for years and at work for the past number of years.. Only one of two domains I completely block for my co-workers. I see Google and Apple packets blocked on my firewall all the time! Don't forget to watch out for Apple!

JCitizen
JCitizen

it seems MBAM keeps most of them off my computer in the first place. Between it and SpywareBlaster, NIS 2009, and Adaware's Adwatch, my cookie bin(s) - lookin' pretty skinny!

Michael Kassner
Michael Kassner

I'm sure you read in the news about MS wanting to buy Yahoo. One of the possible reasons being forwarded by many people is the desire of MS to have this capability.

pgit
pgit

My ISP is on the list but they said they do no such thing. Right, they're too busy throttling p2p =D

Michael Kassner
Michael Kassner

Did their response letter make sense to you? I've heard from others that the response letter was exactly correct and others mentioned that the ISP was basically blowing smoke. I don't have any direct experience, so these sort of comments are very helpful.

pgit
pgit

From my past experience as director of operations/chief pilot of a corporate flight department I ad the generate documents that satisfied the lawyers. It appears twc is being honest, so far as that goes. The inspection may still be going on and entirely with their blessings. If you read their reply the right way.. Time Warner 'is not doing anything like this...' So do they have a parter or subsidiary that does? Typical congressional smoke and mirrors. They make it look like they are doing something about a serious privacy issue. But they knew full well they worded their letter so as not to really get to the bottom of it. If they really wanted to get to the bottom, they'd ask these ISPs if that function occurs AT ANY POINT ON THEIR WIRES, conducted by ANY party... No, I was not satisfied. But they were being honest. Unfortunately that means nothing in this instance.

Michael Kassner
Michael Kassner

I find that Google, Yahoo and Mircosoft are involved or thinking about getting involved. So it must be more involved than just planting devices at your local ISP.

Michael Kassner
Michael Kassner

The House Committee on Energy and Commerce sent out questionnaires to 33 ISPs (also included Google and Yahoo) asking about Behavioral Targeting. See if your ISP is on the list and if so how they answered the questions.

Tearat
Tearat

I have finally gotten a chance to read through some of this discussion I find it interesting that there is no mention of the fact There are companies placing files on your computer that you did not request That would be those darn cookies I would like to know who was the idiot that decided to use cookies They are altering the contents of my computer without my permission But no surprise there. Microsoft already thinks it owns every computer that uses Windows as an OS Thanks for the article Michael

Neon Samurai
Neon Samurai

I prefer to focus on how the technology is used rather than it specifically. Cookies have some very valid uses though the privaledge is easily and often abused. When I was developing websites, I was responsible about it. - No issuing of cookies from outside the applicable website. - Short time to live stamps. - Clear cookies as part of the log-out process. Use only what is required to make the webapp work. (Forms with a database back end; very early and barely "webapp" stuff.) With http being completely stateless leaving each new browser request as a potentially new client connecting, something had to be developed to track the same browser/user between url downloads. That was the original and ethical intent of cookies. Log in to page 1, page 2 verifies the form data, page 3 is the stuff behind the log-in prompt and a cookie file tracks the browser through the process. With my websites, logout linked to a closing processing page that would clear out anything I'd pushed down to the browser. It's the unethical use of third party cookies and tracking beyond the browsers visit to the website that I don't agree with. Leaving a cookie in place between visits so the user doesn't have to retype there username is barely acceptable but a feature I personally never make use of. The user name is a part of the authentication and leaving it on the local drive in a text file (sometimes barely encrypted) is an unnecessary security risk.

seanferd
seanferd

That crazy that these cookies (and whatever else) cause you such connection problems. Wow. (And that's some dumb malware/cookie behavior.) Do you have cable internet? I generally find that I don't have so much trying to get in, only occasional unsophisticated junk that Symantec or Online armor catch. I've not got the paid version of MBAM, so I haven't really thought about the features I don't have. Good to know it works so well - but I guess I'd kind of expect that. MBAM is such good software. (Oh please, God, let it stay that way!)

JCitizen
JCitizen

AdAware and MBAM do that for me. I knew something was off, because CCleaner couldn't always take care of my connection problems. Apparently misbehaving communications is very disruptive to the x64 Browser! It is a dead give-away that detection is not effective enough.

seanferd
seanferd

If you do a search after a cleaning, and find them in directories not scanned for them, you can add the custom paths.

JCitizen
JCitizen

whatever that means. I came to this old article from a new one Michael started on the subject. I always wondered why AdAware and other malware utilities seems to think cookies were so important. Of course it is the temporary internet files and these "flash cookes"(God knows what) that manipulate the PC for potentially nefarious purposes.

Neon Samurai
Neon Samurai

For me, that's the biggest offender these days. It crashes IE6 easily and rarely keeps layers seporated properly with firefox. For firefox, I often get a flash menu across the top that expands down underneath a large flash block in the content area of the page; thanks website developers and marketing overloards.

Tearat
Tearat

But I still find the attitude that you may place programs/files on the computer of anyone who just happens to view your web page without the permission of the person who is using that computer disgusting I do not consider clicking on a link or opening of a page to be permission I do not consider any automated process to be permission But what can you expect when people are seen only as an object to be milked for all the cash you can get A resource to be exploited Anyone with that kind of attitude will see privacy only as a barrier to be overcome in the endless quest to accumulate wealth But that?s the world we live in Money is more important than anything else So sad the only time most of these idiots wake up is when they hear death breathing over their shoulder

Michael Kassner
Michael Kassner

Perfectly said. Cookies in of themselves are harmless and as you mentioned almost needed to have a seamless Web browsing experience. It what's done with them that creates problems.

ederkley
ederkley

Thanks Michael for this very good set of articles. Between TR and the Ars Technica articles on DPI, I'm feeling quite enlightened. It is important for people to be aware of what information they are providing and the risks of doing os. Ideally, they should also have a choice in the matter although obviously it's our choise to be online. While online the individual is also choosing to give up a great deal of anonymity (often while under the illusion that it is more anonymous). What also has to be acknowledged is the very real risk of the inevitable loss of this collected information into the hands of those who would like to use it for malicious purposes. Whether that's spamming, identity theft, etc. We probably have to wait until identity theft happens to a prominent politician, judge or lawyer and then we might see some positive action... Interesting times... (Oh and Stainless Steel Rat ftw :)

Michael Kassner
Michael Kassner

Thanks for pointing that article out. They always have good information.

dallas_dc
dallas_dc

I am amazed that anyone is surprised at this! They are under pressure to create revenue and increase profit. It is only logical, that they can build a better mousetrap (get more eyes on their customer's ads) by doing this.

Neon Samurai
Neon Samurai

Well, unless the good folks at ca.gov are doing the same with the ISP around these parts. Hmm.. drat.. thought I had a solution; tunnel all my Rogers traffic through a trusted server on another ISP. That server is with Bell though. If Rogers is tapping the data feed, Bell sure as hl is too. Bah.. if profits where not the all important and ultimate goal. I'd almost trust an ISP to use such things for making all traffic move efficiently over there network. That profit motivation brings in the marketing and other business guy ideas not in the end users best interests.

TRDan
TRDan

Interesting grouping. My DSL provider is QWest, but my ISP is actually MSN (arranged by QWest). I would think MSN would be a MAJOR player.

seanferd
seanferd

a device to connect to, or otherwise "tap" undersea cables? I know there have been several programs for listening in on international communications. I suppose they must have many different ways to do this - even if it is just to "keep in practice" at coming up with and designing novel ways to accomplish these things. I still haven't looked, but the documents & report I saw for the equipment used to tap phone traffic at the COs was leaked by an AT&T employee. This was right around the time some New England residents (including a former PUC) were suing/trying to bring suit against Verizon (I'm pretty sure) for deploying similar equipment back in the beginning of ye olde warrantless wiretapping days. (Also quite well documented.)

JCitizen
JCitizen

about a particularly huge instrument placed at one of the Pacific rim locations near/on the California coast line. It was a pretty good show, and it was placed ingeniously so coastal observation would not detect the actual hookup point. PBS, can be your friend - sometimes*

seanferd
seanferd

Makes sense, since the ISP were installing DPI for the government, same as telcos were installing hardware in "secret rooms" to do the same for the telephone network. I can't remember what these were called, but I have archives on the stuff from a couple years ago somewhere. You know, the warrantless-wiretapping hardware.

JCitizen
JCitizen

Many of the main search sites are hosted inside the ISP. If I remember correctly they did this to help the traffic picture in the Wide Area Network picture for North America. So many folks are actually contacting a servier within the ISP "LAN" so to speak. And only go to the "cloud" when calls come for data not stored locally. Am I all wet on this? I'm sure I saw these servers at my local ISP when I visited last. They had them on a large rack all in a row, with names like the seven dwarfs. So they were hosting mirrors of the seven major search sites at that time. A lot of that information could be gathered before it even left the ISP. I'm sure they sold the information to cushion the bottom line. I'm guessing it was: MSN Yahoo! Google Ask Alta Vista AOL LyCOs - (at that time)

Neon Samurai
Neon Samurai

Big money using the same techniques criminals use yet somehow it's all ok.

Michael Kassner
Michael Kassner

That makes sense, but the Behavioral Targeting application only works by installing a cookie in the web page's domain. That's required for tracking. I'm not sure how that would work with the actual website used by Google. They would some how have DPI equipment that would add an additional cookie to the user's web browser.

Neon Samurai
Neon Samurai

Microsoft: MSN website and related domains, Windows updates and posability of lowjacking. Google, search criteria, click through hits and user data stored in there "cloud". Yahoo, saerch criteria, click through hits and user data stored in it's "cloud" also. Those would be my guesses as an initial starting point. I could see them all dumping an appliance on there own stream for anything coming into the self hosted systems; Google having the biggest advantage there probably due to popularity of offerings. (who doesn't havea gmail these days)

Michael Kassner
Michael Kassner

This is a part that confuses me and I can't find any information on it. The whole premise has been that the devices are injected into the local ISP's main traffic stream. So where do Microsoft, Yahoo and Google get the information? The only thing I see is that they are further upstream and are using BT equipment there.

Neon Samurai
Neon Samurai

I may be understanding incorrectly but wouldn't MSN be your email provider? QWest must still be the company running wire to your home and routing your packets out of there system. Up here, Rogers gives me the wire to my home a-la-bus network topology with the other homes on my cable loop. They partner with Yahoo to provide there customers with email. I use various email providers including Yahoo, Google and MSN. In email terms, my provider is in the states and two of them have responded questionably but my ISP is Canadian until Roger's pushes the data on down through there providers US "tubes". Yeah, think it's time to start pushing corespondents to learn how full email is unencrypted rather than just the signing hash.

powellc
powellc

I haven't been keeping up-to-date with ISP trends in the past several years, but hasn't Microsoft gone the way of Netscape along the lines of servicing consumer's internet? They're more interested in gathering search results for advertising now that google has shown it's possible to make huge profits via that route. As for the article, I'm not suprised that the gov't is interested in behavioral recognition. Some politician probably thought it would be a good idea to try to use 'the internet tubes' for screening potential threats to the government.