Tech startup’s goal sparks privacy worries

Published 7:38 pm Friday, December 7, 2007

As Internet advertising is increasingly precisely targeted to meet consumers’ presumed desires, the trick for advertisers is to sniff out people’s interests and needs without riling their privacy defenses.

Silicon Valley startup NebuAd Inc. believes it has reached this balance with a new ad-serving system — even though its system of peering inside Internet traffic might seem ominous.

NebuAd’s system is designed to improve on Web sites’ long-standing practice of dropping tiny tracking files known as cookies on visitors’ computers. When those cookies indicate enough about a Web surfer’s interests, related ads can be made to appear.

But the fact that you visited a site doesn’t say as much about your interests as knowing what you did there and afterward. Did you read several articles or quit halfway through one? Did you leave the site to research the topic further on a search engine?

To glean those deeper insights, NebuAd installs equipment inside the facilities of Internet service providers, which see everything their customers do online. NebuAd’s boxes examine many of the sites people visit, what they do there and what they hunt for on search engines.

While some tracking mechanisms can ferret out an interest in travel or the outdoors, NebuAd says it can tell whether you are in the market for a trip to the south of France or snowboarding gear.

The company won’t say how many carriers or advertisers it works with, though CEO Bob Dykes said Internet providers representing millions of customers run NebuAd’s system to let it gather information. In return, they get a share of the revenue from advertising NebuAd places.

The only ISP known to be working with NebuAd is Monroe, La.-based CenturyTel Inc., which has 530,000 broadband subscribers scattered throughout the country.

Aspects of NebuAd’s technique are already in play. For example, besides cookies, many online retailers deploy “clickstream analysis” tools that monitor what customers do on a given site — what they browse, what they read, which items they put in their shopping carts but fail to buy.

As a much wider-ranging eye in the sky, NebuAd could pique more worries about privacy. And its creators have taken steps to mitigate them.

Dykes pledges his company never creates a database that could leak or be subpoenaed. It doesn’t compile lists of sites that people have visited or what they did online.

Instead, its system works somewhat like a huge set of meters: one measuring interest in travel to the south of France, another tallying curiosity about snowboarding, and so on and on and on. Whenever you do something online that is thought to reveal heightened or diminished interest in a subject NebuAd tracks, the meter ticks up or down.

The system measures interest in at least 800 marketing categories, Dykes said. But it is blind to online behaviors that indicate bedroom proclivities or medical conditions, because NebuAd doesn’t take sex-related ads or promotions for what Dykes calls “sensitive drugs.”

NebuAd also doesn’t read e-mails or postings on social networking sites, which should help keep it out of privacy storms like the one that erupted recently on Facebook.com.

Also, while NebuAd follows users closely enough to match ads to their interests, Dykes said the company doesn’t keep identifying information on them as individual people, even a numeric Internet Protocol address.

Once grabbed from an ISP’s network, such details are fed into a cryptographic system known as a one-way hash, producing a string of code that supposedly cannot be reversed to identify a consumer. NebuAd’s servers — and snoops, presumably — see only the hash codes.

“All they really have is (the equivalent of) a dot on a grid somewhere that says, ‘It’s time to get an ad to this dot,’ ” said Larry Ponemon, a privacy consultant who has advised NebuAd.

If that does not reassure consumers, Dykes said NebuAd requires ISPs to ask their customers whether they want to opt out.

However, that could prove contentious. Pam Dixon, director of the World Privacy Forum, said NebuAd should instead use an opt-in mechanism — automatically excluding anyone who doesn’t sign up. She said even if a marketing profile is anonymous, someone might be able to tie it to an individual Web user, if its details were as richly detailed as NebuAd indicates.

“For this particular business model … it’s got to be opt-in, because people’s expectation of privacy is that this isn’t happening,” Dixon said.