Congress looks to address privacy concerns over online ads

A Senate committee heard testimony from the online advertising industry on Wednesday, as it attempts to address worries that some practices may violate users' privacy.

Among those who testified Wednesday before the Senate Commerce Committee were representatives from Microsoft, Google, and Facebook. However, the majority of the Committee's ire seemed targeted at NebuAd. This Redwood City, Calif.-based firm offers technology that uses data culled from packets provided by ISPs, which offer clues as to browsing habits. In turn, this data is used to deliver more relevant ads.

In May, the House called for at least one of NebuAd's apparent customers, Charter Communications, to stop using the service. It did so in June. Phone provider CenturyTel has also canceled plans for use of NebuAd technologies, as well as Denver-based cable provided Wide Out West.

However, NebuAd has been extremely secretive, and will neither disclose its clients nor the ISPs it is working with. In any case, NebuAd says that while it does collect information to serve better ads, "personally identifiable information" is not collected, so in essence the information is somewhat anonymous.

"In sum, NebuAd's code used for standard ad serving purposes is both clean in its purpose and function," chairman and CEO Robert Dykes told the panel.

Members of the panel still questioned NebuAd's practices, however. While Dykes claims that it would not be able to provide identifiable information for users who search for particular types of products, the fact that it is collecting anything without consent is troubling.

It may also be illegal as well, running afoul of wiretapping laws. Since the information is being collected by NebuAd using the ISPs network, it is essentially eavesdropping. But more on how broadband providers are cooperating may not be known without a subpoena.

That's because all providers invited to testify on the subject by the committee declined to attend, according to Sen. Byron Dorgan (D - N.D.), who chaired Wednesday's hearing.

Other companies present at the hearing were not necessarily left off the hook either. Microsoft noted its work last July in ensuring that search data is not retained for extended periods of time, which also guides its advertising policies.

"We are deeply committed to these principles, which focus on bringing the benefits of transparency, control, and security to the protection of consumers' data and privacy online," Microsoft associate general counsel Mike Hintze added.

For its part, Google's senior privacy counsel Jane Horvath told senators that her company supports a comprehensive privacy law at the federal level, as well as the Federal Trade Commission's efforts to develop a privacy framework for online advertising.

Facebook chief privacy officer Chris Kelley echoed Google's support of the FTC's work, saying the social networking site was committed to allowing its users to make decisions on their own about what and how information about them is shared.

However, Kelley did stick up for targeted ads. "Receiving information that is relevant, whether paid for by an advertiser or not, generally leads to a better online experience," he said in his opening remarks.

Not everyone who testified agreed with the practice. One of the parties to take issue with targeted ads was the Washington, DC-based interest group, the Center for Democracy and Technology, whose president and CEO Leslie Harris argued that most Internet users do not realize their online travels may be tracked.

In a reference to NebuAd's practice of dealing directly, but also secretly, with ISPs, Harris stated, "The ISP model raises particularly serious questions. Thus far, implementations appear to defy reasonable consumer expectations, could interfere with Internet functionality, and may violate communications privacy laws."