dslreports logo
site
spacer

spacer
 
   
spc
story category
Embarq Offers More Data On NebuAD Trial
26,000 users impacted, 15 opt out...
by Karl Bode 11:18AM Thursday Jul 24 2008
Earlier this week Embarq responded to a Congressional inquiry into their recent trial of NebuAD user-tracking ad technology, and the sale of user browsing data. While the letter clarified that Embarq's definition of "informing" users about the trial involved burying fine print in their privacy policy, it really didn't answer any of the specific questions put forth to them by the Congressional inquiry. It did, however, take ample time to insult consumer intelligence by suggesting the sale of user browsing data "empowers" customers.

Click for full size
Embarq has e-mailed me a second, more informative response (pdf) from their CEO to Congress. The letter confirms that Embarq's trial of the technology was conducted on 26,000 subscribers at a single point of presence (POP) in Gardner, Kansas. Embarq says Gardner was chosen because it was their smallest pop, and due to its proximity to "qualified" technical staff.

Embarq says that of the 26,000 customers impacted, only fifteen opted out. That's likely because unless those users made a habit of digging through the Embarq privacy policy fine print once a week, they'd never know the trial was taking place. Embarq again repeats that they believe their fine print notification adheres to FTC standards -- though the FTC standards aren't exactly robust.

While it appears that NebuAD's ineffective opt-out system could violate several federal wiretap and privacy laws, Embarq states that their own internal legal review of the technology found it "lawful and otherwise permissible." They also repeat claims that any data collected was anonymous and not retained.

While this letter is much more informative than the previous one, it's still fails to address the fact that NebuAD's cookie-based opt-out system doesn't actually opt users out of data collection (just targeted ad delivery). It also doesn't go out of its way to concede that e-mailing impacted customers might have been a better bet than burying notification in fine print.

view:
topics flat nest 

SSX4life
Hello World
Premium
join:2004-02-13
kudos:3

1 edit

obvious

Isn't this obvious? People don't read the fine print or take the time to understand contracts prior to signing things. The housing crisis would tell you that.

We should have the same HIPPA laws that apply to medical records apply to browsing data. It's private and should remain such.

You don't see your electrical company selling your Kilowatt usage down the street, you don't see the water company selling your overall consumption to lawn and fertilizer company's.

Why should this be any different?

*edit* and the whole bullsh!t about "making the users browsing experience better" is a total bunch of crock. The CEO's will tell you anything to get their way and not even agree with their own tactics or policies in their private life.
/rant
--
»www.google.com is your best friend... please use it before asking your question.

hopeflicker
Capitalism breeds greed
Premium
join:2003-04-03
Long Beach, CA
kudos:1

Re: obvious

if only 15 opt'd out then that MUST mean people WANT the service

yes, it's sarcasm

FFH5
Premium
join:2002-03-03
Tavistock NJ
kudos:5
Do you think these same rules should apply to Google or Yahoo? They collect user info and their system is opt-out and is spelled out in their privacy policy too.

hopeflicker
Capitalism breeds greed
Premium
join:2003-04-03
Long Beach, CA
kudos:1

Re: obvious

said by FFH5:

Do you think these same rules should apply to Google or Yahoo? They collect user info and their system is opt-out and is spelled out in their privacy policy too.
All businesses should keep the opt-out option out of their privacy policy. However, the user should be given the option to opt out before they can use any service. This should be spelled out on a single document before any services can be rendered.
--
Religion does three things quite effectively: Divides people, Controls people, Deludes people.
SilverSurfer1

join:2007-08-19

1 recommendation

said by FFH5:

Do you think these same rules should apply to Google or Yahoo? They collect user info and their system is opt-out and is spelled out in their privacy policy too.
Except that Google/Yahoo's cookies aren't quite as intrusive/persistent as Nebuad. Once Google/Yahoo cookies are deleted, they stay deleted until you visit the site again. Nebuad is an entirely different matter.

tschmidt
Premium,MVM
join:2000-11-12
Milford, NH
kudos:9
Reviews:
·FirstLight Fiber
·Hollis Hosting
·G4 Communications
said by SSX4life:

Isn't this obvious? People don't read the fine print or take the time to understand contracts prior to signing things.
That is true to an extent but the mouseprint on most service/software contracts is impossible to understand and wade through for the average person.

Also this is something new so even if you read it you may quite possibly miss the ramification of what they were doing.

Most ISPs I aware of reserve the right to change terms and conditions at any time. Pretty hard to be an informed consumer.

Agree with with other there needs to be some sort of implied contract, as with phone service, as to what company can and cannot do with your information.

Should not be up the the consumer to wade through pages of legalese each time they do something on the Internet.

/tom
openbox9
Premium
join:2004-01-26
Germany
kudos:2

Re: obvious

said by tschmidt:

Agree with with other there needs to be some sort of implied contract, as with phone service, as to what company can and cannot do with your information.
The contract is implied each month when customers pay their bills. I say let the ISPs put the privacy statement verbiage in an e-mail to their customers for notification purposes. I still doubt that you'll see large numbers of customers opting out or even caring about the minute impact of anonymous logs.
clickie8

join:2005-05-22
Monroe, MI

Re: obvious

Actually, it's not. If I am paying you to pick up my garbage and you're using my property as a drug drop while you're picking up the trash, paying my bill is not implicit acceptance of your activities.

While you may be right that large numbers of their customers many not bother to opt out, it doesn't make it legal, it doesn't make it ethical and it doesn't make it right. My objection with anonymous data collection that it's with a third-party to whom I do not have an ongoing business relationship. Nebuad is free to take this data and eventually make it NOT so anonymous, and there isn't a damned thing I can do about it once they have a foot in the door.

Switching ISPs isn't an option, for me or for many many others. That's what makes this such an offensive issue; we're stuck and we have to take it if we want broadband.

Once I make a purchase on the web with one of their advertisers, the cat is out of the bag. Nebuad is going to have a very hard time keeping that anonymous data private once the dollar bills start flying.

Quite honestly, when does one say enough is enough?
openbox9
Premium
join:2004-01-26
Germany
kudos:2

Re: obvious

Yes, the contract is implied each month that you pay your bill. Unless you sign a longer length contract, you have an agreement with your ISP for the billing period.

You can object to third-party access to data all you want, but it's unfortunately a fact of life today. Almost every industry that I can think of has no problem sharing your information to third parties unless you opt out of the sharing of your information. And yes, their ability to do so is printed in their privacy statements that a vast majority of people don't read.

You can say enough is enough. Have you contacted your ISP to express your viewpoint as a paying customer? Have you contacted your elected representation to express your desires?
wtansill
Ncc1701

join:2000-10-10
Falls Church, VA

1 recommendation

said by SSX4life:

*edit* and the whole bullsh!t about "making the users browsing experience better" is a total bunch of crock. The CEO's will tell you anything to get their way and not even agree with their own tactics or policies in their private life.
/rant
It's possible that the 15 that opted out were Company Executives who didn't want their browsing habits mined...
--
"In every generation, there are those who want to rule well - but they mean to rule. They promise to be good masters - but they mean to be master."
--Daniel Webster
AdNauseum

join:2008-07-25
@SSX4life: You cite examples of electrical and water companies. What about your credit card, mortgage companies, affinity cards like grocery 'points', magazine subscriptions? Do you think they don't trade your data unless you opt-out? At least online companies provide online opt-out, once you figure where it is. I am sick of getting privacy policies via snail mail, requiring me to fill out and return a damn paper form.

Isn't it a bit naive to demand opt-in? NOBODY would opt-in! Their business depends on people not caring and by default being opted-in. And that is majority of people.

newview
Ex .. Ex .. Exactly
Premium
join:2001-10-01
Parsonsburg, MD
kudos:1

I'd be willing to wager . . .

that If they had informed EACH subscriber by email of this PARTICULAR change in the privacy policy & their automatic opt-in to this intrusive user-tracking ad technology, they would have seen an AVALANCHE of opt-outs.

ROFLOL

@charter.com

What a joke

If its so gosh darn popular and great for the end-user then they should offer an Opt-in, and everyone will join, right? Right???

This is nothing but legal subterfuge on the unknowing end-users.

Pv8man

@wideopenwest.com

Re: What a joke

I cannot agree with you more anonymous "ROFLOL"

Then they can use those opt-in stats to prove with numbers that this is a "great service"

LOL

m3rl1n

@compuware.com

cookie based opt out

I have a serious problem with the "cookie based opt out". My web browser clears all data every time it closes, including cookies. What happens the next time I start my browser? I get more pop ups and have to re-opt out???? This whole concept is garbage and should not be permissible. Tell the ex-spyware makers where to stuff it!!

BK3

join:2001-04-10
Geneva, IL
Reviews:
·AT&T Yahoo

1 edit

1 recommendation

Lurking in the background

....Embarq again repeats that they believe their fine print notification adheres to FTC standards.....

In other words, Emparq did the very minimal they thought they could get away with, while doing their best to keep this "service" hidden.

IMHO, any business that needs to keep itself as hidden as NebuAd isn't worthy of existence. If their system is so great, why do they fight so hard to keep it hidden? If the user experience is so much "enhanced", then wouldn't they want everyone to know about it and use it?

Not any better than spammers, phishers and spyware creators, IMHO.

Edit: Spelling

--
Atomic batteries to power - Turbines to speed - ready to move out.
hottboiinnc
ME

join:2003-10-15
Cleveland, OH

Congress caring about Wire Tapping now?

Why should Congress care about illegal Wire tapping now?

they didnt care about it with ATT and VZ. They walked free. maybe NebuAd should go ask Bush to walk free and it was all for the sake of the NSA and turn over information if anyone searches or views anything that NSA should need to know about.

88615298
Premium
join:2004-07-28
West Tenness

what would the #'s be for opt-in?

If they are so sure this crap makes for a better interent experience they should not have a problem having this be opt-in instead. If it's so great people would flock to opt-in. The fact they don't have it opt-in speaks volumes on how they REALLY think about it.

CPUYODA

join:2003-01-25
Johnson City, TN

DOes...

SO that's why their DNS servers suck.

BTW,..been meaning to ask,....does openDNS bypass this crap?
--
"In God We Trust,All Others Pay Cash"

scavio
Premium
join:2001-07-14
Melmac

Re: DOes...

Short answer... no, it doesn't.

Cheese
Premium
join:2003-10-26
Naples, FL
kudos:1

SIgh.....

Good thing I got rid of Embarq 2 years ago!

TransitMan
Premium,MVM
join:2000-09-05
Dayton, OH
kudos:1
Reviews:
·Time Warner Cable

It's All About The Alphabet Soup

The NSA, FBI, CIA, Homeland Security, etc., using a company like NebuAd or Phorm or whomever to circumvent the law to get what they want.

These scumbag ad serving companies need to put out of business.
Fine, click on the Opt-Out link, your opted out with a cookie placed in a browser. But wait, what if I use a different browser, it is not cookied for Opt-Out. I just Opted-In without my knowledge just because I decided for a few minutes to use a different browser.

Then I decide to clean all my cookies out of my browser, and the Opt-Out Cookie goes bye-bye. Next time I use the browser, I've automatically opted-in, because my Opt-Out cookie is gone.

This whole arguement over this type of End user enhacement is total bullsh*t, and violates numerous Federal laws, and probably numerous state laws as well.
It is time to level Federal Rackeetering charges for the illegal and unwarranted network tampering by NebuAd and Phorm and all others invovled in this type of backroom skull-duggery.
--
PROUD TO BE THE DIRECTOR OF THE CRUNCHENSTEIN ASSOCIATION AND THE HOST OF CRUNCHENSTEIN #2

Ad Nauseam

@unnet.ru

No different than any other company trading your data

@SSX4life: You cite examples of electrical and water companies. What about your credit card, mortgage, affinity cards (like grocery points), magazine subscriptions? Do you think they don't trade your data unless you opt-out? At least online companies allow online opt-out, once you figure where it is. I have gotten many privacy notices by snail mail that require me to fill out a damn paper form and physically mail it.

Why is everybody so naive about opt-out vs opt-in? Yes, the opt-out business model depends on people not caring. And yes, that's overwhelming majority of people. Another example - shopping rebates. If it wasn't for people's indifference / inertia, the rebate submission rates (with clear cash benefit to consumer) would be much higher than 20%-60% reported.