Paxfire Snooping Scandal Gets Political Attention
Things Will Soon Heat Up For ISPs Involved
Last week Berkeley researchers and the EFF
announced that ten ISPs were covertly intercepting and sometimes redirecting user search results for additional profit. This week saw a new lawsuit against hardware vendor Paxfire and RCN, with Paxfire denying that they've done anything wrong
. The ISPs involved in the traffic hijacking stopped the practice dead in its tracks once the story broke, but as expected the quietly bubbling scandal is now seeing some political attention. New Scientist
notes that things will likely heat up next week for both Paxfire and the ten ISPs involved:
Both Paxfire and the ISPs could be summoned before the Senate subcommittee on the Privacy, Technology and the Law, says Richard Blumenthal, a committee member and Democratric senator for Connecticut. Blumenthal says he will discuss the possibility with Al Franken, the Minnesota Democrat who heads the committee. Blumenthal says he will also talk to federal and state bodies about possible legal action. He said that the conversations would likely begin over the next few days and could include the Federal Trade Commission and state attorney generals.
"These practices may well be a violation of law, including federal wiretap laws," says Blumenthal. "They are clearly a violation of trust that users place in ISPs."
You'll recall a similar controversy involving behavioral ad firm NebuAD, which folded
after it was discovered they were tracking online user behavior using deep packet inspection -- in many instances without ISPs informing users or providing functional opt-out mechanisms. A similar fate may befall Paxfire, even though it was the ISPs that failed to disclose this behavior and may have violated privacy and wiretap law. The fact that all ten ISPs so quickly stopped the practice once the story broke should make it clear how concerned they are with the legality of the traffic hijacking and snooping.
Meanwhile, affiliate marketing companies like Commission Junction are busily trying to distance themselves from the growing scandal
by insisting they had no idea this was going on:
In a statement emailed to ClickZ News today, a spokesperson for Commission Junction wrote, "We had no knowledge of this reported activity until last week. At the time, Paxfire was in fact a publisher in the CJ network. We have taken immediate action - Paxfire has been deactivated pending further investigation, and we are continuing our investigation of this matter."
As a reminder, the ISPs involved in this behavior were Cavalier, Cincinnati Bell, Cogent, Frontier, Hughes, IBBS, Insight Broadband, Megapath, Paetec, RCN, Wide Open West and XO Communications. Charter Communications had also used this technology but stopped doing so in March. None of the ISPs involved have been willing to comment on what they were doing, which also speaks to likely carrier concerns over whether what they were doing was legal. As we've seen with DNS redirection, some ISPs are so hungry for the added revenue this kind of new network hardware provides, they tend to forget to notify customers, ensure there's working opt out tools
, or adhere to the law