Charter Will Monitor Customers’ Web Surfing to Target Ads

By Saul Hansell
privacy

Charter Communications, the fourth-largest cable system in the United States, has started telling its high-speed Internet customers that it is going to keep track of every site they visit on the Web.

The cable company will sell the data to a firm called NebuAd, which in turn will use it to show ads to Web-surfing Charter customers that are meant to be related to their interests. (Visit a knitting site yesterday and see yarn ads today.)

Charter started sending letters out to several hundred thousand customers in four markets: Fort Worth, Tex.; San Luis Obispo, Calif.; Oxford, Mass.; and Newtown, Conn. (The letters were first reported by DSLreports.com.)

Charter said it will start testing the system within 30 days and will make a decision whether to introduce it to its 2.8 million Internet customers a few months after that.

Using data from Internet service providers for what the advertising people call behavioral targeting raises all kinds of questions about privacy, disclosure and who owns the information about where Internet users surf.

I called Charter to ask about this Tuesday, and the company quickly put Ted Schremp, its senior vice president for product management and strategy, on the phone. That immediately set Charter apart from the other Internet companies in the United States that have been identified as working with NebuAd: Embarq and Wide Open West. Neither of them would discuss the matter when I last asked.

Charter is taking “for the most part, a high road approach,” according to Mr. Schremp. “We have told customers exactly what we are doing,” he said. The letter to customers, he added, was “very forthcoming” and “not buried in mouse type and legal disclosures.”

The five-paragraph letter positioned the monitoring program as an “an enhanced online experience that is more customized to your interests and activities.”

“As a result,” the letter said, “the advertising you typically see online will better reflect the interests you express through your web-surfing activity. You will not see more ads — just ads that are more relevant to you.”

The letter contained a link to a Web page with answers to some common questions. A second link in the letter goes to a page that allows users to opt out of the system.

I suggested to Mr. Schremp that there would probably be a fair number of customers who don’t consider having their Internet activities tracked to be an enhancement.

He responded several ways. He said that Charter convened focus groups of customers in two cities and found that most didn’t object when the program was explained to them. (A crucial aspect of the NebuAd system is that it claims not to record any personally identifiable information about users. Rather, it associates each user’s behavior with 1,000 categories of interest to advertisers.)

He offered his personal view that the system was harmless and well within the norms of the Internet these days. “The mainstream Internet user is hugely aware of the fact that the fundamental economic model on the Internet is advertising,” he said. While some people object to targeted advertising systems like Google’s Gmail, which displays ads related to the text of e-mail users are reading, many others don’t.

“All we are doing is, in an anonymous format, providing additional context to serve those ads. To the extent those ads are more meaningful to me as Ted Schremp, I will have a better Internet experience than the generic ads that are part of Yahoo and everything online.”

For those customers who disagree, Mr. Schremp said that Charter was offering the ability for them to choose not to be part of the system. I suggested that most privacy experts prefer opt-in systems where information isn’t collected until the user explicitly grants permission. He said that opt-out has become the norm for all targeting on the Internet.

How much money is NebuAd paying Charter for access to information about its customers’ surfing behavior? Mr. Schremp wouldn’t say. (Robert Dykes, NebuAd’s chief executive, said last month that the company was willing to pay Internet providers several dollars per subscriber a month.)

Mr. Schremp did acknowledge that raising revenue was a main goal for Charter in this: “We want to leverage technology in a way that makes sense for our economic model.”

Comments are no longer being accepted.

Chris Hoofnagle May 14, 2008 · 9:45 am

It will be interesting to see technical analyses of these systems, because the Cable Communications Policy Act of 1984 prohibits collection of personal information cable subscribers, except for very limited purposes:

47 USC § 551

“(b) Collection of personally identifiable information using cable system
(1) Except as provided in paragraph (2), a cable operator shall not use the cable system to collect personally identifiable information concerning any subscriber without the prior written or electronic consent of the subscriber concerned.
(2) A cable operator may use the cable system to collect such information in order to—
(A) obtain information necessary to render a cable service or other service provided by the cable operator to the subscriber; or
(B) detect unauthorized reception of cable communications.”

These prohibitions do not apply to records of “aggregate data which does not identify particular persons”

Jeffrey McManus May 14, 2008 · 10:29 am

There’s a name for this: it’s called contextual advertising, in the same way that Google “monitors customers’ web surfing” to display relevant ads. This can easily be done without having or storing any personally identifiable information from the user.

There’s a privacy concern here, but it’s pretty minor in the scheme of things. A bigger concern to me is the way that it would muck up with the performance and bandwidth of the service — it can’t possibly be the case that crunching every web page a user views wouldn’t slow down the experience.

At the end of the day this is just another reason why getting internet service from a cable company is a bad idea.

Jae May 14, 2008 · 10:31 am

There are many reasons I still get my home access through a small, independent ISP. This would be approximately 36 of them.

Ted McManus May 14, 2008 · 10:32 am

If Charter makes the claim that the user will not see more ads than they normally would, then is Charter hijacking adspace for which others have paid and replacing those ads with its own?

Adspace piracy on such a massive scale would threaten the economic model of the web.

Robert Brown May 14, 2008 · 11:00 am

It would be interesting to know where these ads are going to be displayed – what ads that would otherwise displayed are being replaced.

If another advertiser is paying to have an ad displayed but Charter replaces it with an ad of theirs, are they fairly credited? This is like cable TV, where a local ad is shown on a channel, and at the end of the local, the very end (a second or two at most) of a national ad is shown before either the next ad or returning to the programming.

While Charter should have the experience in this matter from being a cable company, charges of theft might still be raised if they supersede other paid advertisers.

Sandra Harwood May 14, 2008 · 11:05 am

Bravo for Charter, NebuAd and their customers! What Charter is doing is good for the Internet, as it will enable Charter to reinvest in the infrastructure necessary to maintain quality Internet access for its clients.

Once the Charter model is established, I am certain that consumers will realize that all the ‘Big Brother’ warnings of the lunatic privacy fringe will not materialize.

Charter customers will discover they enjoy browsing more because the amount of junk ads they receive are diminished and the percentage of ads relevant to their interests rises. Chances are good, too, that their monthly bill won’t rise as rapidly as those of customers whose ISPs aren’t smart enough to embrace behaviorally targeted advertising.

Everyone wins, except of course, the sourpusses who want an ad-free Interest, but don’t want to pay for it.

Ken May 14, 2008 · 11:19 am

Charter’s letter to me announcing this — received yesterday — does not “take the high road.” It’s riddled with euphemisms and spin, and refers to the monitoring as “an enhanced web browsing experience.”

If Charter wants to pay me for the rights to my surfing habits, I might accept this, otherwise no deal. Charter does let you opt out, though it’s not clear how a user can tell if they’ve really opted out.

Does anyone know if AT&T is doing this yet?

mistersquid May 14, 2008 · 11:20 am

Where exactly will these ads be placed? In the content of pages I visit? What if the site doesn’t contain ads in the first place? Will the ads be cooperative or competitive with the content they find? What if I am visiting a page that serves mostly/only ads and/or prominently placed ads like Google.

This is a cluster-you-know-what if I ever heard of one and Charter deserves to lose every single one of the subscribers it will lose, not to mention Charter’s deserving to lose the inevitable legal challenges from individuals and upstream content providers.

Talk about reproductive glands, Charter’s are connected to a suicide machine.

Ben Edelman May 14, 2008 · 11:29 am

I’m puzled by the suggestion that Charter customers’ online activity “will *never* be linked by anyone to your individual identity” (emphasis in original, paragraph 3).

Suppose Charter (or NebuAd) gets a subpoena. (Hypothetical: Wife wants to know whether husband was going to online dating sites.) What will NebuAd say? They will be obliged to answer the question. That’s exactly contrary to what the letter promises.

Randy Burkholder May 14, 2008 · 11:37 am

This is a violation of the right to privacy. Charter is going to meet resistance on this issue. Companies and individuals spend hundreds of thousands of dollars a year to protect their online privacy and now an ISP is implementing a system which users cannot prevent. Imagine what a hacker could do if they were able to obtain this information.

Jeffrey McManus May 14, 2008 · 11:41 am

Again, it’s not necessary to retain browsing information for the purposes of making contextual advertising happen. So if Charter is doing this the way they say they are (and we have to just trust them on this), if the subpoena comes, they’ll respond by saying “We don’t store the data you’re looking for, so go jump in a lake.”

Ronald Finell May 14, 2008 · 11:54 am

Spyware is spyware. Nobody should be able trace my whereabouts on the net unless I give explicit permission to do so. Does Charter have a iron-clad opt-out policy? If my son spends hours on a school report on cancer, what will prevent my life insurance company from buying this information from either NebuAd or the drug companies who subscribe to their service. I would encourage anyone using Charter to switch ISPs and to do so sooner rather than later.

Eric May 14, 2008 · 11:55 am

In reply to Ben Edelman’s concern, what they seem to be doing is working with companies that serve the Ads that you are already seeing, so that when they see your IP address on a download request for an Ad, they can choose one that is considered to be more likely to interest you. Google is probably already doing this anyway.

I am not too concerned by that, but with the collecting and especially the sharing of my web surfing habits with other companies. The more this information gets spread around, the more likely it is to get in the wrong hands. And it is impossible to completely avoid personally identifiable information in this data.

I also second Jeffrey McManus comment – some of these ad servers are already seriously slowing down the display of web pages for me. Unless they add an order of magnitude more processing capacity, I will be blocking more and more of them.

Vidiot May 14, 2008 · 12:18 pm

Note that the online form required of Charter subscribers to opt out of this is an insecure form, and that it requires cookies. If the user follows good privacy practice and deletes cookies, s/he has to opt out all over again.

trai_dep May 14, 2008 · 12:19 pm

Since Comcast is monitoring their customers on sites visited, what else will they monitor (content, protocols, email addresses, channels watched and for how long…?)
Since Comcast retains this information, what other information do they retain, and who will they share it with (any large dataset WILL be used, and by outside parties for purposes other than those initially given when data-collecting programs were begun)?
Since this dataset presumably has economic value, how will Comcast secure the information, and do they really think they’re smarter than the entire world’s worth of data hackers? Who pays when these measures are breeched?
If this program is so beneficial to their customers, why aren’t they rolling this out on an opt-in basis? Since they’re a quasi-monopoly, what real choice do consumers have?

This has far too many ways to end badly, both for their customers and for Comcast (imagine the lawsuits and negative publicity when abuses inevitably happen). Comcast needs to declare in more detail all of the above. If they had half a brain, they’d forgo this “opportunity” since the negative impact on their brand and loyalty – and their pocketbook – far outweigh the potential benefits.

magixman May 14, 2008 · 12:25 pm

It is not technically possible to “never link” the ad profile to an individual subscriber. It may not be available for Charter employees to view through their systems but under a court order it most certainly could be disclosed.

Don’t ge me wrong I am in favor of seeing advertising that might be more intersting to me if I have to suffer through advertising at all. I just think that there needs to be a lot of discussion of the ramifications which might not be obvious to everyone as they decide to opt in or out.

Jeff Chester May 14, 2008 · 12:32 pm

Both the FTC and FCC will need to investigate Charter’s placement of NebuAds “appliance,” designed to monitor the online activities of its subscribers. The cable industry used its political clout with the Bush FCC in 2002 to eliminate any cable ISP broadband competition. Charter’s customers cannot easily switch, consequently, to a competing multichannel and broadband access provider which might have a pro-consumer privacy policy. The government will have to step in and protect the privacy rights of Charter’s customers.

Wes Robinson May 14, 2008 · 12:48 pm

What is key to all these types of arrangements to me is the lack of service and technology we are receiving as customers. The Cable companies are pushing prices higher with increased revenue streams from VoIP, paid programing and growing internet subscribers. Though this cost is never making my bills smaller, its the opposite.

I would be willing to trade this information if they allowed others access to the market for which they hold a monopoly.

Greg Yardley May 14, 2008 · 12:55 pm

Sandra, I’m sympathetic to your argument, but company reps should identify where they’re from as a matter of policy.

Jeffrey, this is better known as ‘behavioral’ targeting, not contextual, since the user’s past behavior rather than the content of the current page is what’s taken into account.

Ted, it would indeed be pretty problematic if NebuAd replaced other paid advertisements with its own. However, ad networks generally allow their inventory to be bought using IP targeting. Companies like NebuAds use IP targeting to buy the inventory of subscribers to ISPs they’ve got a deal with, and then resell the space to an advertiser for a profit, making use of what they know about the user to get better targeting and higher rates.

Randy, Ben, I doubt NebuAds is silly enough to actually store browsing history – instead, they look at a URL as it comes in, say ‘hmmm, this means this user’s interested in fashion’, flag the user appropriately (probably with some time decay or weighting), and then throw the URL out. Even if privacy wasn’t a concern, it’s just too expensive to store that much data. A subpoena to NebuAds might reveal that ‘user ID #xyz is interested in dating’ but why go after that when the ISP itself has much more detailed information?

L. Yaremko May 14, 2008 · 1:00 pm

I’d recommend that privacy-minded individuals consider signing up with an anonymous proxy service. I have had excellent results with Anonymizer Total Net Shield, from //www.anonymizer.com. For $10.00 per month (billed annually) I can surf and email via a secure tunnel that keeps my browsing habits out of the hands of my ISP.

There may be other solutions available, but I’m familiar only with Anonymizer, which I have used for over 5 years with complete satisfaction.

Carl Thompson May 14, 2008 · 1:11 pm

How much will I get paid for the sale of my personal information?

milbank May 14, 2008 · 1:25 pm

I’m still amazed that so many people are niave enough not to get that the United States is a fascist country and the internet is not a refuge or sanctuary from it.

Skeptical May 14, 2008 · 1:33 pm

I don’t believe Charter will lower prices one cent. If my surfing habits are so valuable then where is my check?

C. Reaves May 14, 2008 · 1:36 pm

No personally identifiable information? Right. While it is true that it may not be possible to identify an individual from a visit to one or two sites, if I had a list of the last 200 sites that any person visited I could probably figure out exactly who they were and a lot more besides.

BIlly Budd May 14, 2008 · 1:45 pm

This so-called “opt-out” mechanism requires that you keep one of their cookies in your browser at all times.

I have an extension in my Web browser (Firefox) that lets me delete cookies at the touch of a button. I do this a couple of times a day. Some people, out of privacy concerns, don’t allow cookies in the first place.

So the people most concerned with privacy are precisely the ones who can’t effectively “opt out” of their slimy behavior! And many people live in non-competitive broadband markets where they won’t even be able to vote with their feet.