back to article Google behavioral ads scare US lawmakers

US lawmakers have been itching for a good excuse to slap mandatory security guidelines on online behavioral ad targeting schemes, and apparently, they've found it. Google's new plan introduced Wednesday to track individual users' browser history to target ads was just the ticket for Democrat Rep. Rich Boucher, the newly-minted …

COMMENTS

This topic is closed for new posts.
  1. Peter Simpson
    Stop

    If they show me behavioral ads...

    ...I won't see them, as I run with AdBlock on.

  2. Anonymous Coward
    Thumb Up

    Hope they differentiate between Google and NebuAd/Phorm/Webwise

    Once again the US are ahead of us. Let's hope the plans being prepared Stateside, clearly differentiate between the tracking done by websites and search engines such as Google, and the far more sinister interception of communications that is at the heart of the ISP & DPI-based BTA schemes of NebuAd/Phorm/Webwise system.

    And can we have some action please from our own legislators to enforce the regulatory controls we ALREADY have over here in the UK? Like a little prosecution of BT?

    Google is not Phorm. Google is a website.

    Phorm supplies programmed interception equipment to ISPs to intercept all an ISP customers data traffic.

    Regulating those 2 very different systems, requires very different controls.

    The big problem is not BTA, but interception of communications.

  3. Anonymous Coward
    Boffin

    Re:Phorm

    Phorm-type tracking has all the same privacy concerns as other behavioral advertising PLUS the the serious problem that they are in effect eavesdropping on your communication without permission.

    But even the kind Google is doing raises some concerns. Suppose I spend my free time surfing gay porn, I'd rather keep that to myself. But what happens when I use the same computer show my friend RateMyKitten? (No that's not a porn site.) Am I doing to get ads for "Free Nasty Gay Porn" on the side? If so, I guess my secret is out.

    Alright Google doesn't really have a gay porn category, but still, some of the "interests" they track are things you might well prefer be kept private. Such as "Family Law", "Dating and Relationships", "Defense Industry", "Hacking & Cracking" and "Mac".

  4. Lou Gosselin

    Re: Hope they differentiate between Google and NebuAd/Phorm/Webwise

    "Google is not Phorm. Google is a website."

    Obviously, routine and unwarranted interception of private communications channels at the ISP level is more sinister than anything google does.

    Never the less you seem to be forgetting that google does in fact log usage for a large number of web sites unrelated to google.com. Do googlesyndication.com and google-analytics.com ring a bell? These host tracking javascripts on sites where visitors are not aware of their usage. It is data collection on these websites where the most serious privacy concerns arise, not their google.com search page.

    Of course the embeded javascript technique can be blocked by those in the know, but the data acquired isn't much different than Phorm's.

  5. Anonymous Coward
    Black Helicopters

    Welcome to the UK Open Prison.

    The only groups to have privacy in the brave new world of carriers using Deep Packet Inspection will be large companies, governments and criminal gangs. Deep pockets will be the only protection from DPI, forcing more and more web traffic into encrypted tunnels emerging from anonymous gateways, away from legitimate legal scrutiny.

    Meanwhile Jo Public communications will be intercepted, monitored, profiled and monetized by the Phorms, Nebuads and Kindsights. Private and personal communication will be dead. Freedom of expression a thing of the past.

    Your thoughts will be the only thing that remain private..... but not for long.

    Sop this madness before it becomes a reality. Politicians of all parties wakeup!!!

  6. nicholas22
    Boffin

    OK

    "Your thoughts will be the only thing that remain private..... but not for long."

    True, just today scientists announced being able to 'read' thoughts of subjects:

    http://news.bbc.co.uk/1/hi/health/7937926.stm

    I left BT when my contract expired, citing Phorm as the main reason.

    That really curbed the sales person's enthusiastic attitude on extending my contract for another 12 months. What is there to say? My confidence to this company (BT) is shattered, I mean common, snooping on my data? F*** off retards. Next time do a focus group rather than asking for legal advice alone.

  7. Tom
    Happy

    Simple answer

    Make them opt-in only. If there service is as great as they say people line up to sign up right? :p

  8. Steve Roper
    Flame

    @ Peter Simpson

    I also use and love AdBlock (and NoScript), but I'm starting to see a disturbing trend with the advertising on some websites; some webmasters are getting wise to the increasing numbers of AdBlock users and finding ways of circumventing it.

    A few weeks ago, I was shocked to see an infuriating bouncing animated GIF banner punting an online casino. After long being used to surfing an ad-free internet, this was like a kick to the head! My first thought was that AdBlock had failed, or my EasyList subscription had not updated. Then, when I right-clicked the image to read its properties and block it, I saw that it was hosted in the website's own 'images' directory - so blocking that directory would have meant blocking all images on the site. So I set AdBlock to block just that image.

    But then, on the next page, I was pelted with another one punting lingerie. The damn server fetches the ads from somewhere, randomises the image names and dumps them into its own images directory - so each time you click to a new page, you cop another ad. Yes, you can block them manually, but it's still distracting and annoying and it fills your AdBlock list up with useless, once-only entries.

    Needless to say, I then simply added the entire site to AdBlock's list and went somewhere else. But it seems the writing is on the wall for ad-blocker software, and people like you and I could very soon be forcibly subjected to targeted advertising once these sorts of dirty tricks take off more widely.

    I can see some really frightening extensions on this. Servers can fetch Flash, HTML and Javascript from advertisers as well as images. They can then copy them into integral parts of the website before it is sent to the browser and thus disguise them from addons such as AdBlock and even NoScript! Think about this for a minute: When you disallow google-analytics.com with NoScript, all they have to do is have the server fetch the GA script remotely, plug that code into the site's own scripts, which you are more likely to allow to run, feed the whole lot to the browser as though it's all coming from the one domain, and then feed the results back to Google from server-side. The AdBlock/Noscript addons only see these components as originating from the current domain, with no reference to any external domains at all. Thus if you allow Javascript for thisdomain.com, you're indirectly allowing google-analytics as well - with no way of knowing it's happening, short of being able to read Javascript code.

    So yes, behavioural-targeted advertising WILL apply to us ad-blockers, even if we are loaded with AdBlock and NoScript - the moment more webmasters start using these filthy server-side exploits to circumvent them. And I'll leave it to your imagination what the malware cyberscum will make of this new ability to get around AdBlock and NoScript...

    Yes, be frightened. Be VERY frightened.

  9. Anonymous Coward
    Anonymous Coward

    Where america treads

    So, that's all sewn up then. I mean, uk.gov simply laps up everything those innovative yanks do, you know like privatising schools, hospitals and, well everything else, throwing money at those poor hard up bankers, bombing Arabs (and other miscellaneous brown miscreants) back to previous, less enlightened centuries.

    So, we can all consider the end of phorm as a done deal, I mean, the UK could hardly press ahead with 'soft touch' self regulation for the ad industry parasites when the Leaders of the Free World are in the mood for busting knuckles... could they?

  10. amanfromMars Silver badge

    BetaTesting Systems with New Knowledge .....

    .... White Hat Red Teams Creating DaneGeld for Spending on AIR&dD*

    Actually, the much Greater Concern for Security is NOT that which some may wish to keep Secret and which they may have to Phish and Probe for, but that which some may Transparently Openly Spontaneously Share Universally with the Sudden Appearance/Publication on the World Wide Web of Intellectual Property over which they have No Control or Executive Share ie Novel Virgin Source which may Conflict and/or Disprove a Cosy Exclusive Executive Protocol which is Used by Establishment Bodies for Personal Abuse and Fantastic Reward.

    Although in All Such Cases, would the Simple Buy In with Reward Directly Proportional to the Perceived Value of a Compromising Position be an Immediate Temporal Solution in what would then be a Mutually Agreeable and Agreed Stop on Progress, and thus would the Move Enable and Engender Ongoing Creative Debate and Development in and for Resolution of a Perceived Conflict, which may, with the Advent and Injection of Novel Virgin Source/NeuReal Binary Code be QuITe Delusional in the First Place and merely an Imagined Difficulty, which will Play no Part nor Impart any Damage or Danger in the Future/the Second Place.

    * AIProgramMING which is already BetaTesting Vulnerable Systems which are Currently Under Fire and/or Sustained Market Attack, albeit in a Stealth Configuration in Sensitive Markets in Order to Allow for the Correct Response to Prevent Catastrophic Collapse.

    And in an Automated Proxy ProgramMING are such Correct Response, or Otherwise, the Moral Hazard Triggers beyond Physical Control which Deliver that which has been Remotely Decided by Vulnerable Systems Administration of Reward for Failure rather than Preparation for Success.

  11. Kevin Jeal
    Unhappy

    @ nicholas22

    I left BT for the same reasons, the moronic sales women that rang me shortly afterward offering me 6 months free broadband had no idea what I was talking about when I mentioned Phorm, and my attempt to educate her fell on deaf (and dumb) ears.

    Unfortunately if they did do focus groups you can bet they would cherry pick the least IT savvy customers they could find. As for Google and their use of this targeted advertising (spying) it will once again be the ignorant that suffer.

    I inform everyone I know how to secure their surfing habits, unfortunately quite a lot of them don't seem to grasp the growing problem regarding security or their lack of it. :( These are the people that Google and their ilk are abusing and it’s sad that most don't seem to care. We will have to wait to see how far it goes before they remove their heads from the sand. I fear however that it will be too late by then.

  12. Paul
    Unhappy

    a query about credit agreements and ethical shopping...

    I'm tied into a 12-month credit agreement with BT broadband. Fair enough, but a question raised for me is - what are the legal issues surrounding credit agreements where a situation subsequently comes to light that you are not ethically happy with - like Phorm? Does the law give me any greater right to consider that agreement void and to not owe the balance in cases where, though I am still happy with the terms and conditions and price as negotiated, a matter of principle has come to light?

    I probably wouldn't leave BT as I'm otherwise happy with the service, and touch wood they have climbed down over Phorm, but it raises an interesting question about credit agreements. I'd be interested to know how empowered the consumer actually is under UK law.

  13. TeeCee Gold badge
    Unhappy

    @Steve Roper

    "Servers can fetch Flash, HTML and Javascript from advertisers as well as images."

    Ohshit! Welcome to the Brave New World of Cross Site Scripting attacks with the handy, detectable Cross Site bit happening behind the scenes where you can't see it.

    My first reaction was that you'd have to be as dumb as a bag of hammers to casually import scripts 'n such from A.N. Other site and then run them on yours. Then I remembered how most of the web economy relies on advertising for its revenue and can't possibly say no without going bust.

  14. Anonymous Coward
    Thumb Down

    “Google's new plan introduced Wednesday to…”

    Should it not have introduced Pugsley as well?

This topic is closed for new posts.

Other stories you might like