Commission Junction Bans Search Redirector Paxfire
Company accused of "hijacking" users' search queries for affiliate payments.
Company accused of "hijacking" users' search queries for affiliate payments.
Affiliate marketing company Commission Junction has suspended Paxfire from its network, following accusations that the technology firm was partnering with Internet service providers and redirecting users’ search queries to affiliate sites in return for payment, without CJ’s knowledge or consent.
According to researchers at the International Computer Science Institute (ICSI) in Berkeley, California, numerous U.S. ISPs have worked with Paxfire to enable this type of redirection, including Cavalier, Cogent, Frontier, Fuse, DirecPC, RCN, and Wide Open West.
A post written by the research team and published on the blog of civil liberties group the Electronic Frontier Foundation last week stated, “When looking up brand names such as “apple,” “dell,” “groupon,” and “wsj,” the affiliate programs direct the queries to the corresponding brands’ websites or to search assistance pages instead of providing the intended search engine results page.”
“In short, the purpose appears to be monetization of users’ searches,” the post added, citing involvement from affiliate program providers Commission Junction, Google, LinkShare, and Ask.com. To date, the researchers claim to have identified 170 brand-related keywords that trigger redirection through such programs, when using the ISPs mentioned above.
In a statement emailed to ClickZ News today, a spokesperson for Commission Junction wrote, “We had no knowledge of this reported activity until last week. At the time, Paxfire was in fact a publisher in the CJ network. We have taken immediate action – Paxfire has been deactivated pending further investigation, and we are continuing our investigation of this matter.”
Based on the findings of the research, two New York-based law firms have jointly filed a class-action lawsuit against one of the ISPs in question, alongside Paxfire itself.
Commenting on the lawsuit, Pace Latin, executive director at marketing trade group the Executive Council of Performance Marketing, suggested that the providers’ use of customer data in this way might be covered by their terms and conditions of service. “From what I read, most of the ISPs have some type of clause that says that they are allowed to use the data for various reasons,” he told ClickZ.
According to the ICSI research team, users are unlikely to consent to this type of redirection, however. Paxfire’s own privacy policy states that it may retain copies of users’ “queries,” but doesn’t specify if that language relates to the domain names they access or the searches they conduct, it said.
“The redirections mostly occur transparently to the user and few if any of the affected ISP customers are likely to have ever heard of Paxfire, let alone consented to this collection of their communications with search engines,” the researchers’ blog post argued.
Back in 2008 six U.S. ISPs were targeted by a class action lawsuit following their use of a similar technology from a company called NebuAd. The firm used a controversial process called deep packet inspection to monitor users’ Internet use and build profiles around their interests and behaviors, which it then intended to sell to marketers to help better target ads.
The company ultimately shuttered its operations following scrutiny from lawyers, privacy groups, and regulators.
Paxfire did not return requests for comment on this story.