In a development with potentially huge implications for digital marketing and consumer privacy, numerous Internet service providers have begun using or testing technologies that track their subscribers’ online activities and serve ads based on those behaviors.
The trend is part of an ongoing bid by ISPs to hang ten on the digital advertising tsunami that’s largely passed them by while stuffing the pockets of Web giants like Google, Yahoo, AOL, and Microsoft.
ISPs are supported in the effort by a new breed of technology vendors — relatively unknown firms with names like NebuAd, Phorm, FrontPorch, and Project Rialto. Through the use of hardware installed on the ISP networks, these companies can gather and store information about their customers’ surfing habits for later use in ad targeting.
In some cases they support ad sales to agencies and advertisers once data has been gathered. The most public of the companies, NebuAd, acts as an advertising network, buying up low value display ad inventory from other networks such as ValueClick and reselling it to advertisers and agencies with an appetite for targeted ad opportunities. It shares the resulting revenue with its ISP partners.
“We simply place the equipment at the ISPs network,” said NebuAd CEO Bob Dykes. “Their role is completely passive. We sell the advertising.” (Read an interview with NebuAd’s Bob Dykes.)
NebuAd’s appliances can track the Internet usage of between 10,000 and 30,000 Internet subscribers, and the firm claims to have contracts with “multiple tens” of ISPs covering millions of subscribers. The company is based in the U.S., but also has a presence in Canada and will launch soon in the U.K.
One of NebuAd’s ISP partners, CenturyTel, has contracted with the firm to conduct a trial in one of its markets. CenturyTel spokesperson Annmarie Sartor declined to name the market or the number of subscribers covered or to specify when the test would end, but she insisted the company is very sensitive to its customers’ privacy concerns.
“We’ll analyze the results from that trial to decide if we’ll deploy it further,” she said. “If we do, our customers are absolutely notified and will have the option not to participate in this service.” CenturyTel offers long distance and Internet access services in rural areas in 26 states.
Should they aggressively pursue such data gathering methods, ISPs may achieve a level of behavioral tracking heretofore unknown online. That’s because existing behavioral targeting networks can monitor consumer activities only while they are visiting a select group of publisher partners. The largest of these networks is AOL-owned Tacoda, which has partnered with some 4,500 Web sites to enable behavioral ad targeting.
“We see search; we see those 4,000 Web sites; plus we see all the other Web sites,” said Dykes. “The existing behavioral cookie-based networks only have a limited knowledge. They may have some idea you went to a travel site. That’s all they know.”
Dykes also noted current behavioral targeting ad networks tend to offer a limited set of consumer interest segments, for instance in-market auto buyers or mortgage shoppers. He claimed NebuAd will up the ante considerably on segmentation. “We have 800 [segments] today and we’re expanding that to multiple thousands,” he said. “Again, more than an order of magnitude greater ability to target people.”
Tacoda Founder and AOL EVP Dave Morgan agreed, saying ISP-based behavioral tracking will result in “lots of data about smaller groups of people, as opposed to modest data about a lot of people.”
Morgan, who now heads up AOL’s global ad strategy, is in a unique position to observe the trend. In addition to founding and running behavioral targeting trailblazer Tacoda for several years, he also now holds a senior executive role with one of the world’s largest ISPs. As of September 30, the declining customer rolls in AOL’s access business still included 10.1 million U.S. consumers.
In his capacity at AOL, Morgan has had the opportunity to review several companies operating in the space. He said AOL has decided not to introduce the technology on its own network. “The question here is will this pass the spooky test,” he said. “We’re going to wait and see.”
NebuAd says it doesn’t track sensitive information such as visits to sex sites or health-related online activities, and it insists its technology eliminates the possibility the company will store personally identifiable information. Additionally, NebuAd executives reached out to the Federal Trade Commission (FTC) earlier this year through a law firm in D.C. to discuss its practices, a fairly common move according to the FTC and several marketing industry sources. An FTC spokesperson stressed the body never acts in an advisory capacity, nor will it give tacit or explicit approval for a given business practice.
“When you talk about putting a footprint that tracks 10,000 people in the network, that sounds pretty ominous,” NebuAd’s Dykes said. “That’s why we have to be out in front talking about privacy.”
ISPs are quick to chime in on a similar note. “It’s in our best interest not to share personally identifiable information with anyone,” said CenturyTel’s Sartor.
However, AOL’s Morgan believes there’s a risk NebuAd and others might store such data, despite their own best intentions.
“For ISP targeting to be effective the company has to sniff every packet and then reconstruct it on a per consumer/per user basis, which means you have to look at all the private and personal information before you can develop anonymous information,” he said.
Morgan continued, “They clearly have to manage and look at a lot of personal info, and then come up with rules to throw away personal information. And if you make any mistake in those rules, you’re stuck with personal information.”
Dykes insisted the risks are lower than Morgan indicates. “Instead of ‘filtering out’ personally identifiable and personal information, NebuAd operates in quite the opposite way by only ‘pulling in’… interests based on specific commercial categories,” he said. “At no time do we have personally identifiable information stored on our systems.”
Jupiter Research Analyst Emily Riley agreed the practice walks a fine line. “ISP-level behavioral targeting opens up a can of worms when it comes to consumer privacy,” she said. “They have the access to complete a very accurate profile of somebody.”
The eventual scale of ISP-based behavioral targeting will depend on how aggressively access providers pursue it. Earthlink, another ISP contacted by ClickZ, declined to comment and Cablevision did not respond to an interview request. Some industry observers say hundreds of ISPs are testing or considering using the technology.
“I don’t think people realize how fast these companies are moving,” said AOL’s Morgan. “They’re moving fast. Now there’s going to be a big question about how many of the big ISPs play.”
For those big ISPs, getting in on behavioral advertising — one of the top growth areas in display advertising — is surely a tempting proposition.
“The ISPs have really not generated a large amount of value [from the online ad boom],” Dykes said. “All the value has accrued to publishers, search engines and advertisers.”
The development comes as public discussions heat up around online consumer privacy, among both consumers and regulators. Google’s proposed acquisition of DoubleClick, approved by the FTC last month, was met with opposition by consumer privacy groups and some members of Congress, and privacy is also a factor in the ongoing European investigation of the deal.
Additionally, Facebook’s Beacon program, introduced in November, upset many social networking site’s users and triggered a privacy-based campaign by advocacy group MoveOn.org. A form of behavioral tracking, the program followed users’ online activities on partner sites like Overstock.com and Fandango.com, in some cases reporting their purchases and transactions back to their friends.
The FTC’s deputy director for consumer protection, Eileen Harrington, said she wasn’t aware of the new variations on behavioral targeting being explored by ISPs. However, she said the development “proves the need for very broad and flexible principles” when coming up with self-regulation guidelines. The FTC proposed such guidelines for the behavioral targeting sector in December.
“The reason that we are proposing broad principles and self-regulation is precisely because of the rapidly changing and evolving nature of these practices,” she said.
The biggest factor in deciding the fate of ISP-based behavior tracking may be the response of consumers. As happened with Facebook last month, if subscribers respond negatively, ISPs may smother these programs in the cradle.
“What I really like about what happened with Facebook Beacon was an interesting example of consumer self-regulation,” noted Morgan. “Consumers said, ‘We don’t like this. Don’t do it.’ Maybe we’ll see the same kind of thing here.”
This week in digital, we said goodbye to Facebook Exchange and Post-it wars, as we welcome TAG's latest anti-fraud development, Shift, and maybe Siri integrations?
This week at Shift 2016, Andres Sosa, Executive Vice President of the online retailer TheOutnet.com, gave a talk on innovation and content-creation. It reminded ... read more