Questions for Ben Edelman

There are many forms of abuse online, but they’re often hard for an investigator to trace.

In fact, one can often only infer their nature by examining peripheral clues. Does your competitor’s IP address show up in your search campaign referral logs again and again? It’s probably click fraud. Do you get a customer complaint about seeing an ad for your footwear brand on an S&M discussion forum? Maybe it’s time to reexamine your ad network relationships.

Spyware expert Ben Edelman is trying to get beyond inferences and document what’s really going on. He’s able to do this because he works directly with infected computers to identify harmful download and marketing practices. He can say with certainty, for instance, that a Yahoo Publisher Network ad was syndicated out to an unethical spyware environment, because he documented it on his very own computer.

Yahoo tends to figure prominently in Edelman’s investigations, and he says it’s not because he’s targeting the company specifically. “When I look in dark alleys, Yahoo is there to be found,” he said. “I didn’t pick Yahoo. Yahoo picked me.”

Edelman recently talked with ClickZ about his ongoing investigations into spyware, whether there’s such a thing as “legitimate adware,” and the cascading chains of affiliates and ad network relationships that he says ultimately harm advertisers.

Q. What’s driven your interest in spyware and advertising on the desktop? Why is Yahoo the focus of that interest?

A. There’s so much that can be done in terms of how to get onto users’ computers and what to do once your software is there. The concept is so complicated. There are a lot of things that can go terribly wrong, and there’s a lot of room for me to add value by cataloging what’s going on.

Speaking to the second question, time and time again, when I look in dark alleys, Yahoo is there to be found. I didn’t pick Yahoo. Yahoo picked me.

Q. Your latest work draws a connection between spyware and click fraud that I believe hadn’t been made previously. Could you summarize what you’ve observed?

A. Spyware programs show pop-ups. They want to get paid for showing pop-ups and they face an ongoing struggle for where to get the money. It’d be great for spyware vendors if advertisers wanted to buy the ads directly as they used to do in staggering numbers. These days, that happens much less frequently.

Where to get advertisers? One possibility is to use intermediaries… Yahoo has a particularly large network of syndication partners, and so spyware vendors seem to find it easy to get into the Yahoo network, to show Yahoo network ads and to get paid for doing so.

As to click fraud, the best way to get paid for showing Yahoo pay-per-click ads is not to show a list of ads where users might or might not click on one of the ads, but instead to go ahead and click an ad for a user. Then the chance of a user clicking on an ad becomes 100 percent, rather than something less than that.

Q. Do you have any idea how widespread this is? Volume of ads, audience size, etc?

It’s hard to know for sure. The advertisers that I talk to tell me that some of the channels I’ve recently revealed as participating in click fraud are big Yahoo channels for them. Top twenty channels.

Q. Who carries the most blame when a traditionally upstanding brand turns up in a spyware environment via an ad network or affiliate relationship?

A. It’s fact-specific. You need to look at the specific facts of a particular occurrence, and figure out what happened and how. When you see a LinkShare affiliate link served up by spyware, it’s easy to blame the spyware vendor, easy to blame the affiliate, and somewhat harder to blame the merchant.

But even so, a diligent merchant could be testing that spyware and making sure the spyware doesn’t show its ads.

Q. Has Yahoo severed ties with spyware providers that you’ve observed?

A. With some, they have. With others, the relationships are ongoing.

Q. Have you observed any of the fraudulent click stuff with Google’s AdSense program?

A. I have never personally seen click fraud against Google AdSense.

Q. You’ve said a “no syndication” rule for ad networks is the best bet to end the damage to advertisers via click fraud and unfavorable juxtaposition of ads with content. What do you think is most likely to drive the adoption of such a rule?

A. I think PR risk might drive it. There’s only a certain number of stories that the advertising industry can tolerate about improper advertising placement before they say we’ve got to fix this problem and here’s how we’re going to do that.

Another reason would be a legislative mandate, for instance if the FTC [Federal Trade Commission] were to say to advertisers, “You are responsible for the efforts of [affiliates].” I believe they could institute such a rule tomorrow. It wouldn’t be unconstitutional. If they were to issue such a rule, the appropriate response from ad networks to say they want more control [over where ads are syndicated to].

The third possibility would be judicial. A big loss for an ad network and a big win for advertisers could tell an ad network that they need to do a better job [policing their ad syndication].

Q. What comes to mind when I say “legitimate adware”?

A. Not much. It’s like “military intelligence” or something. Of the adware that I look at, very little would be installed by a thoughtful, careful informed consumer. It’s just a bad deal. Who wants to trade dozens of pop-up ads for a screen saver that only appears when you’re not even sitting at your computer?

Q. What about AOL’s instant messenger? Do you think of that as adware?

A. I do not. When ads are shown within a program window there is far greater accountability. AOL is responsible for the ads that are shown within AIM. So they do a careful job of choosing ads carefully. Not so for ads served in pop-ups, for companies like Direct Revenue.

Q. Describe a day in the life of Ben Edelman.

A. I get up. I answer email. I take phone calls. I test spyware. Usually I eat lunch and dinner eventually. Go to sleep and do it all over.