NebuAd, ISPs, named in class action lawsuit
NebuAd, the controversial company that was trying to sell deep-packet inspection technology as a means of delivering more relevant ads, has already had most of the life sucked out of it. Now, a class action lawsuit filed in U.S. District Court in San Francisco today, could put the final nail in the coffin. The suit names several Internet Service Providers, including Washington Post-owned Cable One, which used Nebuad on a trial basis but ultimately did not deploy the technology throughout its network.
The suit alleges violations of the Electronic Communications Privacy Act, Computer Fraud and Abuse Act, California's Invasion of Privacy Act and California's Computer Crime Law, as well as aiding and abetting, civil conspiracy and unjust enrichment. It notes that NebuAd and the ISPs acted both independently and jointly to access and disclose information about the ISP subscribers that was sensitive and personally identifying. and that the intentional interception of the information was done so without the consent of the subscriber. In addition, the suit notes that the process was not in the normal course of business for the ISP but instead was used to monetize the subscriber's data for advertisement purposes.
Deep Packet Inspection was the subject of Congressional hearings in September as executives from big-name ISPs, including AT&T, Verizon and Time Warner Cable, were called to testify. They all said, very similarly, that they were not engaging in Deep Packet Inspection and that ISPs that do engage in the practice need to be transparent with customers about what they're doing and how they're using the data.
The suit notes that ISPs are allowed to track subscriber traffic to monitor for things like viruses, spam and the overall health of their networks but that DPI is not within those rights. Further, it says that the Acceptable Use Policies that subscribers agree to do not include language that informs customers that their online communications could be sold to advertisers. The suit further notes that Deep Packet Inspection allows ISPs to tap into new revenue streams aside from the traditional subscription business model. It quotes former NebuAd CEO Bob Dykes, who resigned in September, as saying:
The ISPs have not been able to share in the ad revenue and wealth creation around the publishing side of the Internet: They see their role as a valuable and a key role in the Internet, but many of them are making no money, are regulated and see this as a way of funding their capital requirements…
While things look bad for the future of NebuAd, which laid off a "significant" number of employees prior to Dykes' resignation, its woes are not a reflection of the entire DPI industry. Phorm, a company with similar technology, has been given a green light by regulators in the U.K., who found the technology to be legal.
The suit can be found here.