• by Wendy Davis  @wendyndavis, August 4, 2008

Expanding their examination of online ad targeting and privacy, lawmakers Friday requested detailed information from dozens of companies about their advertising techniques.

Reps. Ed Markey (D-Mass.), John D. Dingell (D-Mich.) Joe Barton (R-Texas) and Cliff Stearns (R-Fla.) reached out to 33 companies--including broadband providers like Comcast and AT&T as well as Web publishers like Google and AOL--to ask about their online ad targeting practices.

Among other questions, the lawmakers asked the companies whether they have ever tailored ads to users based on their Web activity or searches, and whether they limit targeting based on "sensitive" data like health or financial information. The lawmakers also inquired about procedures for notifying consumers about targeting, whether users can opt out, and how many people have done so.

Congress has recently held hearings addressing the privacy implications of Internet service provider-based behavioral targeting. But Friday's letter seems to indicate that at least some lawmakers are questioning whether all forms of behavioral targeting--Internet service provider-based as well as older, site-based methods--pose a threat.

"Questions have been raised regarding the applicability of privacy protections ... and whether legislation is needed to ensure that the same protections apply regardless of the particular technologies or companies involved," the lawmakers stated in the letter.

Behavioral targeting companies say they pose no risk to privacy because information they collect is anonymous, because it does not include names, e-mail addresses, phone numbers and the like. In some instances, however, users' Web-surfing histories or search activity offers enough information to figure out their identities. Many behavioral targeting companies and Web sites also allow people to opt out of receiving targeted ads.

Some advocates have proposed that Internet service based-targeting, which involves broadband providers selling information about subscribers' online activity to companies like NebuAd and Phorm, violates federal wiretap laws. Privacy advocates also view this type of targeting as especially troublesome because Internet service providers have access to Web users' entire clickstream data. With that type of vast information, it's possible to construct detailed profiles and, in some cases, determine users' identities even without knowing their names.

Markey and several other Congress members have recently said that companies should obtain users' opt-in consent before deploying Internet service provider based-targeting techniques.

Markey added Friday that he favors an opt-out regimen for other forms of behavioral targeting. "Individual websites and search engines and their affiliates that monitor users also owe consumers constructive notice of such activities and the right to limit or thwart any personal data collection," he said in a statement.

The lawmakers requested a response from all companies by Aug. 8.