Expanding their examination
of online ad targeting and privacy, lawmakers Friday requested detailed information from dozens of companies about their advertising techniques.
Reps. Ed Markey (D-Mass.), John D.
Dingell (D-Mich.) Joe Barton (R-Texas) and Cliff Stearns (R-Fla.) reached out to 33 companies--including broadband providers like Comcast and AT&T as well as Web publishers like Google and AOL--to ask
about their online ad targeting practices.
Among other questions, the lawmakers asked the companies whether they have ever tailored ads to users based on their Web activity or searches, and
whether they limit targeting based on "sensitive" data like health or financial information. The lawmakers also inquired about procedures for notifying consumers about targeting, whether users can opt
out, and how many people have done so.
Congress has recently held hearings addressing the privacy implications of Internet service provider-based behavioral targeting. But Friday's letter seems
to indicate that at least some lawmakers are questioning whether all forms of behavioral targeting--Internet service provider-based as well as older, site-based methods--pose a threat.
"Questions have been raised regarding the applicability of privacy protections ... and whether legislation is needed to ensure that the same protections apply regardless of the particular technologies
or companies involved," the lawmakers stated in the letter.
Behavioral targeting companies say they pose no risk to privacy because information they collect is anonymous, because it does not
include names, e-mail addresses, phone numbers and the like. In some instances, however, users' Web-surfing histories or search activity offers enough information to figure out their identities. Many
behavioral targeting companies and Web sites also allow people to opt out of receiving targeted ads.
Some advocates have proposed that Internet service based-targeting, which involves broadband
providers selling information about subscribers' online activity to companies like NebuAd and Phorm, violates federal wiretap laws. Privacy advocates also view this type of targeting as especially
troublesome because Internet service providers have access to Web users' entire clickstream data. With that type of vast information, it's possible to construct detailed profiles and, in some cases,
determine users' identities even without knowing their names.
Markey and several other Congress members have recently said that companies should obtain users' opt-in consent before deploying Internet service provider
based-targeting techniques.
Markey added Friday that he favors an opt-out regimen for other forms of behavioral targeting. "Individual websites and search engines and their affiliates that
monitor users also owe consumers constructive notice of such activities and the right to limit or thwart any personal data collection," he said in a statement.
The lawmakers requested a response
from all companies by Aug. 8.