Commentary

Verizon: Trust Us, We Won't Sell Data!

Verizon recently told lawmakers that it had no plans to provide data about subscribers' Web activity to behavioral targeting companies like Phorm or NebuAd unless consumers specifically consented.

Verizon, along with Time Warner and AT&T, also indicated they believe that all behavioral targeting companies should only track Web users that had affirmatively opted in. While none of the companies went on record as supporting new laws requiring opt-in consent, the remarks certainly suggested that they might favor new regulations.

"The largely invisible practices of ad networks and search engines raise at least the same privacy concerns as do the online behavioral advertising techniques that ISPs could employ," Dorothy Attwood, chief privacy officer at AT&T, testified. "A policy regime that applies only to one set of actors will arbitrarily favor one business model or technology over another."

Now, however, Verizon appears to oppose new privacy laws. A recent post on the company's policy blog (first reported by GigaOm), concludes that self-regulation will suffice to protect people's privacy, because companies know they will face bad publicity if they violate users' trust.

To some limited extent, that might be true. No ISPs are currently testing NebuAd's platform, and that's probably at least in part because they weren't prepared for the bad PR. But it also seems likely that Congressional pressure, including the threat of new regulation, made them back down.

With or without Verizon's support, new legislation might be coming. House member Ed Markey, a Democrat from Massachusetts, has said ISPs should not sell information about subscribers' Web histories unless users have given opt-in consent, and some observers think he might introduce legislation to that effect next year.

Meanwhile, NebuAd rival Phorm is still facing pressure abroad. While U.K. authorities cleared the company recently, E.U. officials aren't happy about the secret tests that were conducted two years ago. Last week, a regulator sent a second letter to the U.K. government, demanding to know how the country intended to enforce European privacy laws that restrict companies' ability to collect personal data about individuals.

Next story loading loading..