This is a work in progress..

Introduction

Privacy advocates are up in arms about the recent explosion in the monitoring, recording and analysis of people's online activities. The private sector, meanwhile, is investing heavily in compiling behavioral profiles of Internet users: In 2007, AOL, Yahoo and Google spent $3.6 billion to purchase behavioral targeting firms Tacoda, Blue Lithium and Double Click, while Microsoft spent $240 million for a 1.6% share of Facebook. In the wake of senate hearings into web privacy, a number of large ISPs have backed away from partnerships with behavioral advertising networks which would have seen them deploying deep packet inspection (DPI) to snoop on users' surfing habits, stressing that any future monitoring for advertising purposes will be on an opt-in basis with express consent from the users being watched. So what is all the fuss about?

The All-Seeing Eye

Monitoring and analyzing user's online activities is not new. Behavioral advertising companies like NebuAd? and Phorm track keywords on visited websites and search engine queries (with ISP cooperation), creating profiles (linked to individual computers) used to infer likely purchase interest in each of the rougly 1000 "useful but innocuous" product categories. NebuAd? and Phorm can categorize users quite narrowly. They can identify users interested in a vacation to a particular destination, or in buying a particular brand of used car. But while the ISP-Ad Network partnership allows for unprecedented comprehensiveness in monitoring a user's online behavior, individual e-commerce websites have been analyzing visitor's behavior at a high level of granularity for years now. Amazon.com, for instance, tracks clickstream data--the pages users visit, the time they spend there, and how they interact with each page--down to the level of individual scrolls, clicks and mouse-overs.

But what are companies actually doing with the data they collect? With a few notable exceptions, nothing revolutionary. Behavioral advertising networks use the profiles they generate to facilitate more nuanced audience segmentation. Where ads before could be targeted based on crude age and gender demographics, NebuAd? and Phorm allow advertisers to carve out their audience according to temporally salient interests. While this is a clear win for marketers, a recent survey reveals that 57% of internet users are uncomfortable with advertisers using their browsing history--even if anonymized--to serve relevant ads.

Are targeted ads a threat to privacy or autonomy? Perhaps not. While there is something offensive about the push nature of advertising in general--a reaction potentially exacerbated when you know an unsolicited ad is directed specifically at you--internet advertising is easily blocked. And whatever the actual empirical effect of advertising on purchase decisions, most people believe that they ultimately full control over whether or not to buy. In their current categorical classification based form, the NebuAd? and Phorm ad networks don't really provide much finer-grained audience segmentation than specialty magazines have been providing for years. Is more transparency all that is needed, or should we worry that the private sector will exploit knowledge of our online activities in ways that we do not desire?

Information about an individual, no matter how detailed, only threatens autonomy to the degree that others can interpret and use it. While corporations may now have access to an unprecedented amount of data about their customers and potential customers, they are still, for the most part, relying on common-sense marketing knowledge when it comes to figuring out how to convert that data into sales.