US lawmaker wants consent required for Web-tracking

WASHINGTON, July 17 (Reuters) - Internet providers should be required to get their customers’ permission before the companies are allowed to track their online visits, a key House lawmaker said on Thursday.

Democratic Rep. Edward Markey, chairman of the House subcommittee on telecommunications and the Internet, said broadband network operators should have to get “opt-in” permission from customers before using sophisticated technology that can track their movements online.

Markey cited the sophistication of the technology being used, known as deep-packet inspection, as well as the technology’s capability and the obvious sensitivity of the personal information that can be gleaned from a consumer’s Web use in backing the opt-in requirement. His comments came in a prepared statement at a subcommittee hearing on Thursday.

Deep-packet inspection, or DPI, has sparked privacy concerns among some lawmakers and consumer advocates. Those concerns were sharpened earlier this year when cable company Charter Communications CHTR.O disclosed plans for a pilot program, in partnership with an advertising company called NebuAd, to track customers.

Charter said the service would be anonymous and would not collect or use any information that identifies individuals. It has pledged to protect customers’ privacy and said they would be allowed to opt out of the program. But Charter later put the program on hold because of the privacy concerns.

NebuAd’s chief executive, Bob Dykes, testified at Thursday’s hearing, telling lawmakers that the company’s advertising network benefits consumers by serving them with more relevant online ads.

Dykes assured lawmakers on the subcommittee that NebuAd does not collect personally identifiable information about Web users or store “raw data” linked to individuals.

Dykes said NebuAd requires the Internet service providers it works with to provide “robust” disclosure notices and the chance to opt out of the service.

But Markey said network operators should be required to take an “opt-in” approach and that there should be no “monitoring or data interception” of customers who do not consent. (Editing by Tim Dobbyn)