ISPs Inserting Ads Into Your Pages

TheWoozle writes "Some ISPs are resorting to a new tactic to increase revenue: inserting advertisements into web pages requested by their end users. They use a transparent web proxy (such as this one) to insert javascript and/or HTML with the ads into pages returned to users. Neither the content providers nor the end-users have been notified that this is taking place, and I'm sure that they weren't asked for permission either."

On the one hand...

[niceone]

On the one hand I'd be really annoyed* if my ISP did this to me, on the other hand maybe there are some people who wold prefer ads and a cheaper monthly fee?

And on the third hand... isn't this going to break a whole bunch of websites? I'm having a hard time imagining how they could do it without major side effects.

(* I'd be wanting to stuff a few ads up their HTTP stream, I can tell you)

Re:On the one hand...

[bruns]

From my experience (I've worked at and built enough ISPs) that even if they find a way to potentially reduce the customers cost per month (ie: through ads), they won't pass the savings to the customer - ever.

Why? Profit. It's a great motive.

Copyright Bonanza

[Doc+Ruby]

The content in my pages is copyright implicitly, even if I don't register or even declare it in the pages. The right my ISP has to copy it is only for the purpose of publishing it in the transaction I have explicitly permitted: publishing it on URL requests.

If my ISP copies it for any other purpose, like inserting ads, or copies it into (or as) some other context, like an ad page, it's violating my copyright.

Every copyright violation - every page - makes them liable for a fine. That can really stack up, and costs a lot more than each page view generates in ad revenue.

Unless I've signed away my copyright in some contract with the ISP. Which I personally haven't. Nor should you.

If you have retained your copyright, and your ISP violates it, you should look forward to them handing over their business ownership to pay the damages. Email your lawyer from your other account and get the ball rolling. Why should corporate copyright holders have all the fun?

There should be legal questions

[erroneus]

These ISPs are modifying the content of another source. They alter the format or content or appearance of the requested data or information. Potentially, they endanger the quality of the service being provided on the other end. This is an offense against net neutrality.

Content providers who earn income from their own web activity should be among the first to file suit against these ISPs. I imagine network TV companies would be VERY offended if advertisments were inserted over, in or around their own presented material and web based business should be expected to have the same offense taken.

Re:Suprise!

[tha_mink]

Reminds me of how back when cable TV started up the idea is that you were paying for more channels and you wouldn't have to deal with ads. Looks like some things never change.

Actually, I'm more pissed as a content provider then I am as a consumer. How dare they! If I wanted advertising on my content, I'd put it there, and get paid for it. For me, this is totally stealing from content providers and not just annoying to consumers. I mean, isn't that like making money off of other peoples content? Wouldn't that be more like a telephone company forcing you to listen to an add before you place or receive a call? Imagine....

Phone rings and you pick up....

(You) - Hello? (Automated Hell) - Hello, this is A-T-And T, we have a call for you, but first, we'd like you to enjoy a message from our sponsors...
(You) - Click!

Fuck that! Stealing content...bullshit.

Re:ISP comparisons need to note this

[Alain+Williams]

Ah, one way in which competition is better in the UK. You can be broadband off a cable company (if you subscribe) or over the British Telecom 'phone lines - in which case you have dozens of ISPs to choose from.

I may not often agree with Gordon Brown: but him objecting to Sarkozy's attempt to remove 'competition' as a basic tenet of the EU was 100% correct. Protectionism, in the long term, hurts all consumers.

Re:I've known about this for a while...

[Mr.+Slippery]

However, they also explicitly say that they insert ads:

As a content provider, I didn't give them any licence to create derivative works. Creating versions of my pages with ads, is clearly creation of a derivative work.

But of course, it's much more important for copyright law to prevent me from copying a CD for a friend, then to prevent some large ISP from violating my moral rights by whoring out my content.

Re:Suprise!

[Timothy+Brownawell]

Clearly you're not familiar with CALEA. They not only log your traffic, they store all the packets so the courts can request them later.

Um, how? Even a 10Mbit pipe is 108GB / day. So how much bandwidth does a typical ISP use, and where do they get enough storage to remember it all?

Re:What about code validation?

[Bogtha]

Unfortunately, Internet Explorer is also oblivious to XHTML 1.1's existence, which means you'll be turning away the majority of your visitors (assuming typical demographics).

Re:Suprise!

[gnuman99]

No. This is NOT GeoCities. GeoCities added adverts to the websites you hosted with them. You knew EXACTLY what they do in return for "free" webspace. This is like getting a colo box so you can reach your customers better (ie. not relying on the shared webhost), make sure you have clean pages to attract customers then some fucker comes along and sticks adds on *your* page without *your* permission.

What GeoCities does is OK. The content provider has to agree.

What some ISPs do in return for free internet is OK too (add popups or whatever) - at least that what used to happen. In this case customers KNOW that the popups are from the ISP. But popups *must* be separate from the webpage, not in it.

But if you come along and *insert* ads on my pages and thus benefit from my work, I have no choice but to sue. That is copyright violation. Period. They are costing the content provider money.

Re:Suprise!

[Reaperducer]

Yes they have. It's called "product placement", and it's getting more invasive.

More invasive? Time to go back to the history books, Sonny.

Things used to be much worse. Advertisers would have their logos splashed all over TV shows and movies. On TV news they would be on the anchor desks, in the backgrounds, even on the clothes the anchors would wear.

There's a great exhibit in the Old Louisiana State Capitol that is an old TV news set from the 50's. The news was called something like "The Esso Seven O'Clock News" and there's a big Esso logo on the front of the desk, and I think one on the microphone as well as other places.

Quite an eye-opener. At least modern product placement is subtle. I think we're just getting more sensitive to it.

DNS hijacking does allow defeat of SSL

[jmorris42]

> To have a man-in-the-middle, all you need is a certificate signed by an authority that your computer trusts. The ISP can surely get that.

Give this man a cookie, or at least a mod point.

Once they manage to get your browser loaded up with a CA they control it is game over. Imagine, you type www.chase.com into your browser. Remember, THEY also operate your DNS. They resolve www.chase.com to an address they control and generate a certificate linking www.chase.com to that IP. Meanwhile their proxy server connects to the real https://www.chase.com/ and retrieves the homepage. Then their faked out server reencrypts the content and their inserted ad and sends it on to your browser which displays it with the lock intact.

This is what the various secure DNS proposals are intended to address. DNS hijacking allows almost any abuse in the higher layers.