Image credit: Gilles Lambert
If you’re an Optus mobile phone or home internet customer, here’s something we suspect you don’t know about your telco: it is monetising customer web browsing histories so they can be targeted with ads based on the websites they have visited.
Crikey can reveal that Optus is monetising the websites its Australian customers visit by sharing them with an advertising-technology firm that Optus’ parent company Singtel Group acquired for US$321 million in 2012, called Amobee. Demographic information such as gender and age are also tied with the browsing histories shared, according to Amobee’s website.
While companies such as Facebook have “like” buttons or other plugins embedded on many of the world’s popular websites, which reveal a user’s browsing history and send it back to Facebook so it can target ads at those users on behalf of advertisers, these do not give Facebook as full a picture of a user’s browsing history — something Amobee is able to provide, thanks to Optus.
The technique is “a step way too far,” a media buying executive who was pitched the Amobee techniques tells Crikey, adding “it made me feel sick and actually worried”. The executive says he has so far refused to work with Amobee because internet browsing histories were “really personal or intimate moments” which he doesn’t believe should be accessible to advertisers.
“They are actually monetising Optus internet browsing history,” says the media buying executive, who asked to remain anonymous. “So you can actually tap into Optus customers and go, ‘I want to target people who visit this list of websites’ and they will build that for you. … As far as I am aware, no other internet service providers [in Australia] are monetising their data like that.”
As one example, the media buying executive said a car company could target Optus customers with web-based advertising based on whether they had visited competing car companies’ websites. Additional websites could be added to the list to refine who is targeted, such as only targeting those who visit, for example, both theage.com.au and toyota.com.au.
While browsing history data was only ever housed within databases held by Amobee or Optus, and not disclosed to others, the media buying executive remains concerned about the practice of storing it in the first place for the purpose of serving ads against Optus customers.
“You’re not getting a list that says here are names and email addresses [of people who have visited these websites]. It is all completely privatised. But I think that even though they are privatising it … what if something goes wrong? What if there was a massive data breach?
“That would be … incriminating for a lot more people,” the media buyer said, adding that Optus customers are “not getting any value” from their browsing histories being stored, unlike when a consumer might subscribe to a rewards program and disclose their shopping purchases as part of that process in exchange for frequent flyer points or similar.
“At least with those [rewards] companies there is a bit of a value exchange because you are getting value out of essentially sharing your data with them,” the media buyer says.
“Optus customers are not getting any value from that.”
On its website, Amobee lists clients including Skype, Porsche, Evian, Garmin, Hyundai, Showtime, Pizza Hut, Volkswagen, Lexus, Acura, T-Mobile, Adidas, and Chrysler.
Through ad exchanges and according to the Amobee website, its platform:
- “Connects with” over 1.8 billion mobile users around the world;
- Delivers “over 60 billion global display impressions” daily on desktop computers; and
- Delivers its clients over 480 billion global impressions through online video exchanges each month via pre-roll ads before online videos.
In a statement, an Optus spokeswoman said that prior to working with Amobee the company had updated its privacy policy and contacted customers to let them know that its policy had been updated and that “they could opt out of having de-identified data shared with third parties”.
“We advised the Office of the Australian Information Commissioner that we were writing to our customers about the change to the policy and that we had taken steps to de-identify the data and allow people to opt out,” the Optus spokeswoman added.
(To opt out, Optus customers need to follow instructions under a tab titled “Manage trusted third party data sharing preferences” on the company’s website.)
Amobee is not directly mentioned in Optus’ privacy policy, but the Optus spokeswoman said that Amobee was covered in the section dealing with sharing data with the Optus Group and its subsidiaries, which states: “The Optus Group may aggregate and process personal information and de-identified system information to generate new insights about our network, products and customers. … The Optus Group may also share these insights with third parties on a commercial or non-commercial basis. If you would like to have your data excluded from these activities, you can opt out …”
Amobee’s website is clearer about what data it collects from ISPs, which it calls “partner carriers”.
“Through the partner carriers, Amobee collects internet usage information about users,” Amobee states in its privacy guidelines. “For example, Amobee collects the domain and user-agent of websites visited by users and of resources loaded from those websites. The carriers also provide Amobee with basic demographic information about the users such as their gender and age.”
It adds that Amobee does “not have access to the full URLs”. This means that instead of seeing toyota.com.au/cars, Amobee sees only the domain toyota.com.au. The user-agent collected tells Amobee the type of web browser and operating system the user accessed the website via.
Image credit: The Infologist
The advertising executive says Amobee were “possibly the biggest worry point in Australia at the moment” in the ad industry, adding that Amobee’s sales team have been pitching their offering to large Australian media buying agencies.
Details of Optus’ Amobee partnership come to light after it was recently revealed by Fairfax Media that Telstra was making money by “on-selling location data from its customers’ mobile phones”. It followed a report by freelance journalist Asher Wolf pointing to the fact the Australian Bureau of Statistics was making use of the location data of customers from a then-unnamed telco.
As part of a program called “Location Insights”, data available to Telstra’s clients could be broken down into 15-minute increments, and demographics broken down by age groups and gender.
Telstra argues the data was anonymised. “We do not share or sell any information which identifies, or could reasonably identify, a customer with third parties unless we have the appropriate informed consent or are required to by law,” said a Telstra spokesman.
Despite this, Telstra has since rolled out a way for users to opt out via a form on its website.
When contacted for an interview, Amobee told Crikey it was unable to organise one and pointed us to Optus’ statement and its collection policies. It added that it was “important to note … that all the data we use is aggregated, anonymised and privacy compliant”.
Crikey is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while we review, but we’re working as fast as we can to keep the conversation rolling.
The Crikey comment section is members-only content. Please subscribe to leave a comment.
The Crikey comment section is members-only content. Please login to leave a comment.