Charter Communications is sending letters to its customers informing them of an “enhanced online experience” that involves Charter monitoring its users’ searches and the websites they visit, and inserting targeted third-party ads based on their web activity. Charter, which serves nearly six million customers, is requiring users who want to keep their activity private to submit their personal information to Charter via an unencrypted form and download a privacy cookie that must be downloaded again each time a user clears his web cache or uses a different browser.
Reader Matt copied us on a letter he sent to Charter’s VP of Customer Operations and CEO:
Dear Mr. Stackhouse,
I am a high speed internet subscriber in the Fort Worth, TX area. For the last year or so I have had Charter’s 10 Megabit service and I am a satisfied customer. I am writing, however, because I am concerned by your recent letter discussing the “enhancement” that will be coming soon to my Charter web browsing experience (targeted, in-line advertisement manipulation). I appreciate Charter’s respect for my privacy, but the method that Charter has provided to opt-out of this tracking scheme is insecure and woefully inadequate.
The method that you provide to opt-out is as follows. First, a customer must visit http://www.charter.com/onlineprivacy. Once at the site, the customer must enter his or her complete name and address. Upon submission of this personal information, the customer must accept a cookie from Charter that indicates his or her opt-out status. While this process sounds simple on face, further consideration reveals that this opt-out method is fraught with privacy concerns and places the burden on your paying customer, rather than Charter.
The most pressing privacy issue with this opt-out method is that the opt-out form presented at the aforementioned URL is not encrypted. As I’m sure you realize, this means that a user submitting his or her address to Charter is doing so in the clear, leaving this personal information open to eavesdropping. It is not difficult to create an SSL-encrypted web form. It is troubling that Charter has not done so in this case.
The fact that this opt-out system relies on a cookie to keep users opted out is also a privacy issue. By telling customers who visit the opt-out page that, “if you delete your cookies or cache files… you will have to opt-out again,” you are encouraging users to keep those files that good privacy practices dictate should be frequently purged. Ironically, the best reason to purge one’s cookies often is to prevent internet marketers from tracking one’s behavior online.
In addition to the critical privacy concerns, the steps required to avoid being tracked by this new advertising system place the burden on your customers, rather than on Charter where it belongs. A customer should be able to opt-out of this advertising tracking system in a manner that will rarely, if ever, require the customer to opt-out again. Instead, because the system uses cookies, a customer must insecurely opt-out of being tracked on each PC in his or her home. Further compounding the work that the customer has to do, if the he or she deletes cookies in accordance with safe browsing techniques, it will be necessary to insecurely opt-out on each and every PC again.
I suggest that rather than force your customers through unending iterations of opting out of this advertising system, you should allow customers like me to opt-out at the cable modem level via a secure, encrypted form on your website. I’m glad to hear that Charter has an appreciation for my privacy, but please change your opt-out process to demonstrate that you also have an appreciation for my time and security online.
Matt’s letter focuses on the flawed opt-out clause, but the program itself, an implementation of “deep packet inspection,” is more worrying to us. Deep packet inspection allows an ISP to monitor not only its users searches and visited websites, but also the type of activity (e.g., email or peer-to-peer), which could be used for traffic shaping and threatens net neutrality.
Charter to Monitor Surfing, Insert Its Own Targeted Ads [DSLReports]
(Photo: Getty)
More From Consumerist
-
BitTorrent Users Try, Unsuccessfully, To Trigger Copyright Alert System
-
Google On The Hook For A Record $22.5 Million In Safari Privacy Case
-
List Of Companies With Worst Customer Service Scores Is Full Of Familiar Names
-
Charter Admits It Shouldn’t Charge Customer Modem Fee, Keeps Charging Her Anyway
-
Some Of Those Threats Weren’t Empty: 25% Of Instagram Users May Have Quit Over TOS
I just received my letter and I was in shock/denial reading it. So this is what things have come to?
I feel for the people that don’t know better and will have to live with this. I have plenty of means to remove their stupid ads and taint their collected data in what seems more and more like a web version of telemarketing.
Of course their DPI will in no way improve the quality of my service nor will it make any of it less expensive.
Like when are they going to get me a better uplink speed?
I wonder if this is an overall manifestation of finance issues at charter and they’re going to pull crack-whore things like this to try and make money.
Their cable service is lacking and most of my friends have switched to directv. I’m considering that myself too.
I also wish they’d stop bombarding me with their stupid phone service flyers. I’m not interested in 12 months of a so-so deal on it just have my payments go through the roof in a year.
Pathetic…
If i registered a cancelcharter.com domain and put up a signup form to “pledge to cancel” Charters services if they don’t back down, would anyone here “sign” it? Even if it didn’t affect your area…”YET”?
I’ll put it up if you’ll pass the word. the URL is available, but I’m not going to buy it if its going to waste. This would require an actual “pledge to cancel” all of charters services (not just internet) if they don’t back off this initiative. Anyone with me?
I’m toying with the idea of sending notification to whatever charters customer service email address is everytime someone signs up but worry about “spam” repercussions….
thoughts?
I hate to admit it, but I’m looking forward to receiving the letter from Charter.
I plan to staple it to something nasty and mail it back to them. Have already registered with a local ISP for replacement service.
Here’s something to consider:
From the Cable TV Privacy Act of 1984, which still governs Charter’s legal
obligations while providing Internet access:
Section 551(d): A cable subscriber shall be provided access to all
personally identifiable information regarding that subscriber which is
collected and maintained by a cable operator. Such information shall be
made available to the subscriber at reasonable times and at a convenient
place designated by such cable operator. A cable subscriber shall be
provided reasonable opportunity to correct any error in such information.
I’m on the phone with them right now demanding a copy of all information on
me that they sent to NebuAD. If they fail to deliver it’s $100 per day per
customer. If all of us here call Charter today and update our accounts to
reflect our demand for legally-mandated information, perhaps they’ll
recognize the problem. Worst-case scenario we all get a check when Charter
is deemed to be acting illegally by not providing this data.
There’s a lot more in Section 551 that applies as well. read it here:
http://epic.org/privacy/cable_tv/ctpa.html
Me: what can you tell me about the targeted advertising plan i was reading about?
CVH Cristal : Can you please give me the information about that advertising?
CVH Cristal : Please let me know if you are still connected to the Chat session at this time.
Me: [connect.charter.com]
Me: when will this be happening in montgomery?
CVH Cristal : That link took me to Frequently asked questions.
Me: it is the charter FAQ for the “Enhanced Online Experience”
Me: the targeted ads that i was reading about
If you require further assistance, go to http://www.charter.com/contact
Your session has ended. You may now close this window.
What excellent customer service!
Aside answer to something I always wondered about earlier in the convo
CVH Cristal : The non promotional prices are not on the website.
I live in the Warren Michigan area. Wide Open West just sent notification they are doing the same thing. They have a 3rd party tracking activity. I made the same complaint that I deleted all content when log off so I would have to opt out each time I log in. This is unaceptable. I have two more weeks and I’m turning internet access off. I would rather save $50 a month and go to the library for internet access.
From Reuters:
“WASHINGTON (Reuters) – Two U.S. lawmakers raised privacy concerns on Friday
about plans by cable company Charter Communications to track some
subscribers’ Internet visits and asked for a meeting before the program goes
ahead.”
Full article here:
http://www.reuters.com/article/internetNews/idUSN1643866620080516
I just got my letter from Charter on this. I’m not happy about this tracking one bit, but they are the only internet cable provider in our County. I’m a gamer and DSL is not going to give me the consistent low-pings I need for online FPS’s. I did the opt-out cookie thing, but it sounds like it’s going to be pretty easy for that to get expunged by ordinary system cleaning utilities.
if the people in:
• Newtown, Connecticut
• Fort Worth, Texas
• San Luis Obispo, California
• Oxford, Massachusett
take it, then they’ll roll it out nationwide.