Panel to question firm’s Web ad system

Executives from major Internet players -- Microsoft Corp., Google Inc. and Facebook Inc. -- are due for a grilling about online privacy in a Senate committee hearing today, but the company likely to get the most scrutiny is a small Silicon Valley start-up called NebuAd Inc.

NebuAd has drawn fierce criticism from privacy advocates in recent weeks for working with Internet service providers to track the online behavior of their customers and then serve up targeted banner ads based on that behavior.

According to Ari Schwartz, vice president of civil liberties group Center for Democracy & Technology, NebuAd’s business model raises many of the same concerns as an earlier generation of “adware” firms. Those companies developed software programs that -- when downloaded to a computer -- could track where a user went on the Internet and mine that information to deliver customized online ads.

Privacy activists say adware companies duped many Web surfers into downloading their software programs by bundling them with free screen savers, online games and other Internet applications. But NebuAd has a new twist: It works directly with Internet service providers to scan their customers’ Web surfing habits and deliver ads presumed to be of interest to them.

By injecting its monitoring in between consumers and the websites they visit, NebuAd’s technology could violate a 1986 federal wiretapping law that requires at least one party to a communication to consent to a wiretap, according to an analysis released Tuesday by the Center for Democracy & Technology.

For its part, NebuAd has stressed that it does not collect any personally identifiable information about consumers and that it requires Internet service providers to notify their subscribers about its ad system. On Tuesday, however, the Redwood City, Calif., company unveiled a new set of privacy protections, including an online notification system and an opt-out mechanism for computer users.