Government owned telecom operator MTNL has said in an RTI reply (pdf) that its advertising vendor, which injects ads into users Internet connections, does not capture any personal information of users, ‘as per the certificate given by it (vendor)’. The reply came from a second appeal filed by Sushubh Mittal seeking details about MTNL’s injected ads/service messages on browsers via its broadband network. (Source: Github)
Mittal had asked MTNL to clarify the following in his RTI:
– a copy of the circular which said that the MTNL decided to start injecting browser popup ads on its service
– the technology used for this
– the provider of the technology and a copy of the agreement made with the said company to get this service
– name of the company operating the service on behalf of MTNL and the charges MTNL paid for it
– a copy of the agreement of revenue sharing if there was one such in place
– the number of ads delivered and revenue made through the platform and
– the details of user data and who has access to this user data
However, MTNL refused to provide information about its injected ads by invoking Section 8(1)(d) of the RTI Act, but said that its ad vendor does not record user data. In March, Mittal had filed a different RTI seeking the above details; but MTNL refused to provide answers to all queries by invoking Section 8(1)(d).
Section 8(1)(d) of the RTI Act which states that, “information including commercial confidence, trade secrets or intellectual property, the disclosure of which would harm the competitive position of a third party, unless the competent authority is satisfied that larger public interest warrants the disclosure of such information”
How MTNL is injecting ads into browsers
However, Mittal notes that these injected ads do not appear on websites using HTTPS protocol as that would take “some extra steps which would most likely raise red flags everywhere”.
Adphonso might be recording user data
As pointed out by Mittal, Adphonso’s website clearly states that they provide “media advertisements to customers through networks” and that its solution “reads Machine Details, browser and OS information and Customer Behavior along with location”. The company mentions that this meant for creating relevant ad impressions.
A screenshot from the website:
While, Abeer Media’s website, which owns Adphonso says that it provides “Behavioral Patterns” services under its “Advertising” operations “Data Capturing” under its “Mobile and Web Tools” offerings.
Un-Related: When Finance Minister Arun Jaitley’s website was compromised by hackers in 2014, it was found that Abeer Media hosted the website’s servers.
It is not proven that Abeer Media/Adphonso have been providing the injected ad service to MTNL. Nevertheless, MTNL’s reply to Mittal’s RTI query only adds to suspicions and more questions regarding the framework behind these ads. Even if Adphonso isn’t piling-up user data, it is making some amount of revenue by injecting ads on websites being visited by MTNL users, and as suggested in its website, it owns tools to track and personalize ads for different users.
BSNL injecting ads in browsers; refuses to provide info
This month, BSNL was also found to be injecting banner ads and other service related messages on web browsers within its broadband network. One user from broadband forum (link) had submitted a screenshot showing a Snapdeal pop-up ad on BSNL’s broadband network. Both MTNL and BSNL ads are being hosted by Abeer Media according to users on github and broadband forum.
In addition, BSNL rejected an RTI query sent by Mittal seeking information abut injected ads, and whether it collects user data by invoking Section 8(d) of the RTI Act. However, surprisingly Mittal pointed out to us that BSNL had disabled ads for a user who raised the issue on BSNL’s PGPortal, a grievance redressal portal of BSNL.