(CN) – Millions of people’s Internet searches are routinely monitored, intercepted and misdirected by Internet service providers that direct searchers to counterfeit Web pages, laced with ads, using technology provided by Paxfire, according to a federal class action in Manhattan.
Paxfire, based in Sterling, Va., “works with ISPs throughout the United States,” and boasts that it “‘generate(s) millions of dollars a month in new advertising revenue for our partners by enabling them to participate in the booming $20 billion a year search advertising market,” according to the complaint.
Sued with Paxfire is RCN Corp., one of many Internet service providers (ISPs) that work with Paxfire.
“This case arises from defendants’ intentional and knowing interception of data intended for Yahoo!, Bing or Google (the ‘Search Engines’) via use of hardware and/or software provided by defendant Paxfire, as well as the monitoring, manipulation, aggregation, and/or marketing of the data. This interception was done secretly, without users’ consent or knowledge, in violation of federal and state laws, and in breach of RCN’s agreements with its customer,” the complaint states.
The class claims that the defendants direct Internet users to dummy pages, laced with ads, rather than to the Internet pages the customers actually sought via search engine.
During an Internet search, “Defendant RCN and the other ISPs use technology provided by defendant Paxfire to give false answers to certain of customers’ requests, and to send plaintiff and the classes to servers either owned or controlled by defendant Paxfire, or to servers owned by the ISP and utilizing Paxfire’s services (collectively ‘Paxfire-based proxy servers’),” according to the complaint.
It adds: “Defendants violated plaintiff’s privacy and compromised her financial interests and computer security, by knowingly and intentionally intercepting her internet communications in order to generate income for themselves. Rather than direct plaintiff to the websites she actually requested, defendants secretly gave her computer system false information that directed plaintiff to websites that looked like the websites she intended to visit, but were actually controlled by and located on servers belonging to defendant RCN and/or defendant Paxfire. In other instances, when plaintiff ran searches, defendants directed plaintiff through advertising affiliates into third-party commercial web pages, rather than provide plaintiff with the requested search results. Without plaintiff’s knowledge or consent, defendants used Paxfire’s hardware and/or software to misdirect plaintiff to these servers; impersonate the websites plaintiff wished to view, and monitor, manipulate, and/or monetize the searched run and page visits made by plaintiff.” (Italics in original.)
Named plaintiff Betsy Feist says researchers discovered these legal violations, conversion, unjust enrichment, breach of contract and breach of faith with a recently developed Internet tool called Netalyzr: “Netalyzr is a network measurement, debugging, and diagnostic tool that evaluates the functionality provided by people’s internet connectivity. One of the primary focus areas of Netalyzr is DNS [Domain Name System] behavior. When users run the Netalyzr, the data gathered from the program is sent back to its developers. The creators of Natalyzr analyzed data from numerous tests and discovered cases of ISPs, including defendant RCN, using DNS to redirect web searches to their own proxies.”
In a footnote here, the complaint adds: “Defendants redirect searches run via search.yahoo.com and www.bing.com through Paxfire servers. Searches run through www.google.com are not redirected by all ISPs; when Google searches are redirected, they are sometimes redirected through Paxfire servers, and sometimes redirected through ISP-located servers that utilize Paxfire technology.”
In language that would make George Orwell turn in his grave, the complaint states: “Defendant RCN installed Paxfire technology (either as software on its DNS servers or as physical hardware that sits before its DNS server) to monetize (i.e., generate revenue from) its customers’ private searches. Publicly, Paxfire claims to monetize ‘DNS Error traffic,’ which occurs when an Internet user types in a domain name that does not exist or that contains a typo. In the case of a DNS Error, the user of an ISP that employs Paxfire is redirected to a Paxfire-created search results page, rather than being directed to an error page (e.g., ‘site not found’).
“However, as revealed by Netalyzr, Paxfire is also being used by the ISPs to intercept and monetize search data even when the user types in the correct address of an existing domain name or when the user is simply running a search. Paxfire (and the ISPs) can monetize search data in a number of ways that fall into two major categories: monitoring and modification. Defendant RCN and defendant Paxfire can monitor searches and market the data to advertisers and data aggregators interested in creating demographic profiles. Defendants can also modify the search data (e.g., prioritize the search results differently so as to eliminate certain websites or make others more prominent, or include sponsored/paid listings in the search results); can modify the advertisements that appear on the page to generate income from the traffic to the page; and can redirect the user completely by sending him or her to an advertising affiliate’s webpage, rather than providing the requested search results.” (Parentheses and emphasis in original.)
In other words: “While plaintiff and the members of the class think they are communicating directly with one of the search engines, they are actually communicating with a server owned and controlled by defendant Paxfire and/or defendant RCN. Each time a customer enters a search into the search engine, the search goes to the Paxfire-based proxy server, which forwards the search to the search engine, then receives the search results on its own proxy server, and finally forwards the results back to the customer.” (Italics in original.)
Feist says similar deceptions are done through computers’ search bar, via “approximately 170 brand keywords that, when used in searches, are not only intercepted by defendants, but are forwarded on to a third-party advertising affiliate, who redirects the user to the brand’s webpage. Instead of receiver search results when a brand keyword is used as a search term, defendants intercept plaintiff’s search, and a webpage for a particular brand is displayed.”
Feist then describes how she used Netalyzr to discover how the defendants were manipulating her Internet searches.
She continues: “This breach of plaintiff’s privacy and computer security is meaningful and problematic for numerous reasons, including inter alia: it allows defendant and Paxfire to receive, review, and compile the content of each of the user’s searches, no matter how personal or private, and to share that information with and/or sell that information to third parties; it allows defendant and Paxfire to manipulate plaintiff’s search terms, such that results she receives are altered; it allows defendant and Paxfire to manipulate the web page returned to plaintiff, by reordering and reprioritizing search results, including paid and/or sponsored pages as search results, or altering advertizing on the search page; it allows defendant and Paxfire to send plaintiff’s private searches to a third-party advertizing affiliate, earning money in the process, and directing plaintiff to a brand’s commercial webpage rather than to the search results she requested; it allows defendant and Paxfire to know which websites the customer chooses among search results; and if the plaintiff or a class member is logged in to a service connected with the search engine (e.g., searching on google.com while being logged into Gmail, or searching on search.yahoo.com while logged into Yahoo! Mail), the customer’s search history can be connected to his or her actual identity.” (Parentheses and emphasis in original.)
Feist says that RCN’s purported privacy policies, which it disseminates to its customers, are untrue, misleading, incomplete and deceptive, and that it does not give customers a chance to opt out.
Fesit claims Paxfire technology has been used to monitor, intercept, alter and/or redirect Internet searches of customers of Cavalier, Charter, Cincinnati Bell, Cogent Communications, DirecPC, Frontier, Insight Broadband, Iowa Telecom, RCN, Wide Open West, and others.
She seeks restitution and damages for violations of the federal Wiretap Act, 18 U.S.C. § 2510 et seq., violations of state consumer laws, conversion, unjust enrichment, breach of contract and breach of faith. She is represented by Sanford Dumain with Milberg LLP.
She is represented by Peter Seidman with Milberg LLP.