About a month ago the Washington Post reported that NebuAd, a web marketing company, was employing the nastiness known as deep packet inspection (DPI) to target advertising at internet users in Kansas. The only notice the ISP offered their customers was an update to their privacy policy on their corporate web site. This would be like the USPS posting a similar notice on their web site before allowing mail carriers to open your mail, log the contents, and share the findings with advertisers. (For a great write-up on the particulars of deep packet inspection, see the ACM's blog post on the subject.)

Today the Post reports that NebuAd is putting the mass deployment of their product on hold while Congress addresses privacy concerns of the technology. The article goes on to say that several companies have put their trial deployment on the back burner. It doesn't mention how many (or which) companies are continuing with their deployment plans.

I went to NebuAd's web site and found a link to opt out of their 'behavioral targeting solution': http://www.nebuad.com/privacy/optout.php (Note that if you delete your browser cookies, you will need to opt-out again.)