Ads in My Twitter Stream – What Happened to Informed Consent Hootsuite?

A couple of days back I chose to follow my normal course of behaviour and play with any new Twitter clients for my much loved HTC Hero.  As yet there has been nothing on par with the truly awesome Gravity client on Nokia’s Series 60 by @janole so anything new gets a fair go.

I’d seen reviews of Hootsuite’s new client and after throwing a nice shiny baked ROM at the Hero I was able to download and install Hootsuite Lite.  There is a paid for version ($1.99 at time of writing) but as the only additional benefit I could see was the ability to handle more than 3 Twitter accounts (and I use but 1) there was little point in spending the cash just to see if it works.

Setup was simple enough, even though the you get hassled a couple of times to create a new Hootsuite account before being offered a connection to your Twitter account.

Now I’m not going to review the application other than to say it’s very usable, has some decent thinking around navigation and handles a Twitter account admirably – at least on par with the current leader Seesmic in my opinion.  But something odd happened after a feed refresh sometime on Saturday.

I was out and about, hit refresh and a curious new message appeared in my stream from someone I don’t follow.  This in itself given Twitter’s problems of last weeks with random tweets appearing was nothing too odd but this tweet had a different coloured background and the format of the message was odd.

I quickly sent out a tweet to the crowd asking if anyone else had seen these “ads” but everyone who responded hadn’t. Was this the first inkling of the much talked about Twitter advertising model.  If so it was pretty well exactly what I had expected it might be but had no knowledge of it having yet been enabled.

Of course being out and about research was a little hard to do.

So yesterday I sat down for half an hour and did some digging.  It turns out that Hootsuite have partnered with a third party Twitter advertising agency called 140Proof who’s model is to sell advertising messages injected directly into one’s stream by the client application.  They look and feel like tweets but they aren’t – they are put there ONLY in the application stream.

They are inoffensive and not at all obtrusive, as I said they pretty well looked and felt how I would expect a Twitter ad to be BUT I hadn’t asked for them and more importantly I couldn’t recall ever being informed that I was going to get them.  There were no signup T&C’s with the mobile app, no details easily found on Hootsuite’s web page, nothing.

A little more digging and it turns out that, according to this article on Techcrunch that,

Twitter clients pass 140 Proof a user ID list (with no names) and the public information contained in a Twitter users profile, and on the advertiser side, advertisers bid on ads to be directed toward users based on keywords in tweets, followers, as well as device, location and platform. 140 Proof’s algorithms calculates Twitterer’s “persona” based on public tweets and who they follow and serves ads to users based on this data.

YOU WHAT?  So without my permission Hootsuite passes my PI and graph to a third party who then does their thing with it, sells that bundle (anonymously granted) and throws back a targeted advert!

Now sure my stream is public and viewable by all but that doesn’t make it acceptable for a business to utilise that information for their own gain without at least first asking for permission.  What happens if you have a private non-publicly viewable Twitter stream?  Does Hootsuite not work or do they just blindly continue to pass that data on to 140 Proof?

I don’t mind the ads, they make sense, they (in theory and assuming I pay them attention) pay for Hootsuite to offer up their client for “free” (read no money there) but informed consent is required.

For the record NOT one of the adverts I  have seen over the last couple of days has been even vaguely “relevant” nor have I clicked through on any.

I’ll be having a chat with some people over just what consent they should have obtained as surely there must be a requirement in the EU but it’ll be more interesting to see just what sort of lifespan the 140 Proof model will have once Twitter actually do get their advertising live.

UPDATE: I am interested to hear from anyone who has knowledge of the BT/Phorm case being brought by the CPA;  specifically the abuse of Regulation of Investigatory Powers Act (RIPA).

If Hootsuite are intercepting my profile and tweet stream and shipping it off (hashed or not) to 140Proof for analysis and spam would this constitute a breach also?

Don’t get me wrong I don’t want Hootsuite punished I just wonder if this is/were the case what would be their knowledge of the issue and how would the choose to address it.