SAN FRANCISCO, CA — NebuAd Inc., a Silicon Valley company that became infamous during recent congressional hearings about online consumer privacy, violated federal hacking and wiretapping laws when it employed deep-packet inspection technology to spy on internet users’ surfing habits without their knowledge or consent, according to a federal lawsuit filed November 10th.On behalf of thousands of consumers, the suit seeks punitive and compensatory damages from NebuAd and six of the internet service providers known to have worked with the company as it pursued information that would allow its clients to target online ads more precisely. The lawsuit may prove to be the death blow for NebuAd, which suspended its deep-packet snooping over the summer after facing stern criticism in Congress and precipitating regulatory threats from the Federal Trade Commission.

According to court documents, NebuAd paid ISPs to install monitors inside their networks. The monitors not only read every “packet” — or small electronic envelope containing microscopic details about the information users exchanged online — but also allegedly altered surfers’ traffic patterns in order to track them better. The information NebuAd obtained was shared with advertisers who paid the company to help them determine which ads should be shown to which surfers based on their surfing and information-seeking habits.

Although NebuAd declined to comment about the litigation, in the past the company has defended its actions by saying users could opt out of receiving the targeted ads. However, they could not opt out of being monitored, and that’s where NebuAd crossed the line, the lawsuit’s plaintiffs allege.

“Like a vacuum cleaner, everything passing through the pipe of the consumer’s internet connection was sucked up, copied and forwarded to [NebuAd’s] California processing center,” the lawsuit reads. “Any alleged anonymization of subscriber’s identity and data — if in fact any such occurred — occurred after the phase of initial interception, which provides the basis of this class-action lawsuit.”

The lawsuit takes a stance similar to the one the Electronic Freedom Foundation adopted in its suit against AT&T. In that case, which remains in court, AT&T stands accused of incorporating into its network a covert spying facility used by the National Security Agency to gather data from consumers en masse and without warrants. Several dozen similar suits currently are before the U.S. District Court in San Francisco.

Unlike the eavesdropping suits against AT&T and other ISPs who collaborated with the NSA, the government is not likely to step in on behalf of NebuAd, observers say.

ISPs named in the suit include WideOpenWest, Embarq, Knology, Bresnan Communications, Cable One and CenturyTel, all of which have admitted at least testing NebuAd’s technology.

NebuAd altered its business model in September and now adheres to less invasive data-collection methods, the company’s chief executive told Wired.