Here's a current 'privacy' issue, having to do with what a server to
which you connect can know about you, and how it's done. You can find
out more
and still more about cookies if you're
curious.
July 22, 1996 (Vol. 18, Issue 30)
[Image]
THE GRIPE LINE
[Image]
BY ED FOSTER [Image]
Can mixing `cookies' with online marketing be a recipe for
heartburn? [Image]
Fighting potential abuses of the Internet often seems to take [Image]
on elements of shadowboxing -- you can't always tell whether
there's a real enemy or not. Our recent discussions about junk [Image]
e-mail and other questionable marketing practices on the 'net
prompted one reader to alert The Gripe Line to a company [Image]
called DoubleClick.
"DoubleClick is targeting advertising based on a user's
demographic profile," the reader wrote. "There's nothing wrong
with that; in fact, that seems to be a step in the right
direction. The catch is that they are using Netscape cookies
to collect and store this data without the user being aware
it's happening."
I visited DoubleClick's Web site (http://www.doubleclick.net),
and it did seem fairly ominous. DoubleClick sells advertising
through a variety of Web sites that include USA Today Online,
Quicken Financial, Travelocity, and more than 30 others.
"When a user accesses a doubleclick.net member Web site, the
user's browser makes a request [transparent to the user] to
double click.net for an ad banner," read one of DoubleClick's
Web pages. "DoubleClick retrieves information about the user,
based on their IP address and cookie ID [if running Netscape],
from the Internet Profiles Database."
The DoubleClick software uses the information to decide which
ad banner is most appropriate to display to that user. What
kind of information do they have in that database?
"DoubleClick has created the largest and most complete user
and organization database on the Internet," another Web
document explained. "DoubleClick is able to tell an incredible
amount of information about a user, such as operating system,
location, organization name, type, revenue, and size."
My reader objected to the use of the Netscape cookie to
apparently collect this data on Web surfers who may not know
that either DoubleClick or the cookie file exists.
"Here we have a clear situation where information is being
gathered about a particular user without that user's
knowledge," the reader wrote. "Even the target marketing cards
that masquerade as warranty registrations in every appliance
or electronic device known to mankind give the user a choice
to check a box to deny the right to share or sell the
information provided. This check has been removed in the rush
to the online world. I am concerned about where this tacit
assumption that we give up our rights to our privacy as we
head into an online world will lead us."
I was concerned, too. Now that I had been on DoubleClick's Web
site, my own cookie file sported a DoubleClick cookie, ready
to identify me to any other DoubleClick-enabled site. It
didn't bother me that it would use that information to decide
which ad to show me, but it did seem wrong that a file on my
own system would be used to collect and pass on information
about me.
I decided to contact the company CEO and president, Kevin
O'Connor.
"There are a lot of misperceptions about the cookie file and
what it can do," O'Connor said. "All we're using it for is to
keep track of which ads we've shown you so you don't keep
seeing the same one."
Information about the user's geographical location and company
affiliation is derived from the IP address, not the cookie
file, O'Connor said, and the user's browser identifies itself
and the operating system it's running under.
In spite of the company's claims about its user database,
O'Connor said that DoubleClick does not use information about
other sites the user has accessed when choosing the ad banner
to display, and the company does not try to identify the
user's name.
"Without question there is potential to misuse information,
but that's always been there," O'Connor said. "The potential
for abuse on the Web is great, because it is so powerful. But
it really has little to do with cookies."
From what I've been able to gather from Netscape and from
Brett Glass' column last week, it looks like O'Connor is right
about the dangers of the cookie file being greatly
exaggerated. (See Help Desk, July 15, page 54.) Still, I'm
going to keep an eye on it. After all, telling friend from foe
on the Internet is still a tricky business.
Ed Foster's Gripe Line examines issues raised by readers
concerning product quality, customer service, and sales
practices. Send gripes to gripe@infoworld.com or call (800)
227-8365, Ext. 710. Join his New Gripes forum on InfoWorld
Electric at http://www.infoworld.com.
Copyright (c) InfoWorld Publishing Company 1996