Posted by
CmdrTaco
on from the suing-big-brother dept.
heytal writes: "Cnet has an article about lawsuits filed against advertising companies for allegedly tracking customers without their permission." We're going to see a lot more of this in the future.
Web bugs can also be used in email. For example, companies can send a bulk HTML email newsletter that has Web bugs, which will determine how many people read the letter, how often they read it, and whether they forward it to anyone. The email "would include your email address in the URL or include a coded ID or encrypted email address to track when you opened it," Smith said. - From a previous article on the site.
Now I don't know about you, but with regards to spamming and whatnot these 'web bugs' seem like a pretty blatent violation of privacy. Granted with cookies you do have the option of not using them, but this stuff takes it to the next level. Just another reason to use an email program that doesn't read HTML.
Re:Not just cookies...
by
Mad+Hughagi
·
· Score: 2
I don't believe that these so-called "web bugs" are cookies though. From what I have read on the page they are implemented simply by having the html read by your mail reader. Or that is what I got from the article anyways.
I'm not a big fan of lawsuits, or the authority that some judges assume, but it is nice to see some action in this area. If only it gets reported widely enough so that even non-technical people are aware of what is going on with their privacy.
If you give yourself two login names, you have several alternate IDs set up. That way, you can possibly have multiple lawsuits, or at least have two different accounts on amazon.com, one for the family, the other for, uhh, other things...
Tell me what makes you so afraid
Of all those people you say you hate
Yeah, go for it! Ever since I found Comet Cursor running on my system without my permission, I've been noticing more and more privacy violations, all so someone can make a buck. If they gave me a free PC, with the understanding they were going to track my use of it, fine. If they install tracking software surreptitiously on my pc to gather data (and thus money) without my permission, blast them to hell! Or Phobos!
Plaintiffs allege that (the defendant) has covertly, without consent or authorization, planted 'cookies' upon Internet users' computer hard disk drives and secretly tracked their movements across the Internet," the plaintiffs charged in a filing in Denver, Colo.
How can they do that? If the user has their browser set to accept cookies, and cookies get placed on their system, what is the problem with that? Seems like a case of people's ignorance, and instead of acknowledging that, they decide to sue someone instead.
We're going to see a lot more of this in the future.
I'm not a big fan of using the courts to punish every perceived wrong, but in this case, I say good. Take a look at this article in the New York Times (free registration required to view it). Those spam emails you get frequently contain HTML that allows the sender to obtain access to your browser cookies and tie your online activities to your identity. Not to mention being able to obtain your IP number and derive your location from it (Postel Services offers this feature for free in its HTML email service. Great way to stalk someone). Legislation doesn't seem to be forthcoming to curb these abuses, so at the moment the courts are the only weapon available.
Re:Why isnt this against DoubleClick?
by
Frederic54
·
· Score: 2
Only a dumb user would make a statment "Plaintiffs allege that (the defendant) has covertly, without consent or authorization, planted 'cookies' upon Internet users' computer hard disk drives and secretly tracked their movements across the Internet," the plaintiffs charged in a filing in Denver, Colo. "
If they were not truely dumb, they would realize that they could prevent cookies from being set on there machine. Both IE and Netscape have a way to shut off and turn on cookies. Although Microsofts IE is a little more illusive (IMHO). Nothing with cookies is done "covertly". If you are using a browser that accepts cookies, you can shut this functionality off, or have it prompt you before accepting cookies. In IE this may be more difficult, but is possible. Most web sites also state there stance on privacy. I don't think I have been to a web site that does not use cookies. SO are they going to include all these too? Many major web sites use cookies to track there users where abouts. If they are going to sue Matchlogic, why not include doubleclick and engage as well? Doubleclick is far worse than matchlogic. Doubleclick has mapped out IP addresses on teh web, and when you get one of their sites they know where you are on th eplanet. They 'say' that they do not use this, but the info is available. They also use cookies as well.
If they want to do something about this then they need to use konqueror, lynx,or Netscape (not sure how well IE handles this) and set there browser to prompt on recieving cookies, then reject any ones they don't want. If IE cannot do this, then they really need to go after Microsoft and make them include better cookie handling features.
I don't want a lot, I just want it all!
Flame away, I have a hose!
I basically have cookie support enabled (only from the site that the originating page came from, by the way, but that doesn't make much difference in practice) because some sites that I visit regularly use them for good purposes and I want things to work transparantly when I find a new site with cookies worth keeping.
To compensate for this, I have a cookie eating script that gets run every night from my crontab. It reads in a cookie filter file, containing commands such as:
retain ^slashdot\.org
remove ads\..*
and then acts accordingly: a cookie that matches a
"retain" line is, well, retained. One that matches a "remove" line is... you guessed it. Cookies that match neither are reported to me, so that I can decide what to do with them next time round. Initially I ran this script once a week, but as I kept accumulating more "remove" directives, the number of manual interventions went down quite rapidly, so I increased the frequency. I'd move on to once every 6 hours, if it weren't for the fact that it's no use editing the cookie file while Netscape is running.
A nice side effect of what I'm doing is that each time that I visit one of these tracking companies, they actually think that they've found another victim. Let them...:-)
By the way, originally, I used the possibility to opt out whenever possible. But I found that, while my DoubleClick opt out cookie would indeed be kept around, the similar one from prefences.com tends to disappear automatically after some time. So nowadays I bluntly remove anything that's not absolutely required.
Re:which browsers to use???
by
Voline
·
· Score: 2
I have been using the iCab browser, almost exclusively, for the past nine months. It has a built-in cookie editing feature. This isnÕt exactly what you described, blocking all third-party cookies, but it works very well for me.
I have the general setting as ÒNever acceptÓ cookies, then there is the option to have exceptions to this. So I never accept cookies, except I Òalways acceptÓ them from Òslashdot.orgÓ and a couple other sites. Doubleclick.com is not among them. So any cookies not hosted by the site I am visiting will not be accepted.
iCab also has a terrific user-configureable image-filtering feature. With this feature you can filter out any image with a path, filename, or URL name that ÒisÓ or ÒcontainsÓ/ad,/advert,/doubleclick,/banner . . . you get the idea. It replaces these images with a small icon of a melita coffee filter. Cute, eh? I have found this feature to be very successful in blocking ads while rarely blocking an image that is part of the content of a page. This has the added benefit of speeding up page-rendering.
Unfortunately, iCab is a Mac-only program. If you are running Windows I recommend the Opera web-browser. It doesnÕt have these options built-in, but it may in the future. I donÕt know about Linux.
Check the resources page of EPICÕs web page. There are some freeware tools that you can add to IE or Netscape to help you manage cookies and ads. I havenÕt had to use them, so I canÕt vouch for their effectiveness, but EPIC wonÕt steer you wrong.
Web Bugs/Cookies Are the Least of your worries
by
jjr
·
· Score: 2
Your information is already tracked by companies like Experian. Who in turn sell your name and profile for a mailing list(snail mail). They profile your name base off your income,age,sex,religion,buying habits...etc. I understand why people are getting upset about the web bugs there is no way for you to get off the list. At least Experian and other list brokers you could call them up to get your name off thier list. There is no way you can do this with the other companies.
Hi there,
This is my first time on here, so please forgive any errors in posting. A friend referred me here to tell my story about fighting the Royal Bank over breech of privacy to telemarketers. If the text doesn't append properly to this message, write to me at pwake@golden.net and I'll put the entire text file on a server for anyone who wants it. If anyone has advice, feel free to email me as well...
Regards,
Greg Currie
pwake@golden.net
Hey guys,
Thought you might get a chuckle out of this one... I've dealt with the Royal Bank for around 15 years now as a client and have had enough of their cutting back services and abusing their clients. Last year they closed down my branch and relocated my account to the downtown location here in London. So, now I have to drive further to deal with the Royal Bank and when I get there I have to PAY to park... Yes, I have to PAY to deal with my bank. When I get there, if I require a teller I usually end up in line for 30 to 40 minutes as they have three tellers active on average. Customer oriented? I don't think so...
When I started my business account this year I was originally going to go with St. Willy's here in town for their wonderful customer-oriented philosophy. However, since I already had my personal account at the Royal Bank I decided to start my business account there. While starting my business account I also ordered company cheques through the bank. Sitting in my chair while we arranged all of this, I can remember a large proudly displayed and framed privacy and confidentiality policy regarding customer information. A few days after setting up my account I get a message on our business line from some unfamiliar company requesting that I call them back. When I finally get a hold of this company, I find out that they are a 3rd party to the Royal Bank who prints their business cheques and literature. First came the thin excuse for their call that they wished to confirm my information. Ok... I had already verified the information with the account manager at the bank and signed off that the information was correct, so why was I being called again? Fine. Then they go on to telemarket me their other products and services. "No... I saw your other services listed when I was at the Royal Bank and I chose only what I require..." Why these people were wasting my production time for unsolicited telemarketing because I had started a business account with the Royal Bank was beyond me...
It just so happened that both the Royal Bank and St. Willy's were both presenting to a group of new business owners (including myself) at the London Community Small Business Centre a little later on. Before the entire group I sincerely brought up my concerns about the Royal Bank closing their branches, lacking parking for customers at their main location downtown, and allowing 3rd parties to telemarket me by providing my personal information to them. She stammered a bit and then stated that "that's just the way it is..." I was floored, she was telling me, her client, that the Royal Bank did not care about their clients' needs for service or desire for security over their personal information... After a pause, another new business owner stated that she felt the concerns were valid and deserved a better response. After the meeting, I approached the Royal Bank representative to press the matter and she promised to look into it if I called her with more information.
After a lengthy period of time passed, she called me back apologizing for the delay and said that she had escalated the concern through their company's protocol for such matters. She assured me that the 3rd party was bound by a confidentiality agreement not to pass on my information and further and that they were likely just offering valuable services to myself. I informed her that that was not the point, that the Royal had given my personal information to this third party and that I had been telemarketed because of that. She agreed that it was not a very good answer from the Royal, but that it was all that they were going to do. My unfounded suspicion is that they must make money dealing with the company and don't want to lose the revenue. While closing the conversation with her, I informed her that I bill out at $250/hr for my time as a web designer and that I would, in the future, bill for my wasted time if I received unsolicited telemarketing because of the Royal Bank.
This morning I received a phone call around 10:30am from a telemarketer representing the Royal Bank. I asked, "Does this have anything to do directly with my account?" "No." "Are you a telemarketing company?" "Yes." "What is your company name?" "Box Data" I then got the individual's name, the company phone number, and the fact that they were trying to sell my telephone and internet banking services (a service that I already have). Needless to say I was not very happy at wasting my time on this telemarketer. I called my Royal Bank account manager and presented my unhappiness at being telemarketed by a 3rd party company a second time due to their company. I also reminded her of my hourly billing rate and that I would be charging for my time by the whole hour. She promptly asked for my account number and had me removed from the company's telemarketing list.
That very evening... In the middle of dinner... I get a phone call from a telemarketing company representing the Royal Bank wanting to sell me even more features. Again: "What is your company name?" "Box Data" I confirmed their contact information and the agent's name and informed him that I would be billing my hourly rate of $250 if he wished to continue. He decided to continue and try to sell me the services. I patiently listened, declined his offer, thanked him, and hung up. I then brought up my invoicing screen and made out two invoices for $250 and GST for each of the calls using my account manager's name as a purchase order number and dropped them into the mail.
I wonder if the Royal Bank will just pay them? I doubt... I've seen how much they value profits over customer service... But I put a 30 days notice on the invoices and will send a second letter if the invoices are not paid. If my second letter does not result in payment then I will either forward the delinquent account to a collection agency or take the Royal Bank to small claims court. Both parties were informed of my billing rate and policy, and I consider that a legally binding verbal contract that I am willing to pursue in court.
So, if I get paid I'll take my spouse out for a nice dinner compliments of the Royal Bank. If I don't get paid even after going to court, then I will at least have stood up for my personal right to privacy against a large profit-driven corporation.
Regards,
Greg.
If the user has their browser set to accept cookies, and cookies get placed on their system, what is the problem with that? Seems like a case of people's ignorance, and instead of acknowledging that, they decide to sue someone instead.
Well personally I see it as a violation of trust. Cookies have other uses than just tracking just like there's more reasons to leave your door unlocked than to let strangers walk into your home.
For example, does the knowledge that I choose to read my email give anyone the right to send me lots of bulk, unsolicited email every day? Some people might argue yes, because I have the option of using filtering software or simply not reading it. I would argue no.
Can people steal my car because I left it unlocked? Can they place a hidden camera in my house because I left the window open?
If the answer is no, why should they have the right to put unsolicited cookies on my system because my browser is set up to allow it for other reasons? It goes beyond reasonable expectations of what the customer/victim is likely to want.
Reasonable expectations might be allowing someone to come onto your property so they can knock on your door. If they came onto your property to dump their garbage or knock your house over (even if you didn't have a security system to stop them), it would be far beyond reasonable expectations.
===
Has anyone ever made money?
by
imagineer_bob
·
· Score: 2
Not that it matters for this case, but has anyone actually been able to make money because they can track users bettter?
I worked for a dot-com (briefly), and though we tracked everyone's viewing and clicking history, we were at a loss to do anything useful with the info.
Rates for banner ads kept dropping month by month, as advertisers learned how inneffective they were!
I doubt that this info is actually useful.
BTW: If you use Windows, Norton's "Internet Security" does a great job of blocking cookies and banner ads! It's transparent, so once you install it, you hardly know its there. Each time you visit a site that tries to cookie you, you can choose "Always allow for this site" or "Always Deny" (and also block ref-by!).
Re:Has anyone ever made money?
by
Tackhead
·
· Score: 2
> Not that it matters for this case, but has anyone actually been able to make money because they
can track users bettter?
An advertiser is a guy who cons you into thinking that he can con your customer.
So yeah, Doublefuck and its ilk have made money selling the line about user-profiling, but the jury's still out as to whether Doublefuck's customers can make money with it.
Judging from what's happening to DCLK and TFSM and similar stocks, the market's got an opinion. IMHO it'll be amazing if these companies are still operational when the lawsuits are over with.
Don't apply legal solutions to software problems
by
crucini
·
· Score: 2
Plaintiffs allege that (the defendant) has covertly, without consent or authorization, planted 'cookies' upon Internet users' computer hard disk drives...
It's tempting to rejoice at these marketing bastards getting their comeuppance, but on balance I hope this suit fizzles. Here's the transaction they're really talking about:
Plaintiff requests an image from Defendant.
Defendant transmits the image, including in his response a 'Cookie' header, which is a valid header in HTTP, the language which Plaintiff and Defendant are speaking.
Plaintiff records this 'Cookie'.
Time goes by.
Plaintif requests a different image from Defendant. This time, Plaintiff includes the 'Cookie' header previously furnished by Defendant.
Defendant deduces that both requests came from the same "person".
I realize that most of this transaction was transparently performed by the plaintiff's web browser. But that's not the defendant's fault. I would really like the courts/legislature to validate the following principle:
If you send a request to party X via a well known Internet protocol, and party X sends you a response conforming to that protocol, you can't sue or prosecute party X for so responding.
Too bad the law firms involved (notably Milberg, Weiss, Bershad, Hynes & Lerach) are well known sharks, uninterested in anything but their own bottom lines. These are the guys who mount investor class actions whenever stocks go down, and the ones who sponsored California's Prop. 211 a few years ago.
If an ethical plaintiff were involved, I'd give this story more credence.
Fed up with cookies, but can't disable them because some sites require them? Easy:
chmod 400 ~/.netscape/cookies
I accept all cookies, but every time (though rarely) when I exit netscape it trashes them. If I want to keep a cookie, then I set the file writable, let netscape write it, emacs the non-wanted cookies away and re-chmod it.
Does Mozilla include a cookie editor? It would be great to be able to "accept" all cookies but throw them away after a while, unless you specifically ask to keep them (without doing that chmod hack).
It should be a case of the lesser of two evils being preferable, but I really can't make up my mind which is which.
Here's my suggestion: let the court cases go ahead, and when the advertising company representatives are in court along with all the lawyers, blow the building up. (All members of the public would obviously have been replaced with inflatable replicas before this event...) That way everyone wins.
-- ++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
Are you kidding? Of course they're tracking us! Major League Baseball has satellites in the sky watching our every move, I tell you...collecting their insidious marketing information.
--Garthnak
-- Liberty in Our Lifetime - http://www.freeme.org/
View, Internet Options, Advanced, Disable all cookie use.
Netscape:
Edit, Preferences, Advanced, Disable cookies.
Lynx, KFM, Mozilla - you don't need to be told how.
Re:Easy
by
Anonymous Coward
·
· Score: 2
Yeah, that's easy, 'cept it won't work. You'll
have a helluva time surfing many sites without
allowing non-persistent (not saved to disk)
cookies. Many sites use them to figure out what page you came from, what options you've chosen (for this session), what ads they've thrown at you, etc.
The real solution is for browsers to not save any cookies to disk without your express approval. IE allows you to disable stored cookies, and allow per-session cookies (internet options->security->custom, halfway down). Oh, but it's IE, so it must be bad. Ahem.
This is precisely what advertising companies do. They are paid to determine the habits of their viewers, which is valuable information. It is completely transparent to you, you see nothing, you pay nothing, and all the while you get the content or other service you were seeking on-line for free.
I don't believe the net could survive without advertising. The tracking of customer habits is just anoter facet of it. There are plenty of other things to worry about right now, like free speech rights on the net. Let's leave advertisers alone for once, because in the great big world of the Web, you could say that they're the least of our concerns.
Why is it you think the net could not survive without advertising? Maybe without it, sites would actually focus on content once again.
Everything was going along just fine until 1994-1995 when everything became commercialized.
Online transactions are about the only big difference nowadays...and, well, if you are selling things via the web, you really don't need advertising on your web page, now do you?
From the article: Plaintiffs allege that (the defendant) has covertly, without consent or authorization, planted 'cookies' upon Internet users' computer hard disk drives...
I'm sorry, but you implicitly give permission to do this when you configure your browser settings. Trouble is, life gets hard when you disable all cookies.. you can't even log in to slashdot.
Wish I'd thought of that... */me clicks furiously on every add banner in sight.*
-- Karma: Dyn-o-mite!(mostly affected by Jimmy Walker reading your comments)
Re:Why isnt this against DoubleClick?
by
Tackhead
·
· Score: 2
> with doubleclick.net, you can easily OPT_OUT of their tracking stuff
I trust DoubleCross to respect my privacy even less than I trust Carnivore. At least the feebs don't get paid based on the number of citizens whose privacy they invade.
I didn't opt out, by the way - why the fuck should I opt out of something I never opted into?
And as for the argument that "you'll see advertising anyway, wouldn't you prefer it to be relevant to you rather than random?", please stop repeating the classic false-dichotomy tactic used by marketers.
If I'm not gonna click on their banners anyways - because (I know this is hard for the marketing mind to grasp) I read for the content, not the ads. So whether the ads are about goat sex or optimizing compilers, they're irrelevant either way.
At least by firewalling Doubleclick (at the router, with the Junkbuster proxy, or with the HOSTS file in Windoze, and maybe all three:-), the ads remain irrelevant, and they can't make money by selling my surfing habits against my will.
Nothing personal with respect to DoubleCross, you understand. The same goes for 24/7 Media, Exactis, and all the rest of the DMA shitweasels.
/me goes away, muttering something about AT&T telemarketers and wire brushes...
> They're not trying to track you so they can shop you to the FBI for visiting porn sites, they're just
making things better for you - partly because products are cheaper as it means decisions can be
made more accurately, and partly because it means you get what you want.
1) I decide what's "better for me". Not Doublefuck. When a marketer says it wants to "do you a favor", treat it like a government employee - grab your wallet and run like hell.
2) What prevents the Feds from issuing a subpoena to Doubleclick and (That other bunch of shitweasels they merged with in order to assign real-life identities to their cookie database, that got them in such trouble with the FTC), in much the same way they would with an ISP of a suspect?
Can we charge them for the USE of our computer? Say, $10/day/bit?
Send them a bill?
-- --
73 de KG2V
For the Children - RKBA!
"You are what you do when it counts" - the Masso
Cookies, "Web bugs", and mass media (what else?)
by
Faies
·
· Score: 2
We always hear about how all anti-cookie lawsuits mention the fact that users are not able to go against cookies. And of course, its obvious how easy it is to disable cookies.
Microsoft recently tried to show the public a new version of Internet Explorer which implemented "new" functions to let users easily determine which cookies they want and which they don't want as if none existed before. This only compounds the problem by giving the impression that we have no security at all unless we get the newest software.
In light of all of this, why does the media not report the other side? They are all caught up in the mode of earning money- scaring the public, getting ratings by users who want to know what is happening, keep them focused on updates to see if their privacy will be protected after all. After all, wtf is up with all this "constitutional crisis" crap? People talk about how the electoral system is messed up, and we need to get rid of it to save the world. I'm relieved to see that Time Magazine is willing to point out that "what would happen in a popular vote system where the margin is as narrow as the Gore-Bush margin...demands for recounts, not in two or three states but in 50". Even Hilary Clinton says she would support such a measure in Congress. Nobody is willing to truly speak for the electoral system and cite parallels when baseball series such as the one in 1997 ended up with one team scoring more runs and still losing overall, or even mention that things like this have happened before.
Back on the issue of online privacy, the media fails to mention the fact that most websites at least give a privacy policy- people are too lazy to read the legal information thrown in their face and then complain about how they never knew this or that. If the website never mentioned such a policy, it's the fault of the website, not the ad company which told the website to follow certain guidelines.
If anybody is wondering what "web bugs" are, they are only another cause of massive violations of privacy. (see the link/reference to them on the original article mentioned ). They are simply the one pixel gifs that many people use in invisible counters and such. Cookies are often only used in them to ensure that a person is not counted twice, not to monitor tracking- yet cnet portrays them to maliciously violate our privacy all the time.
These "web bugs" are described early on with the following excerpt from that article: Savvy Web surfers know they are being tracked when they see a banner ad. But people can't see Web bugs, and anti-cookie filters won't catch them. So the Web bugs wind up tracking surfers in areas online where banner ads are not present or on sites where people may not expect to be trailed.
Firstly, it is a sad thing when people assume that a banner ad = cookie when websites like Yahoo sell their own ads and place cookies even without banner ads. Secondly, it is even worse when the article seems to assume that anti-cookie filters look just for banner ads. The best filter is the options menu of course, and it is impossible to miss a cookie with that. And finally, the last part of the excerpt mentions that people expect to be trailed when there are banner ads around, when the article along with other cnet articles say that most people do not even know they are being tracked in the first place. The true savvy users like us know that cookies are everywhere, and are not synonymic with one another.
Do not blame the masses for making ridiculous lawsuits, but the law firms who go for money, not ethics, and the media for making stories sound good while only distorting the truth. And on a final note, it is interesting to see how 60 minutes aired a story on Echelon (sorry if I got the show wrong, but the segment was shown on a major network), the most powerful version of Big Brother that I can think of, and most people just shrug and accept it. Why can't people sue the government after all?
-------------------------------------------------- --
Faies "[This ISP] is completely secure if you are using a standard operating system like Windows 98"
Is this going a bit too far?
by
davejhiggins
·
· Score: 2
I'm wondering how long it will be before someone receives a lawsuit for keeping web access logs from their site; especially publicly-accessible ones that show which IPs have visited the most / most recently.
Even though the case in question here might be "good" one from our point of view -- which generally seems to be that advertisers and spam are bad (unless you're the one getting paid for it;) -- I worry that the more this snowballs, the sooner it will affect the security of our systems because we're not allowed to keep logs of who's been connecting to them.
Technically, couldn't tracking be considered the same as cracking?
Why is it illegal for Joe Cracker to hack himself into a corp's website/intranet in order to get sensitive information while it's perfectly legal for that same corp to track the user's sensitive information?
I think that license agreement do too much for the big boys and not enough for the users. Wouldn't it be possible for a user to specify his own "license agreement", and then the sites could refuse/accept him as a viewer of that content? If such a mechanism could be put in place, the sites wouldn't have any choice but to agree with the most users, and if they fail to respect the surfers' "licence agreements", they would be liable, just as ordinary surfers are when they break a site's license agreement.
Just my 2 cents.
J:P
--
---
Worst tagline ever.
Re:Why isnt this against DoubleClick?
by
chadvavra
·
· Score: 2
I recently had to implement code for DoubleClick tracking at my companies web-site and they really don't track all that much to tell the truth. What they will tell you is
1. How many unique users a page has
2. If a user was refreshing the page
3. click-through for pages you specify
Yes they do it all with cookies and a javascript implemented random number generator to defeat browser cacheing.
When I had to deal with the tech at DoubleClick for some QA he actually told me I had coded a page wrong so it was registering 2 hits for the homepage rather than a hit for each page. In truth I hadn't put any code at all in the second page just to see what they would say. Quite an incompetent bunch of people over there if you ask me.
What Other Choice do They Have
by
cluge
·
· Score: 2
I have customers that change e-mail names approx once a year. What a pain in the arse, but trying to get yourself "removed" from a mailing list is a joke.
One of those customers apparently is being "followed". Every change he still ends up on the list. Perhaps he should sue?
Aren't there enough "stalkers" in the world without PAYING people to stalk me? As I read the Florida anti-stalker statute (which as we all know, FL law is "subjective") I should be able to press criminal charges against advertisers that "track" me. Check out the statue here and tell me what you think!
-- "Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
Some things never change
by
grovertime
·
· Score: 2
One of my closest colleagues is a high-ranking official from Doubleclick and we've discussed this situation to no end. It is a finer line than most media outlets report, most seeming to want to indulge in David vs. Goliath tales of evil advertising empires tracking innocent individuals. But the issue runs far deeper. Tracking a user's likes and dislikes is nothing new - online or off. The trouble is now we have to announce what we are doing, even if it damages our businesses and really comes at no actual cost to the individual. Unfortunately, most of this sentiment is fueled by the same anti-corporate notions that lingers in the mind of all, say, programmers or coders who don't want to be mainstream, don't want to lose their individuality, but can't wait to throw together some software package, grab a public shell and set sail down their own corporate stream. The issue here is less on privacy or invasion and more on theoretical control - we can't stand, in our personal lives or public ones - to be known. Mystery is fun for sure. But to sue every company that is aware you like pink cardigan sweaters who tells the pink cardigan sweater factory that information - that just makes us all a bunch of over-lawyering dodos.
Slashdot Mirror
Now I don't know about you, but with regards to spamming and whatnot these 'web bugs' seem like a pretty blatent violation of privacy. Granted with cookies you do have the option of not using them, but this stuff takes it to the next level. Just another reason to use an email program that doesn't read HTML.
UBU
I'm not a big fan of lawsuits, or the authority that some judges assume, but it is nice to see some action in this area. If only it gets reported widely enough so that even non-technical people are aware of what is going on with their privacy.
Have you read my journal today?
Tell me what makes you so afraid
Of all those people you say you hate
Yeah, go for it! Ever since I found Comet Cursor running on my system without my permission, I've been noticing more and more privacy violations, all so someone can make a buck. If they gave me a free PC, with the understanding they were going to track my use of it, fine. If they install tracking software surreptitiously on my pc to gather data (and thus money) without my permission, blast them to hell! Or Phobos!
Plaintiffs allege that (the defendant) has covertly, without consent or authorization, planted 'cookies' upon Internet users' computer hard disk drives and secretly tracked their movements across the Internet," the plaintiffs charged in a filing in Denver, Colo.
How can they do that? If the user has their browser set to accept cookies, and cookies get placed on their system, what is the problem with that? Seems like a case of people's ignorance, and instead of acknowledging that, they decide to sue someone instead.
BilldaCat
I'm not a big fan of using the courts to punish every perceived wrong, but in this case, I say good. Take a look at this article in the New York Times (free registration required to view it). Those spam emails you get frequently contain HTML that allows the sender to obtain access to your browser cookies and tie your online activities to your identity. Not to mention being able to obtain your IP number and derive your location from it (Postel Services offers this feature for free in its HTML email service. Great way to stalk someone). Legislation doesn't seem to be forthcoming to curb these abuses, so at the moment the courts are the only weapon available.
with doubleclick.net, you can easily OPT_OUT of their tracking stuff, just go to h ttp://w ww.doubleclick.net/us/corporate/privacy/opt-out.as p?asp_object_1=&
--
"Science will win because it works." - Stephen Hawking
If they were not truely dumb, they would realize that they could prevent cookies from being set on there machine. Both IE and Netscape have a way to shut off and turn on cookies. Although Microsofts IE is a little more illusive (IMHO). Nothing with cookies is done "covertly". If you are using a browser that accepts cookies, you can shut this functionality off, or have it prompt you before accepting cookies. In IE this may be more difficult, but is possible. Most web sites also state there stance on privacy. I don't think I have been to a web site that does not use cookies. SO are they going to include all these too? Many major web sites use cookies to track there users where abouts. If they are going to sue Matchlogic, why not include doubleclick and engage as well? Doubleclick is far worse than matchlogic. Doubleclick has mapped out IP addresses on teh web, and when you get one of their sites they know where you are on th eplanet. They 'say' that they do not use this, but the info is available. They also use cookies as well.
If they want to do something about this then they need to use konqueror, lynx,or Netscape (not sure how well IE handles this) and set there browser to prompt on recieving cookies, then reject any ones they don't want. If IE cannot do this, then they really need to go after Microsoft and make them include better cookie handling features.
I don't want a lot, I just want it all!
Flame away, I have a hose!
Only 'flamers' flame!
--
Americans are bred for stupidity.
To compensate for this, I have a cookie eating script that gets run every night from my crontab. It reads in a cookie filter file, containing commands such as:
retain ^slashdot\.org
remove ads\..*
and then acts accordingly: a cookie that matches a "retain" line is, well, retained. One that matches a "remove" line is... you guessed it. Cookies that match neither are reported to me, so that I can decide what to do with them next time round. Initially I ran this script once a week, but as I kept accumulating more "remove" directives, the number of manual interventions went down quite rapidly, so I increased the frequency. I'd move on to once every 6 hours, if it weren't for the fact that it's no use editing the cookie file while Netscape is running.
A nice side effect of what I'm doing is that each time that I visit one of these tracking companies, they actually think that they've found another victim. Let them... :-)
By the way, originally, I used the possibility to opt out whenever possible. But I found that, while my DoubleClick opt out cookie would indeed be kept around, the similar one from prefences.com tends to disappear automatically after some time. So nowadays I bluntly remove anything that's not absolutely required.
--
Linux user since early January 1992.
I have been using the iCab browser, almost exclusively, for the past nine months. It has a built-in cookie editing feature. This isnÕt exactly what you described, blocking all third-party cookies, but it works very well for me.
/ad, /advert, /doubleclick, /banner . . . you get the idea. It replaces these images with a small icon of a melita coffee filter. Cute, eh? I have found this feature to be very successful in blocking ads while rarely blocking an image that is part of the content of a page. This has the added benefit of speeding up page-rendering.
I have the general setting as ÒNever acceptÓ cookies, then there is the option to have exceptions to this. So I never accept cookies, except I Òalways acceptÓ them from Òslashdot.orgÓ and a couple other sites. Doubleclick.com is not among them. So any cookies not hosted by the site I am visiting will not be accepted.
iCab also has a terrific user-configureable image-filtering feature. With this feature you can filter out any image with a path, filename, or URL name that ÒisÓ or ÒcontainsÓ
Unfortunately, iCab is a Mac-only program. If you are running Windows I recommend the Opera web-browser. It doesnÕt have these options built-in, but it may in the future. I donÕt know about Linux.
Check the resources page of EPICÕs web page. There are some freeware tools that you can add to IE or Netscape to help you manage cookies and ads. I havenÕt had to use them, so I canÕt vouch for their effectiveness, but EPIC wonÕt steer you wrong.
Your information is already tracked by companies like Experian. Who in turn sell your name and profile for a mailing list(snail mail). They profile your name base off your income,age,sex,religion,buying habits ...etc. I understand why people are getting upset about the web bugs there is no way for you to get off the list. At least Experian and other list brokers you could call them up to get your name off thier list. There is no way you can do this with the other companies.
Hi there, This is my first time on here, so please forgive any errors in posting. A friend referred me here to tell my story about fighting the Royal Bank over breech of privacy to telemarketers. If the text doesn't append properly to this message, write to me at pwake@golden.net and I'll put the entire text file on a server for anyone who wants it. If anyone has advice, feel free to email me as well... Regards, Greg Currie pwake@golden.net Hey guys, Thought you might get a chuckle out of this one... I've dealt with the Royal Bank for around 15 years now as a client and have had enough of their cutting back services and abusing their clients. Last year they closed down my branch and relocated my account to the downtown location here in London. So, now I have to drive further to deal with the Royal Bank and when I get there I have to PAY to park... Yes, I have to PAY to deal with my bank. When I get there, if I require a teller I usually end up in line for 30 to 40 minutes as they have three tellers active on average. Customer oriented? I don't think so... When I started my business account this year I was originally going to go with St. Willy's here in town for their wonderful customer-oriented philosophy. However, since I already had my personal account at the Royal Bank I decided to start my business account there. While starting my business account I also ordered company cheques through the bank. Sitting in my chair while we arranged all of this, I can remember a large proudly displayed and framed privacy and confidentiality policy regarding customer information. A few days after setting up my account I get a message on our business line from some unfamiliar company requesting that I call them back. When I finally get a hold of this company, I find out that they are a 3rd party to the Royal Bank who prints their business cheques and literature. First came the thin excuse for their call that they wished to confirm my information. Ok... I had already verified the information with the account manager at the bank and signed off that the information was correct, so why was I being called again? Fine. Then they go on to telemarket me their other products and services. "No... I saw your other services listed when I was at the Royal Bank and I chose only what I require..." Why these people were wasting my production time for unsolicited telemarketing because I had started a business account with the Royal Bank was beyond me... It just so happened that both the Royal Bank and St. Willy's were both presenting to a group of new business owners (including myself) at the London Community Small Business Centre a little later on. Before the entire group I sincerely brought up my concerns about the Royal Bank closing their branches, lacking parking for customers at their main location downtown, and allowing 3rd parties to telemarket me by providing my personal information to them. She stammered a bit and then stated that "that's just the way it is..." I was floored, she was telling me, her client, that the Royal Bank did not care about their clients' needs for service or desire for security over their personal information... After a pause, another new business owner stated that she felt the concerns were valid and deserved a better response. After the meeting, I approached the Royal Bank representative to press the matter and she promised to look into it if I called her with more information. After a lengthy period of time passed, she called me back apologizing for the delay and said that she had escalated the concern through their company's protocol for such matters. She assured me that the 3rd party was bound by a confidentiality agreement not to pass on my information and further and that they were likely just offering valuable services to myself. I informed her that that was not the point, that the Royal had given my personal information to this third party and that I had been telemarketed because of that. She agreed that it was not a very good answer from the Royal, but that it was all that they were going to do. My unfounded suspicion is that they must make money dealing with the company and don't want to lose the revenue. While closing the conversation with her, I informed her that I bill out at $250/hr for my time as a web designer and that I would, in the future, bill for my wasted time if I received unsolicited telemarketing because of the Royal Bank. This morning I received a phone call around 10:30am from a telemarketer representing the Royal Bank. I asked, "Does this have anything to do directly with my account?" "No." "Are you a telemarketing company?" "Yes." "What is your company name?" "Box Data" I then got the individual's name, the company phone number, and the fact that they were trying to sell my telephone and internet banking services (a service that I already have). Needless to say I was not very happy at wasting my time on this telemarketer. I called my Royal Bank account manager and presented my unhappiness at being telemarketed by a 3rd party company a second time due to their company. I also reminded her of my hourly billing rate and that I would be charging for my time by the whole hour. She promptly asked for my account number and had me removed from the company's telemarketing list. That very evening... In the middle of dinner... I get a phone call from a telemarketing company representing the Royal Bank wanting to sell me even more features. Again: "What is your company name?" "Box Data" I confirmed their contact information and the agent's name and informed him that I would be billing my hourly rate of $250 if he wished to continue. He decided to continue and try to sell me the services. I patiently listened, declined his offer, thanked him, and hung up. I then brought up my invoicing screen and made out two invoices for $250 and GST for each of the calls using my account manager's name as a purchase order number and dropped them into the mail. I wonder if the Royal Bank will just pay them? I doubt... I've seen how much they value profits over customer service... But I put a 30 days notice on the invoices and will send a second letter if the invoices are not paid. If my second letter does not result in payment then I will either forward the delinquent account to a collection agency or take the Royal Bank to small claims court. Both parties were informed of my billing rate and policy, and I consider that a legally binding verbal contract that I am willing to pursue in court. So, if I get paid I'll take my spouse out for a nice dinner compliments of the Royal Bank. If I don't get paid even after going to court, then I will at least have stood up for my personal right to privacy against a large profit-driven corporation. Regards, Greg.
Well personally I see it as a violation of trust. Cookies have other uses than just tracking just like there's more reasons to leave your door unlocked than to let strangers walk into your home.
For example, does the knowledge that I choose to read my email give anyone the right to send me lots of bulk, unsolicited email every day? Some people might argue yes, because I have the option of using filtering software or simply not reading it. I would argue no.
Can people steal my car because I left it unlocked? Can they place a hidden camera in my house because I left the window open?
If the answer is no, why should they have the right to put unsolicited cookies on my system because my browser is set up to allow it for other reasons? It goes beyond reasonable expectations of what the customer/victim is likely to want.
Reasonable expectations might be allowing someone to come onto your property so they can knock on your door. If they came onto your property to dump their garbage or knock your house over (even if you didn't have a security system to stop them), it would be far beyond reasonable expectations.
===
I worked for a dot-com (briefly), and though we tracked everyone's viewing and clicking history, we were at a loss to do anything useful with the info.
Rates for banner ads kept dropping month by month, as advertisers learned how inneffective they were!
I doubt that this info is actually useful.
BTW: If you use Windows, Norton's "Internet Security" does a great job of blocking cookies and banner ads! It's transparent, so once you install it, you hardly know its there. Each time you visit a site that tries to cookie you, you can choose "Always allow for this site" or "Always Deny" (and also block ref-by!).
- Plaintiff requests an image from Defendant.
- Defendant transmits the image, including in his response a 'Cookie' header, which is a valid header in HTTP, the language which Plaintiff and Defendant are speaking.
- Plaintiff records this 'Cookie'.
- Time goes by.
- Plaintif requests a different image from Defendant. This time, Plaintiff includes the 'Cookie' header previously furnished by Defendant.
- Defendant deduces that both requests came from the same "person".
I realize that most of this transaction was transparently performed by the plaintiff's web browser. But that's not the defendant's fault.I would really like the courts/legislature to validate the following principle:
If an ethical plaintiff were involved, I'd give this story more credence.
sulli
RTFJ.
Fed up with cookies, but can't disable them because some sites require them? Easy:
chmod 400 ~/.netscape/cookies
I accept all cookies, but every time (though rarely) when I exit netscape it trashes them. If I want to keep a cookie, then I set the file writable, let netscape write it, emacs the non-wanted cookies away and re-chmod it.
Does Mozilla include a cookie editor? It would be great to be able to "accept" all cookies but throw them away after a while, unless you specifically ask to keep them (without doing that chmod hack).
I doubt, therefore I may be.
It should be a case of the lesser of two evils being preferable, but I really can't make up my mind which is which.
Here's my suggestion: let the court cases go ahead, and when the advertising company representatives are in court along with all the lawyers, blow the building up. (All members of the public would obviously have been replaced with inflatable replicas before this event...) That way everyone wins.
++ Say to Elrond "Hello.".
Elrond says "No.". Elrond gives you some lunch.
--Garthnak
Liberty in Our Lifetime - http://www.freeme.org/
View, Internet Options, Advanced, Disable all cookie use.
Netscape:
Edit, Preferences, Advanced, Disable cookies.
Lynx, KFM, Mozilla - you don't need to be told how.
This is precisely what advertising companies do. They are paid to determine the habits of their viewers, which is valuable information. It is completely transparent to you, you see nothing, you pay nothing, and all the while you get the content or other service you were seeking on-line for free.
I don't believe the net could survive without advertising. The tracking of customer habits is just anoter facet of it. There are plenty of other things to worry about right now, like free speech rights on the net. Let's leave advertisers alone for once, because in the great big world of the Web, you could say that they're the least of our concerns.
I'm sorry, but you implicitly give permission to do this when you configure your browser settings. Trouble is, life gets hard when you disable all cookies.. you can't even log in to slashdot.
--
Wish I'd thought of that... */me clicks furiously on every add banner in sight.*
Karma: Dyn-o-mite!(mostly affected by Jimmy Walker reading your comments)
I trust DoubleCross to respect my privacy even less than I trust Carnivore. At least the feebs don't get paid based on the number of citizens whose privacy they invade.
I didn't opt out, by the way - why the fuck should I opt out of something I never opted into?
And as for the argument that "you'll see advertising anyway, wouldn't you prefer it to be relevant to you rather than random?", please stop repeating the classic false-dichotomy tactic used by marketers.
If I'm not gonna click on their banners anyways - because (I know this is hard for the marketing mind to grasp) I read for the content, not the ads. So whether the ads are about goat sex or optimizing compilers, they're irrelevant either way.
At least by firewalling Doubleclick (at the router, with the Junkbuster proxy, or with the HOSTS file in Windoze, and maybe all three :-), the ads remain irrelevant, and they can't make money by selling my surfing habits against my will.
Nothing personal with respect to DoubleCross, you understand. The same goes for 24/7 Media, Exactis, and all the rest of the DMA shitweasels.
1) I decide what's "better for me". Not Doublefuck. When a marketer says it wants to "do you a favor", treat it like a government employee - grab your wallet and run like hell.
2) What prevents the Feds from issuing a subpoena to Doubleclick and (That other bunch of shitweasels they merged with in order to assign real-life identities to their cookie database, that got them in such trouble with the FTC), in much the same way they would with an ISP of a suspect?
Can we charge them for the USE of our computer? Say, $10/day/bit?
Send them a bill?
-- 73 de KG2V For the Children - RKBA! "You are what you do when it counts" - the Masso
Microsoft recently tried to show the public a new version of Internet Explorer which implemented "new" functions to let users easily determine which cookies they want and which they don't want as if none existed before. This only compounds the problem by giving the impression that we have no security at all unless we get the newest software.
In light of all of this, why does the media not report the other side? They are all caught up in the mode of earning money- scaring the public, getting ratings by users who want to know what is happening, keep them focused on updates to see if their privacy will be protected after all. After all, wtf is up with all this "constitutional crisis" crap? People talk about how the electoral system is messed up, and we need to get rid of it to save the world. I'm relieved to see that Time Magazine is willing to point out that "what would happen in a popular vote system where the margin is as narrow as the Gore-Bush margin...demands for recounts, not in two or three states but in 50". Even Hilary Clinton says she would support such a measure in Congress. Nobody is willing to truly speak for the electoral system and cite parallels when baseball series such as the one in 1997 ended up with one team scoring more runs and still losing overall, or even mention that things like this have happened before.
Back on the issue of online privacy, the media fails to mention the fact that most websites at least give a privacy policy- people are too lazy to read the legal information thrown in their face and then complain about how they never knew this or that. If the website never mentioned such a policy, it's the fault of the website, not the ad company which told the website to follow certain guidelines. If anybody is wondering what "web bugs" are, they are only another cause of massive violations of privacy. (see the link/reference to them on the original article mentioned ). They are simply the one pixel gifs that many people use in invisible counters and such. Cookies are often only used in them to ensure that a person is not counted twice, not to monitor tracking- yet cnet portrays them to maliciously violate our privacy all the time.
These "web bugs" are described early on with the following excerpt from that article:
Savvy Web surfers know they are being tracked when they see a banner ad. But people can't see Web bugs, and anti-cookie filters won't catch them. So the Web bugs wind up tracking surfers in areas online where banner ads are not present or on sites where people may not expect to be trailed.
Firstly, it is a sad thing when people assume that a banner ad = cookie when websites like Yahoo sell their own ads and place cookies even without banner ads. Secondly, it is even worse when the article seems to assume that anti-cookie filters look just for banner ads. The best filter is the options menu of course, and it is impossible to miss a cookie with that. And finally, the last part of the excerpt mentions that people expect to be trailed when there are banner ads around, when the article along with other cnet articles say that most people do not even know they are being tracked in the first place. The true savvy users like us know that cookies are everywhere, and are not synonymic with one another.
Do not blame the masses for making ridiculous lawsuits, but the law firms who go for money, not ethics, and the media for making stories sound good while only distorting the truth. And on a final note, it is interesting to see how 60 minutes aired a story on Echelon (sorry if I got the show wrong, but the segment was shown on a major network), the most powerful version of Big Brother that I can think of, and most people just shrug and accept it. Why can't people sue the government after all?
-------------------------------------------------- --
Faies
"[This ISP] is completely secure if you are using a standard operating system like Windows 98"
I'm wondering how long it will be before someone receives a lawsuit for keeping web access logs from their site; especially publicly-accessible ones that show which IPs have visited the most / most recently.
;) -- I worry that the more this snowballs, the sooner it will affect the security of our systems because we're not allowed to keep logs of who's been connecting to them.
Even though the case in question here might be "good" one from our point of view -- which generally seems to be that advertisers and spam are bad (unless you're the one getting paid for it
Dave
Technically, couldn't tracking be considered the same as cracking?
Why is it illegal for Joe Cracker to hack himself into a corp's website/intranet in order to get sensitive information while it's perfectly legal for that same corp to track the user's sensitive information?
I think that license agreement do too much for the big boys and not enough for the users. Wouldn't it be possible for a user to specify his own "license agreement", and then the sites could refuse/accept him as a viewer of that content? If such a mechanism could be put in place, the sites wouldn't have any choice but to agree with the most users, and if they fail to respect the surfers' "licence agreements", they would be liable, just as ordinary surfers are when they break a site's license agreement.
Just my 2 cents.
J:P
--- Worst tagline ever.
I recently had to implement code for DoubleClick tracking at my companies web-site and they really don't track all that much to tell the truth. What they will tell you is 1. How many unique users a page has 2. If a user was refreshing the page 3. click-through for pages you specify Yes they do it all with cookies and a javascript implemented random number generator to defeat browser cacheing. When I had to deal with the tech at DoubleClick for some QA he actually told me I had coded a page wrong so it was registering 2 hits for the homepage rather than a hit for each page. In truth I hadn't put any code at all in the second page just to see what they would say. Quite an incompetent bunch of people over there if you ask me.
One of those customers apparently is being "followed". Every change he still ends up on the list. Perhaps he should sue?
Aren't there enough "stalkers" in the world without PAYING people to stalk me? As I read the Florida anti-stalker statute (which as we all know, FL law is "subjective") I should be able to press criminal charges against advertisers that "track" me. Check out the statue here and tell me what you think!
"Science is about ego as much as it is about discovery and truth " - I said it, so sue me.
P 2 P___H U M O R
great comedy company.