From TNPC issue #4.13...

More Snooping Around on the Internet

by Dan Butler
June 28, 2001

Last issue's article on the information you Web browser reveals about you was well received. You can find my last article in this series here:
http://www.TheNakedPC.com/t/413/tr.cgi?dan1

This time we'll look at how advertising agencies use the information provided by your browser to their advantage using the much-maligned "cookie."

Cookies are small files passed between your Web browser and a Web site. Unlike a traditional network, the Internet does not support persistent connections so cookies are used to work around this problem. See Jim's "TNPC Primer - What's a Cookie?" article for more on why we have cookies:
http://www.TheNakedPC.com/t/413/tr.cgi?dan2

From an advertiser standpoint, cookies help the Web site keep track of what you have looked at and what actions you have taken, such as if you have logged in as part of visiting the site. As an example consider our own Annoyance Board. The Annoyance Board is a free service The Naked PC supplies for user-to-user technical support. The board uses cookies to tell it when you last visited, your name, and if you use a return email address when you post messages to the board. With this bit of knowledge the board can show you which messages are new since your last visit and fill in some of the blanks as you post messages so you don't have to type in your name and email address over and over.

DoubleClick is an advertising service that delivers many of the advertisements you see on the Internet. They also use a system of cookies to track you around the Web and deliver ads they think will appeal to you based on what sites you visit and which pages you look at. Many people see this as an invasion of privacy. I'm not one of those people. I do, however, believe the practice has the potential of being abused.

I've heard several talk radio shows this week where privacy advocates claimed cookies were an invasion of privacy because they could track a user's name, email address, the searches he performed and other Web sites he visited. That's like claiming that paper is an invasion of privacy since it can be used to store the same information. Of course you would have to give me your name before I could store it.

Remember our discussion last issue about what information is passed when you surf? DoubleClick tracks you by using a unique identifier, not by your name. This would be the same as someone sitting at the mall and monitoring which people go from store to store. Which stores they enter, how long they stay, which store they go to next after leaving a particular store and so on. People are actually paid to do this. However, they don't run over and ask a shopper for their name and phone number. They just record the gender and approximate age (all important marketing demographics) and assign an arbitrary tag like "shopper A". By observation they discover shoppers' habits, but not specifics like names, phone numbers, or addresses. In other words, certain people went from this store into this other store. After watching several hundred people, marketers actually can discover trends. Then they start targeting their products to the people who they can extrapolate will be coming their way. The Internet has made it easier to do this type of research.

DoubleClick combines your unique identifier with the information your browser readily supplies to any Web site you visit to determine which advertisement to show you at any given time. Here is an example of a DoubleClick cookie. The information is all on one line:

id 80000008xxxxxxb doubleclick.net/ 0 1468938752 31583413 158986260829410552 *

Did you know that Microsoft Web servers use session identification numbers to track you through a Web site? Not just on Microsoft's own sites either. Anybody using a Microsoft server has access to this technology. All the major programming languages on the Web have this capability. The same capability that DoubleClick currently has. This technology is exactly what makes sophisticated shopping carts and personalized Web pages possible.

Advertisers have been categorizing people into demographics for a long time. They want to know enough about you to categorize you so they can pitch products at you that you're more likely to purchase. Doing this saves them money and time. If you are curious about your demographics here is a USA site that will show some high-level demographics based on where you live based on your United States zip code.
http://www.TheNakedPC.com/t/413/tr.cgi?dan3

To me the root of the problem is people trying to hang a bad rap on technology when individual technologies are not good or bad, they're just technologies. They can be used for good purposes or bad purposes depending on who employs them and for what purpose. Because of the technical nature of the Internet it can be difficult to understand the playing field to get at the real underlying issues. You'll see a perfect example of this next issue when I discuss DVDs.

Read DoubleClick's policy statement and compare it against the list of information from last issue. You'll notice they are using the same information I listed there. The same information that is freely passed by your Web browser as you surf. Does that make DoubleClick the bad guy? Is the browser at fault? All DoubleClick has done is add an identifier to the data so they can piece it back together later. Pretty simple technology actually.

Could DoubleClick team up with another company and build profiles on you including your credit card numbers? Yes. Will they? That's the real question. Could a hacker get into your system and steal your credit card? Yes. Is it likely? There's that question again. You see we are talking about two different things, possibility and probability. Many things are possible but have a low probability of happening. Keep this distinction in mind and the whole issue takes on another dimension.

If you don't like DoubleClick's tactics there are two things you can do. First go to DoubleClick and "opt-out" of their service. You need to do this in each Web browser that you run on your system. Second run an advertising blocking program like Norton Internet Security. It keeps the ads from being retrieved and controls the necessary cookies for you in the background.

DoubleClick's Privacy Policy with links to opt-out are shown on the left side of the page:
http://www.TheNakedPC.com/t/413/tr.cgi?dan4

You can find Norton Internet Security here:
http://www.TheNakedPC.com/t/413/tr.cgi?dan5

Don't go overboard worrying about cookies and advertisements. Remember the only information a cookie can contain is information you supplied or information the site you're visiting already had. Your name won't be in the cookie unless you supplied your name at some point. And advertisements are often the only way some sites have for generating revenue. If you stop by a site frequently you should have a look at the goods they advertise and wouldn't it be better if the ads were something you might actually be interested in? It does cost money to run a Web site and most of the sites I know would appreciate the help.

You can reach Dan Butler at:
mailto:danbutler@TheNakedPC.com

Return to Top

TNPC Hot Tips:

• Email out of control? Spam filling your inbox? People trying to steal your identity? Same here - until I applied these tips. You can too in a new multimedia e-book. Tame Your Email.

• DO YOU MAKE THESE MONEY MISTAKES? Do you know that trying to pay off your high interest rate debts first and/or paying extra on more than one debt is the SLOWEST way to get out of debt? Don't make these same mistakes. Learn more at by clicking here...