E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: Globe and Mail

Posted on March 8, 2001

      Marketers have edged ahead in the arms race with consumers over cyberspace privacy as a new generation of monitoring software gives business the ability to rapidly assemble detailed profiles of on-line behaviour.

      Called Web bugs, this new kind of snooping software is able to fly under the radar of most of the programs that protect on-line privacy. And it is just the latest escalation in the struggle between consumers and marketers on the Web.

      On one side, marketers are arming themselves with smarter cookies and better tools for mining information on customers. At the same time, consumers are flexing their muscles with lawsuits and legislation, while learning new ways of thwarting intelligence-gathering activities.

      It is a conflict that centres around notions of freedom and personal property with each side believing it is in the right.

      Joel Lessem, for example, the president of Toronto-based Crescent Logic Inc., says his clients have a right to use his company's profiling and tracking tools to monitor anyone who looks at the content they put on their Web sites.

      "People say 'I don't want anyone to know I'm looking at this stuff,' but my response is that you're looking at someone else's property," says Mr. Lessem, who maintains that on-line content represents valuable intellectual capital for the investment bankers and stockbrokers who use his company's DocEngines software.

      Comparing his clients' Web sites to libraries where visitors agree to show their library cards before they check books out, Mr. Lessem says, "You have to think in certain paradigms to make it seem less Big Brother-ish."

      Yet the rights of private property are also invoked by Internet users concerned that their personal space is invaded when on-line marketers watch where they go, count every click and gather each scrap of information into powerful databases that can be used to beam personalized advertising messages onto home computer screens.

      "My private information is my property," says Carl Voth, a systems design engineer from Surrey, B.C., whose research recently exposed the risks posed by software that wiretaps e-mail. "Nobody should be taking my property without my permission and I should have some recourse if they do."

      Some of the latest skirmishes in this cold war were precipitated by research by Mr. Voth and Richard Smith, chief technology officer for the Denver-based Privacy Foundation, who alerted consumers last month to a new breed of snooping software known as Web bugs and e-mail wiretaps.

      Web bugs are eavesdropping tools that can be hidden on Web pages to capture data about each visitor and send the information back to a host computer. They can detect the Internet address of visitors' computers as well as the type of browser they were using. If the visitor has accepted a cookie - a piece of identification software Web sites place on users' computers - Web bugs can also get hold of any information that has been placed on the cookie in previous visits to the site.

      Unlike cookies, which most browser software can identify and destroy if users choose to do so, Web bugs are embedded in graphics files, though they are usually invisible on the Web page. And they fly under the radar of cookie crunching software, according to Mr. Smith.

      In true Cold War tradition, e-businesses and on-line marketers have another name for Web bugs, referring to them as clear GIFs (graphical interchange format files). They say they use them only to glean anonymous information about users' surfing patterns in order to improve Web site performance, measure the success of advertising campaigns and to tailor their ads to the interests of consumers.

      Mr. Smith says his organization is particularly concerned that on-line advertisers who place Web bugs on numerous sites could gather profiles of individual consumers' buying habits and link these with names and address obtained through sources such as loyalty programs. This would allow marketers to bombard consumers with unwanted promotional material, or sell the information to others.

      Last year, New York-based on-line advertising giant DoubleClick Inc. backed away from a plan to combine Web tracking databases with other consumer information after news of the move prompted a flurry of threatened law suits.

      Another kind of Web bug, discovered by Mr. Voth, can be implanted in Web-enabled e-mail - messages that display graphics and links in much the same way as a Web page. These bugs have been named e-mail wiretaps because they surreptitiously send copies of the e-mail back to its original sender every time it is forwarded to someone else. Since people often add their own comments to a message, when they forward it to a friend or colleague the e-mail wiretap may provide the person who sent the original document with a way of monitoring all subsequent discussion of it as it is passed on among a group of people.

      "This is like someone listening to my phone calls. It is like someone opening my mail without anybody knowing," says Mr. Voth, who adds that e-mail wiretaps can also be used by direct marketers as a way of culling valid e-mail addresses as people forward a piece of information, a chain letter or a joke.

      He says people can protect themselves from e-mail wiretaps by changing the settings on their e-mail software so that it doesn't accept the JavaScript programming language in which the bugs are written. But unsophisticated users may not know how to do this and the bug will be reactivated if the message is forwarded to someone who hasn't turned off JavaScript.

      David Jones, president and secretary of Electronic Frontier Canada, a group that promotes free speech and privacy in cyberspace, says unsophisticated users "are taking a leap of faith and are in a sense helpless" when they open Web-enabled e-mail, "trusting that the person who sent it has not inserted a little bug in there."

      He notes users of "always on" Web connections, such as cable modems and digital subscriber lines, are especially vulnerable to e-mails that return covert messages. "If you're on the Net all the time, information can be sent out of your computer to someone else without your knowledge. If you have a dial-up modem connection, the software attempts to make a connection and suddenly your modem wakes up, so you're alerted to it."

      Mr. Smith, who discussed the problem of Web bugs with a U.S. congressional committee last week, says public awareness and pressure on e-businesses to disclose their data gathering techniques in privacy policies are key weapons in the fight against these practices.

      In Canada, privacy legislation now requires that Web sites post a privacy policy, explaining how they collect personal information and what they use it for. But Mr. Jones maintains that it is hard for consumers to know whether companies are complying with privacy policies, or to detect when and how their personal privacy is being abused. He says this is a weakness in the legislation, since investigations are only conducted when someone makes a complaint. In Canada, legislation now requires that Web sites post a privacy policy, explaining how they collect personal information and what they use it for. But firms aren't required to provide information about how they use Web bugs to track surfing patterns.

      Bruce Barrick, a spokesman for the Canadian Institute of Chartered Accountants' WebTrust program, says Web sites displaying the Web Trust seal are audited on a continuing basis to ensure they comply with their privacy policies. He says other similar programs are less stringent, insisting only that sites post a policy, but not making sure they keep it.

      "But even with the less stringent privacy seals, at least they indicate that they've adhered to something. In a lot of cases, you go to a Web site, look for a privacy policy and there's nothing there. You're at your own risk," he says.

E-CommerceALERT Comment:
Further information about WebTrust Privacy can be found at PrivacyDetective.com.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.