Richard M. Smith has written an excellent piece on what companies can learn about you from banner ads. He writes:
I have been tracking over the last couple of months, what information is being sent from my own computer to DoubleClick ad servers. I chose to focus on DoubleClick because they are largest provider of banner ads
on the Internet. Their servers currently send out more than a billion banner ads every day according to a recent company press release.
I used a packet sniffer to do
the monitoring. I found more than a dozen examples from different Web sites of information being transmitted to DoubleClick that most people who consider rather
sensitive. All this information can be tied to me, because all transmissions to the DoubleClick ad servers also include the same unique ID number in a DoubleClick
cookie. I found both personally identifiable information and transactional data being sent to DoubleClick servers.
Personal data I saw being sent to DoubleClick servers included:
My Email address
My full name
My mailing address (street, city, state, and Zip code)
My phone number
Read on, it\’s scary…
Richard M. Smith has written an excellent piece on what companies can learn about you from banner ads. He writes:
I have been tracking over the last couple of months, what information is being sent from my own computer to DoubleClick ad servers. I chose to focus on DoubleClick because they are largest provider of banner ads
on the Internet. Their servers currently send out more than a billion banner ads every day according to a recent company press release.
I used a packet sniffer to do
the monitoring. I found more than a dozen examples from different Web sites of information being transmitted to DoubleClick that most people who consider rather
sensitive. All this information can be tied to me, because all transmissions to the DoubleClick ad servers also include the same unique ID number in a DoubleClick
cookie. I found both personally identifiable information and transactional data being sent to DoubleClick servers.
Personal data I saw being sent to DoubleClick servers included:
My Email address
My full name
My mailing address (street, city, state, and Zip code)
My phone number
Read on, it\’s scary…
Transactional data that was sent to DoubleClick included:
Names of VHS movies I am interesting in buying
Details of a plane trip
Search phrases used at search engines
Health conditions
In some cases, this information was explicitly being transmitted by Web sites to DoubleClick encoded in the URLs of banner ads. In other cases, the data is encoded
in the URLs of the Web page themselves. The Web page URLs are sent to DoubleClick servers as referring URLs when banner ads are fetched.
Except for one banner ad from LifeMinders, all of the data is sent to DoubleClick when I viewed the Web pages. It was not necessary for me to click on the banner
ads for information to be sent to DoubleClick servers.
At some Web sites, I found that personal data is accidentally being leaked in referring URLs. I reported these problems to the sites and they have fixed the leaks
either by removing the banner ads from Web pages or removing the personal data from URLs.
The following tables provide details of the information I saw going to DoubleClick. Personal data and transactional data is color-coded in the URLs.
Personal identifable data sent to DoubleClick
| AltaVista Yellow Pages — Complete home address (Fixed January 2000) Banner ad URL: http://live.av.com/scripts/search.dll?ep=7&gca=address&orderby=distance&sstreet=172+mason+terr&scity=brookline&sstate=MA&szip=02446&scountry=USA&query=sinsa&qname=&sic=&ck=&userid=130782922&userpw=.&uh=130782922,0,&ccity=brookline&cstate=MA&ver=hb1.2.2 Referring URL: http://ad.doubleclick.net/ad/my.av.com/findanything;sz=468×60;ord=8089440000 |
| RealNetworks — Registration information (Fixed December 1999) Banner ad URL: http://ad.doubleclick.net/ad/real.networks/banner;sect=download;sz=468×60;ord=4296? Referring URL: http://proforma.real.com/real/player/player.html?RApromo=&language=English&s=1&dc=161514&src=000103realhome%2Cnav%2C991228choice&first_name=Richard&last_name=Smith&email=[email protected]&country=US&product=&platform=Windows+98&speed=Pentium&connection=256+kbps+xDSL%2FCable¬ices=Yes |
| HealthCentral — Email address Banner ad URL: http://ad.doubleclick.net/adi/www.healthcentral.com/newsletters/main;cat=healthcat=health;;ord=13065 Referring URL: http://www.healthcentral.com/newsletters/newsletters.cfm?primaryemail=[email protected]&NewsLetterType=Specific&Subscription=Dr.+Dean+Digest&x=37&y=12 |
| Amazon/Internet Moive Database (IMDb) — Birthday Banner ad URL: http://ad.doubleclick.net/ad/www.imdb.com/OnThisDay;p=OnThisDay;sz=468×60;ord=142577 Referring URL: http://us.imdb.com/OnThisDay?day=28&month=November |
| Travelocity — Email address Banner ad URL: http://m.doubleclick.net/viewad/59705-295964options_old.gif Referring URL: http://dps1.travelocity.com/promoptout.ctl?email=[email protected] |
| LifeMinders — Email address Banner ad URL: http://ad.doubleclick.net/click;857127;0-8388608;0;321977;1-468|60;0|0|0;;%3fhttp%3a%2f%2fwww.lifeminders.com/ lifeminder30/banner/SignUpDAT.asp?MktgSourceCD=LLQA1943&Email=[email protected]&image.x=11&image.y=7 Referring URL: http://ad.doubleclick.net/adi/altavista.digital.com/result_front;kw=Aureate;cat=stext;ord=3373783 |
Transaction information sent to DoubleClick
| AltaVista — Search string Banner ad URL: http://ad.doubleclick.net/adi/altavista.digital.com/result_front;kw=sports+cars;cat=stext;ord=203730346 Referring URL: http://www.altavista.com/cgi-bin/query?pg=q&sc=on&hl=on&q=sports+cars&kl=XX&stype=stext&search.x=39&search.y=11 |
| Lycos — Search string Banner ad URL: http://ad.doubleclick.net/ad/ly.ln/r;kw=sports+cars;cat=;sz=468×60;ord=7088991092? Referring URL: http://www.lycos.com/srch/?lpv=1&loc=searchhp&query=sports+cars |
| Travelocity — Plane trip information Banner ad URL: http://ad.doubleclick.net/ad/travelocity.TRAVELOCITY.com/aircairline;orig=BOS;dest=LAS Referring URL: http://dps1.travelocity.com:80/lognguest.ctl?SEQ=950480201958005 |
| Buy.com — Movie title Banner ad URL: http://ad.doubleclick.net/ad/buy.videos.sm/videos-search;kw=enemy+of+the+state;cat=videos-search;sz=120×90;title=1;num=123456? Referring URL: http://www.buy.com/videos/searchresults.asp?searchtype=1&format=1&qu=enemy+of+the+state |
| drkoop.com — Health condition information Banner ad URL: http://ad.doubleclick.net/ad/dr.koop.dart/diabetes;sz=120×60;ord=870204? Referring URL: http://www.drkoop.com/conditions/diabetes/ |
| Amazon/Internet Moive Database (IMDb) — Movie SKU Banner ad URL: http://ad.doubleclick.net/ad/www.imdb.com/Title;p=Title;sz=468×60;kw=76759;g=Sci;g=Act;g=Adv;ord=145171 Referring URL: http://us.imdb.com/Title?0076759 |
Recent Comments