Feeds

DoubleClick, referral URLs and why The Reg is wrong

Company exercises right to reply

  • alert
  • submit to reddit

Security for virtualized datacentres

Recently we wrote a story about Web form 'leakage', under the headline Another day, another Doubleclick privacy PR disaster.

DoubleClick thought the piece was inaccurate and harsh, particularly because it was singled out for "an Internet problem" - the leakage of personal information through referral URLs.

We offered the company the right to reply, and here it is, unedited, from the pen of Jules Polonetsky, chief privacy officer, DoubleClick Inc.

Polonetsky writes: In order for the Internet to continue to flourish - in order for this revolutionary medium to keep growing at such a rapid pace and be the engine for the greatest economic expansion in history - the Internet industry must make consumers comfortable that their privacy is being protected on-line. And, at the same time, publishers and advertisers must continue to customize and personalize web content and advertising so that users can get the information they want and web sites can generate the revenues necessary to stay in business and keep the Internet free.

Currently, a vast majority of Web sites offer content free of charge. Why? Because of effective Internet advertising.

By keeping the Internet free, Internet advertisers help bridge the digital divide for consumers. Internet advertising revenue also helps smaller start up Web sites offer unique and diverse content and compete with more established Web sites.

On the Internet, advertising is effective for consumers and advertisers when ads reach the right consumer at the right time. Internet advertising companies use information to attempt to deliver the ads to consumers that they are likely to click on.

At DoubleClick, we recognize that consumers must know that their privacy is protected online for e-commerce to continue to flourish. For that reason, we use an outside auditor to ensure that we live up to the privacy commitments we make. It is why we have had an opt-out button since 1997 on our Web site to give consumers the choice to opt-out of our anonymous targeted ads. It is why we have established a Consumer Privacy Advisory Board of privacy experts to help us continue to improve privacy standards on the Web.

And to help educate Web surfers about their privacy choices online we ran a campaign delivering 100 million ads online promoting www.privacychoices.org, a Web site dedicated to providing information about privacy rights.

One of my roles as Chief Privacy Officer at DoubleClick is to help educate the public about online privacy. One of the important steps in educating the public is helping reporters live up to their role in getting consumers the information they need.

If the online press doesn't understand the technology of the internet, how can they explain the privacy issues that are involved?

One issue that was reported recently involving referrer
URL's could use some clarification. Whenever a user goes to a Web page on the Internet, a request for the page is sent to a server. As part of HTTP (Hypertext Transfer Protocol), the protocol used by all Web sites to receive and respond to requests for web pages, certain information is sent to the server as part of that request. That information includes, among other things, the source of the request, called the referrer (in other words, the URL from where the user clicked to request the destination Web page).

The problem arises when a Web site uses "Get" method to submit information on a form that a consumer completes. In this case, information submitted by the consumer can be included in the referrer. If there is a link that is clicked on the following page, or an ad is being served to the page, the referrer URL can be sent to the linked site or the adserver with the personal information included.

DoubleClick does not want this information and does not
collect or use any personal information inadvertently sent to DoubleClick through the "get" method for adserving or other purposes. We have advised Web sites to use "Post" method technology when forms are submitted to ensure data is not accidently sent by a Web site to DoubleClick or other third parties a site might link to. And to ensure that we do not receive data we do not want or use, we have set our adservers to truncate any personal information that is accidently sent in our direction.

We think we have taken very responsible steps to address this internet infrastructure issue that affects all Web sites. We hope that responsible online reporters will take the time to understand the privacy issues that are important to consumers. DoubleClick is committed to educating consumers about how they can protect they privacy online. We invite readers to visit www.privacychoices.orgto learn more about these important issues. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.