Feeds

DoubleClick, referral URLs and why The Reg is wrong

Company exercises right to reply

  • alert
  • submit to reddit

3 Big data security analytics techniques

Recently we wrote a story about Web form 'leakage', under the headline Another day, another Doubleclick privacy PR disaster.

DoubleClick thought the piece was inaccurate and harsh, particularly because it was singled out for "an Internet problem" - the leakage of personal information through referral URLs.

We offered the company the right to reply, and here it is, unedited, from the pen of Jules Polonetsky, chief privacy officer, DoubleClick Inc.

Polonetsky writes: In order for the Internet to continue to flourish - in order for this revolutionary medium to keep growing at such a rapid pace and be the engine for the greatest economic expansion in history - the Internet industry must make consumers comfortable that their privacy is being protected on-line. And, at the same time, publishers and advertisers must continue to customize and personalize web content and advertising so that users can get the information they want and web sites can generate the revenues necessary to stay in business and keep the Internet free.

Currently, a vast majority of Web sites offer content free of charge. Why? Because of effective Internet advertising.

By keeping the Internet free, Internet advertisers help bridge the digital divide for consumers. Internet advertising revenue also helps smaller start up Web sites offer unique and diverse content and compete with more established Web sites.

On the Internet, advertising is effective for consumers and advertisers when ads reach the right consumer at the right time. Internet advertising companies use information to attempt to deliver the ads to consumers that they are likely to click on.

At DoubleClick, we recognize that consumers must know that their privacy is protected online for e-commerce to continue to flourish. For that reason, we use an outside auditor to ensure that we live up to the privacy commitments we make. It is why we have had an opt-out button since 1997 on our Web site to give consumers the choice to opt-out of our anonymous targeted ads. It is why we have established a Consumer Privacy Advisory Board of privacy experts to help us continue to improve privacy standards on the Web.

And to help educate Web surfers about their privacy choices online we ran a campaign delivering 100 million ads online promoting www.privacychoices.org, a Web site dedicated to providing information about privacy rights.

One of my roles as Chief Privacy Officer at DoubleClick is to help educate the public about online privacy. One of the important steps in educating the public is helping reporters live up to their role in getting consumers the information they need.

If the online press doesn't understand the technology of the internet, how can they explain the privacy issues that are involved?

One issue that was reported recently involving referrer
URL's could use some clarification. Whenever a user goes to a Web page on the Internet, a request for the page is sent to a server. As part of HTTP (Hypertext Transfer Protocol), the protocol used by all Web sites to receive and respond to requests for web pages, certain information is sent to the server as part of that request. That information includes, among other things, the source of the request, called the referrer (in other words, the URL from where the user clicked to request the destination Web page).

The problem arises when a Web site uses "Get" method to submit information on a form that a consumer completes. In this case, information submitted by the consumer can be included in the referrer. If there is a link that is clicked on the following page, or an ad is being served to the page, the referrer URL can be sent to the linked site or the adserver with the personal information included.

DoubleClick does not want this information and does not
collect or use any personal information inadvertently sent to DoubleClick through the "get" method for adserving or other purposes. We have advised Web sites to use "Post" method technology when forms are submitted to ensure data is not accidently sent by a Web site to DoubleClick or other third parties a site might link to. And to ensure that we do not receive data we do not want or use, we have set our adservers to truncate any personal information that is accidently sent in our direction.

We think we have taken very responsible steps to address this internet infrastructure issue that affects all Web sites. We hope that responsible online reporters will take the time to understand the privacy issues that are important to consumers. DoubleClick is committed to educating consumers about how they can protect they privacy online. We invite readers to visit www.privacychoices.orgto learn more about these important issues. ®

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.