DoubleClick, referral URLs and why The Reg is wrong
Company exercises right to reply
Recently we wrote a story about Web form 'leakage', under the headline Another day, another Doubleclick privacy PR disaster.
DoubleClick thought the piece was inaccurate and harsh, particularly because it was singled out for "an Internet problem" - the leakage of personal information through referral URLs.
We offered the company the right to reply, and here it is, unedited, from the pen of Jules Polonetsky, chief privacy officer, DoubleClick Inc.
Polonetsky writes: In order for the Internet to continue to flourish - in order for this revolutionary medium to keep growing at such a rapid pace and be the engine for the greatest economic expansion in history - the Internet industry must make consumers comfortable that their privacy is being protected on-line. And, at the same time, publishers and advertisers must continue to customize and personalize web content and advertising so that users can get the information they want and web sites can generate the revenues necessary to stay in business and keep the Internet free.
Currently, a vast majority of Web sites offer content free of charge. Why? Because of effective Internet advertising.
By keeping the Internet free, Internet advertisers help bridge the digital divide for consumers. Internet advertising revenue also helps smaller start up Web sites offer unique and diverse content and compete with more established Web sites.
On the Internet, advertising is effective for consumers and advertisers when ads reach the right consumer at the right time. Internet advertising companies use information to attempt to deliver the ads to consumers that they are likely to click on.
At DoubleClick, we recognize that consumers must know that their privacy is protected online for e-commerce to continue to flourish. For that reason, we use an outside auditor to ensure that we live up to the privacy commitments we make. It is why we have had an opt-out button since 1997 on our Web site to give consumers the choice to opt-out of our anonymous targeted ads. It is why we have established a Consumer Privacy Advisory Board of privacy experts to help us continue to improve privacy standards on the Web.
And to help educate Web surfers about their privacy choices online we ran a campaign delivering 100 million ads online promoting www.privacychoices.org, a Web site dedicated to providing information about privacy rights.
One of my roles as Chief Privacy Officer at DoubleClick is to help educate the public about online privacy. One of the important steps in educating the public is helping reporters live up to their role in getting consumers the information they need.
If the online press doesn't understand the technology of the internet, how can they explain the privacy issues that are involved?
One issue that was reported recently involving referrer
URL's could use some clarification. Whenever a user goes to a Web page on the Internet, a request for the page is sent to a server. As part of HTTP (Hypertext Transfer Protocol), the protocol used by all Web sites to receive and respond to requests for web pages, certain information is sent to the server as part of that request. That information includes, among other things, the source of the request, called the referrer (in other words, the URL from where the user clicked to request the destination Web page).
The problem arises when a Web site uses "Get" method to submit information on a form that a consumer completes. In this case, information submitted by the consumer can be included in the referrer. If there is a link that is clicked on the following page, or an ad is being served to the page, the referrer URL can be sent to the linked site or the adserver with the personal information included.
DoubleClick does not want this information and does not
collect or use any personal information inadvertently sent to DoubleClick through the "get" method for adserving or other purposes. We have advised Web sites to use "Post" method technology when forms are submitted to ensure data is not accidently sent by a Web site to DoubleClick or other third parties a site might link to. And to ensure that we do not receive data we do not want or use, we have set our adservers to truncate any personal information that is accidently sent in our direction.
We think we have taken very responsible steps to address this internet infrastructure issue that affects all Web sites. We hope that responsible online reporters will take the time to understand the privacy issues that are important to consumers. DoubleClick is committed to educating consumers about how they can protect they privacy online. We invite readers to visit www.privacychoices.orgto learn more about these important issues. ®
Sponsored: Protecting mobile certificates