DoubleClick Opt-Out

[Rob Nagler]

John Evans wrote:
>         It appears that they are being honest about the whole opt-out
> thing. 

I think it is important to note that the contents of cookies are
meaningless.  I would not be surprised if the marketeers suggested
they put OPT_OUT in the cookie.

The value is in DoubleClick's database.  Despite your "OPT_OUT", they
still are tracking you.   Otherwise, they wouldn't have left the
other stuff in the cookie which uniquely identifies your browser.

Even without cookies, they have a tremendous amount of information about
your browsing patterns.

I've often wondered if Akami is collecting data.  Their servers are being
used by almost every major site right now.  Their claim to fame is knowing
where your browser is with respect to the server by mapping the network
geographically and working closely with ISPs.  What they do is identical
to what DoubleClick does, but I think they have much better technologists
and more complex traffic analysis tools.

I used to be a big "privacy nut".  I gave that up when I moved back to
the U.S. and bought a house, a car (with cash), etc.  In my former
home (Switzerland), I had to register with the government every time I
moved.  In the U.S., the only people you DON'T have to tell is the 
government, except, of course, if you buy a house, then the government
tells everybody else where you've moved. :-)

The point is that I think this whole cookie thing is way overblown and
misunderstood.  Cookies identify the browser, but so does your IP address,
browser version and OS, and, way more importantly, the Referer [sp thanks
to Netscape].  With the Referer, you can be tracked all over hell and
back.  If the referer is a search engine, you know what they searched for
to find your web site.  It's really useful stuff for webmasters, I must say.

Does all this compromise privacy?  Yes, in a way.  But so does Echelon
and Carnivore.  So does the fact that you subscribe to Time or buy your
groceries an King Soupers or Safeway.   Unless you pay cash for everything
(as I did for years in Europe), they know who you are in great detail
and what you purchase in great detail.   All DoubleClick knows is which
sites Browser XYZZY has been to.  They don't really know who your are,
because you can't give them that information, even with javascript bugs
which give away your email.

An electronic identity is easy to forge.  It's easy to create lots of them.
We tell our users to create hotmail or yahoo accounts if they want to
have multiple bivio accounts.   The fact that DoubleClick might know 
you are joeblow at hotmail.com and clicked at penthouse.com, doesn't mean
all that much.  You wrote in gobbledygook at hotmail when you set up
you joeblow account.

The only thing our site requires is an email address, so we can contact you.
We provide accounting software for investment clubs.  You can enter you name,
address, phone, social security number, and birth date.  Most people don't.
There are even some clubs that use numbers instead of names.  Those clubs 
standout btw and we usually take notice of them. :-)  The point is that
I think most sites have worthless databases.  I signed up at wfn.com and
they asked all kinds of really bizarre personal questions that no one in
their right might would answer even if they did have the time to think 
about them.

Anyway, just two bits for naught on a Thursday Eve.  Sorry if you think 
this is the wrong forum for this type of diatribe.  I just think it is 
important to understand the technology and understand what it really means
to our privacy.

Cheers,
Rob