Paranoid about Cookies...

Thu May 18 23:42:08 CDT 2000

On 18 May 2000, Mike Coleman wrote:

> It has the ability to log every URL you visit that contains one of its
> ads.  I don't see your distinction.

Right, but all it can track are its URLs, not everywhere that you have
been.  In other words, it sets a user id key on your system, and logs
whenever you access one of its images, and the URL with which it was
accessed.  This is all that it does.  Note that the only difference
between their scheme and normal web logging is that they set a user id
key, and are actually trying to use the data.  Note that Amazon.com tracks
your buying and viewing habits...

> The stated purpose for these (I'm guessing) is that the grocer can
> somehow offer a more apropos variety of more economical products if
> they are able to track their customers buying habits precisely.

Exactly.  But I throw it back to you -- don't we _want_ targetted
advertising?  I dislike 99% of the advertising I see, but that 1% I care
about I do want to see -- wouldn't it be great if we could change the
ratio?  Make it more like 40/60?

Targetted advertising is a good step towards reducing the amount of
"broadcast-style" advertising that plagues us every day.  Billboards, junk
mail, leaflets, etc.  I think that there need to be constraints, but then
again, the market should take care of it.  Look at the Intel CPUID
marketing fiasco.  Good feature, DREADFUL marketing and salesmanship.  It
scared the bejesus out of a lot of people, when it was actually a good
idea.  Note that professional computer systems (Suns, SGIs, etc) all have
a way of identifying the serial number of the system from software.  Intel
just screwed up because it marketed the idea as a way for web sites to use
it as a user id.  People freaked out 'cause they thought that somehow
MSN.com could somehow reach out through the aether and yank the serial
number, without your permission.  Bah.  Sad to see a good idea die because
of Intel's stupidity.

> To me, that sounds like crap and I imagine that this came straight
> from the mind of some idiot PHB.  But even if it does work as stated,
> a database is being collected and is available for many alternate
> purposes.  Records are being subpoenaed by law enforcement, for
> example.  Buy too many Baggies and you may end up having the DEA break
> down your door at midnight.

This is where I agree with you.  I think it is a great idea, but we need
to have some kind of protection from the government as to use of this
data.  But note that this ISN'T DoubleClick's fault.  It's a product of
our wonderful War On Drugs(tm).

> I think the "_my_" part is mostly a red herring.  If you come to _my_
> house and use _my_ bathroom and I tape you and broadcast it, this is
> most definitely unethical.  Depending on local regs and your age, it
> might even be illegal.

Your analogy isn't appropriate.  The equivalent analogy would be for me to
be keeping track of which bathroom in my house you used at which time.  If
I put that information on a web site, that wouldn't be illegal.

You keep implying that DoubleClick is getting information from you that is
private, but in fact they were simply logging usage patterns.  This is
_very_ different, though it does get scary when you start thinking about
the FBI and overzealous local law enforcement.

> Similarly, if you talk to your bank on your employer's phone, most
> people wouldn't think it proper for your employer to eavesdrop on the
> conversation and disseminate the contents as they please.

Again, bad analogy.  The appropriate analogy would be for your employer to
track when and who you call, and use this information to see what you've
been doing.  This is perfectly legal, and although it's rather Big
Brotherish (and I'd certainly quit that job), it is not illegal nor is it
unethical.

> Most people seem to understand that following someone around and
> rummaging through their stuff is creepy and unethical behavior in the
> meat world, but for some reason they think it's okay in cyberspace.

Again, this IS NOT THE SAME THING AS TRACKING USAGE PATTERNS.

I appreciate your concerns, but you are really blowing DoubleClick's
method way out of proportion.  Perhaps you are using it as a soapbox for
your other concerns, but it really is not the same thing.

> Actually, I'd want them to divert a lot of the money they're currently
> spending ramming their products toward useful mechanisms for me to
> find *exactly* what I want when I want it.  If I'm looking for a
> pepper grinder (as I was yesterday), show me exactly what stores have
> which products in stock right now, and give me objective ratings on
> their quality, quirks, return rates, etc.

Legislation won't do that.  Market forces will.  Right now advertisement
is cheaper and much more effective.

Also, most advertisement is to get the word out to people about a product
that they _don't_ know about.  For example, if it wasn't for my mother
buying a George Foreman Grill from an infomercial, I wouldn't have tried
hers and loved it, and other people that have eaten burgers made off of
mine wouldn't have bought theirs.  I would never have gone out and looked
for a product like that.  Advertisement and word-of-mouth accomplished it.

> It seems germane to me.  It's another example of surreptitious
> monitoring in the context of web browsing.

But we were talking about cookies, not trojan horses (which is what this
is).

J.

o-----------------------------------o
| Jeffrey Watts                     |
| watts at jayhawks.net         o-----------------------------------------o
| Systems Programmer         | "I love you, I won't kill you.  Unless  |
| Network Systems Management |  I discover that you're worth more when |
| Sprint Communications      |  you're dead."                          |
o----------------------------|  -- Danger Bob                          |
                             |  "Slow Dance with Boba Fett"            |
                             o-----------------------------------------o