How Websites Know Your Email Address the First Time You Visit 184
An anonymous reader writes "Darren Nix works for 42Floors, a business that uses its website to help people find office space. He recently received a marketing email for a service that offered to identify visitors to his website. After squeezing some information out of the marketer and playing around with a demo account, he now explains exactly how sketchy companies track your presence across multiple websites. The marketer offered to provide Nix with 'tracking code that would sit in your web site' which would 'grab a few key pieces of data from each visitor.' This includes IP addresses and search engine data. The marketer's company would then automatically analyze the data to try to identify the user and send back whatever personal information they've collected on that user from different websites. Thus, it's entirely possible for a site to know your name, email address, and company on your very first visit, and without any interaction on your part. Nix writes, 'A real-world analogue would be this scenario: You drive to Home Depot and walk in. Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone. If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour. Farfetched? I don't think so. ... All the necessary pieces already exist, they just haven't been combined yet.'"
Who does form post to? (Score:2, Informative)
TFA says user "fills out a form" but doesn't explicitly say exactly where that form is.
I get all email to any address at my domain, so I tend to put the expected sender's name into whatever address I give them. For example, Amazon thinks my email address is amazon@example.com. So when I go to Target, am I getting a Target form where I submit target@example.com on a form to target.com, which they are then sending to a marketing company or is Target's site sending me to the marketing company's site, where I'm entering marketingcompany@example.com?
If it's the latter, no problem. Either I was ok with that, or I wouldn't have sent the form.
If it's the former, Target is busted, since that's exactly why I use expected senders' names in my email addresses. That's how I know, for example, that Amazon has never "sold me out" but some other companies have, which is why Amazon still gets my business.
Re:Who does form post to? (Score:5, Informative)
Re:Who does form post to? (Score:4, Informative)
Even worse, there are some that will accept them, but then won't properly URL encode the + character in their unsubscribe links for spam they send you, resulting in a error page when you try to unsubscribe until you go and track down the hexadecimal representation of the + symbol's ASCII value (it's 2B, incidentally) and then modify the URL by hand to use "%2B" instead of "+". Disney, I'm looking at you.
Re:10% ? Great (Score:4, Informative)
I generate a new email address on one of my domains for every new interaction with a new vendor. The process requires approximately ten seconds of my time, and that address could vanish just as easily.
And I thought I was the only one paranoid enough to do this.
As you say, it's trivially easy, and has a huge upside. It also has showed me that the big companies really aren't a problem, even though they want as much data and want to advertise as much as the next guy. Less than 10 sites (out of over 500) have ever been a real problem, and a couple of times it has enabled me to alert the site to the fact that their list of e-mail addresses has been stolen.
Re:10% ? Great (Score:5, Informative)
last time i bought appliances i had to show my army discharge papers to get a nice 20% discount. saved hundreds of $$$ that day
The last time I bought an appliance, all I had to do was ask them to give me price that they would if the item was on it's best sale, and they did.
Since there are dozens of places to buy most anything, asking such a question costs you nothing, and might get you what you want. But, you have to be serious about walking away and going somewhere else to buy.