DoubleClick Taken to Court 299
- Friday, January 28, 2 p.m. US EST
Tuesday USA Today reporter Will Rodger wrote about DoubleClick. We linked to his story here. Wednesday afternoon a DoubleClick Corporate Communications person* called Andover.net Corporate Communications VP Janet Holian and asked her to remove our story and the link to USA Today.
Janet passed the problem to me, since Andover has a very strict policy prohibiting Andover corporate people from interfering in editorial decisions.
I listened politely to the DoubleClick person, who told me USA Today's story was innacurate and we were wrong to link to it, and how she was calling journalists all over the country to tell them that the information in it was false and should not be relied upon. Then she requested that we pull the Slashdot story that linked to the USA Today story. No direct threats were made, but the words "refer this to our legal department" were said.
I said no, we couldn't and wouldn't pull the story.
Next move: I called USA Today. These guys are good fact-checkers. They pointed me at some of DoubleClick's own press releases and privacy policy pages, most of which had already been referenced by Slashdot in this story back in October, 1999.
An Open Offer
I offered DoubleClick's Corporate Communications person a chance to state their side of the story here, on Slashdot. I promised to run whatever they sent verbatim. I have received nothing from them so far. I called DoubleClick and reiterated the offer before writing this. Still nothing, not even an e-mail saying what information they feel is incorrect in any of the stories written about them here, in USA Today or in other media.
At this point, it's DoubleClick's move. Perhaps, eventually, they'll post something on their Press Release page. We'll keep an eye on it in case they do.
* I left out the name of the DoubleClick Corporate Communications person purely as a personal courtesy. She is a very nice woman in a bad position, trying to do a very tough job - which, right now, could probably best be described as "frantic damage control."
worst lawyer ever (Score:1)
Lawyer: So Mr Greenjeans have you ever seen my
defendant before?
MrG: Welp, yes I did. I saw him steal something from my store.
Lawyer: Shut up, old man. You listen to me you stupid fuck, you never saw my defendant.
Lawyer2: Objection your honor, this is insane. He can not swear at a witness.
Lawyer: Shut up you fucken prick, I fucked your wife last night, how about that?!
Judge: Mr Asee, will you please remove that bag from your head? I can not make out who you are.
Laywer: No, dickhead. This bag allows me curse off in court.
Re:So you don't realize you are a slimeball? (Score:1)
Doubleclick vs MPAA (Score:1)
In the MPAA case, the MPAA is lying. They sell DVDs with the implicit understanding that the purchaser is going to view the movie. Then afterward, when the purchaser attempts to watch the movie on his Linux box, they want to change the terms of the deal and not allow that. That's not fair - you don't get to change the terms after the deal's done. If they had said up front "By buying this DVD, you agree to only use an MPAA-approved player," and the purchaser agreed to it, then their position would be justifiable. That isn't what they did. Furthermore, they're lying about the purpose of the lawsuits. Really, how many people are making illegal copies of DVDs? I'd wager not very many. Yet the MPAA keeps falsely misrepresenting this as the focus of their efforts.
The Doubleclick case, like the MPAA case, involves a company which deceives the public and wants to change the terms of an agreement after the deal's done. Doubleclick said they were not collecting certain types of information and then did exactly what they claimed they weren't doing.
Both cases have little to do with private information and a lot to do with who's lying and cheating.
IP chains rules (Score:1)
and then of course
I know some of the entries could be concatened somehow but don't know how. Would 199.95.206.0/23 prevent 199.95.206.0 to 199.95.209.255. Any other IP ranges I am missing out ?Re:So you don't realize you are a slimeball? (Score:1)
FUCK YOU, dude. I am guessing that your assertion is based on a typical fucken layman's analysis of the case ie fucken none at all. So having heard your side, may I fucken retort?
Fuck you. The case was fucken good. The proof that the case was fuck3n good was that it fucken won. Bad cases don't fucken win.
Fuck you. Do you think that this fucken lady showed up in the courthouse with Skadden Arps Ballseater and Bosch, while McDonalds like showed up with some drunken lazyass public defender? No. McD's has a fucken All-American, All-Star team of fucken lawyers. And they still lost. Sounds like a fucken good case to me.
Fuck you. Do you fucken ring up Bill Gates and tell him how he doesn't deserve his money? I'll bet you fucken probably do. And I'm sure he gives as little of a fuck what you think as I do. Because he's got the $$$$, and you don't. And he's a winner, and you ain't. And this lady (and, may I add, her fucken attorney, who deserves a medal and not all this SHIT) is a winner too. Keep your petty fucken jealousy to yourself and spend an hour of your whining time every day studying. It's possible for a really good engineer to make nearly as much as a partner at a good law firm these days, ya know
--just call me streetlawyer man, ma'am
serves 'em right! (Score:1)
After all, they indicated by typing "MAIL TO" into my SMTP server that they accept the terms in my SMTP banner.
Terms like "you give me all your money and property".
ObNitpick (Score:1)
Name: Kevin Ryan
Occupation: DoubleClick President
Email: kryan@doubleclick.net
The top guy at DoubleClick is Kevin O'Connor, not Kevin Ryan. I used to work with O'Connor at DCA in the early 90s -- he was a total jerk back then, and from what I've heard & read here, it sounds like he's gotten even worse.
Re:Its not suprising (Score:1)
Re:So you don't realize you are a slimeball? (Score:1)
When the police decide they don't like you, because you did not kiss their ass, a lawyer is the only person who will support you and help you, and who knows the ropes.
Your attitude towards lawyers is as ignorant as a racist attitude towards blacks. Perhaps when you move out of your parents house (mentaly or phisically) and experience the real world, you might come to appreciate how lawyers are your friend.
Opting Out (Score:1)
I'm sure if they get eoungh heat and see enough people opt-out to threaten their business, that little feature is history, and there's very little anyone can do about it.
And yes, I've got the ads sites blocked in my /etc/hosts. There's very little doubleclick can do about that.
Islands In the Net (Score:1)
---
pb Reply or e-mail; don't vaguely moderate [152.7.41.11].
Re:Do it yourself opt-out (Score:1)
Good point though. Mark 'cookies.txt' as Read-Only, and you never save any cookies through a session. Of course, this affects all sites, not just doubleclick.
Hmmm. AWEB3 on the Amiga lets you deny cookies from specific sites - why don't we petition Netscape/Mozilla/Opera/MS to do the same in their browsers, thus giving us the option to opt-out on all cookies from sites we are not sure about?
Would like like to accept this cookie?
Yes, No, Always from this site, never from this site.
T.
Re:But ads pay for the web. You'll hurt by filteri (Score:1)
Reading Jakob Nielsen's "Why Advertising Doesn't Work on the Web" [useit.com] might be fruitful.
Re:Drive Business Offshore? (Score:1)
All those evil, capitalist sites? Sites where
people speak freely about their governments?
Even sites like slashdot?
Or what a country like Iran would do given the
chance -- if a woman had a picture of herself
wearing an andover.net t-shirt and shorts, it'd
be banned.
These firewalls are already pretty regularly
penetrated; cryptography and steganography only
make it easier. Someone could host content
offshore, relayed through any third-party country
like the UK or India, and then redistribute it
through the US. Unless you can get *everyone*
in the world to blackhole route a site, it'll
find a way through, especially if it's valuable
data. During the recent Kosovo war, Serbian
sites were still on the net, after all -- including free radio sites mirrored in Amsterdam
detailing the plight of those trapped in the
crossfire.
After all, one person's "evil vile filithy trash"
is another's message of freedom. Systems like
ZKS Freedom [zks.net]
will only make it harder to censor the net.
If people want to protect privacy, they should
do it themselves, using Freedom, throwaway accounts, or Junkbuster; they should run crying
to the government to do it for them.
Re:Drive Business Offshore? (Score:1)
It would be pretty hard to beat someone's
wife from 6 000 miles away.
A better parallel would be "we should legalize
sending death threats via email because otherwise
people will just send death threats from offshore". That argument breaks down precisely
at the point where the email stops being a
random piece of email (legal) and is a direct
"immediate and palpable entreaty to or threat of
violent action", which is already a criminal act,
and is covered by existing law.
Re:Hack Mozilla to opt you out (Score:1)
Re:blackhole all doubleclick URLs (Score:1)
- || shExpMatch(url, "*ads*")
the auto-proxy config would also toss out all URLS with "ads" in them; but that isn't focused enough for my tastes. Anyway, I don't use something like JunkBuster itself for the reason given in the comments at my no-ads page:Re:Yeah...Make it class action!!! (Score:1)
Re:Do it yourself opt-out (Score:1)
Users of the iCab [www.icab.de] browser will find that it can filter cookies (and images too) based on domain (and a few other rules).
It's a Mac only browser, and is still in pre-release. It's lacking Javascript, but has a remarkably small memory and disk footprint, it's also about half again as fast as IE or Netscape on a Mac.
Re:mixed feelings (Score:1)
Educate !
Re:Do it yourself opt-out (Score:1)
Re:IP chains rules (Score:1)
#!/bin/sh
DoubleClick="199.95.206.0/23 199.95.208.0/23 199.95.210.0/24 208.32.211.0/24 208.211.225.0/24 208.184.29.0/24"
if [ -n "$DoubleClick" ];then
for address in $DoubleClick
do
ipchains -A output -d $address -j REJECT
done
fi
199.95.206.0/23 means 23 significant bits.
199.95 is 16 bits, leaves 7 for 206
206 = 11001110
where 1100111 is significant
so it'd block 199.95.206.x and 199.95.207.x only.
and with 206.0/22, you'd block 204.x - 207.x, that's not what you want.
with 208.0/23 you'd block 208.x and 209.x
So basically you can get rid of 2 rules.
Pollute their database? (Score:1)
Isn't there a nice way to pollute their database? By sending bogus cookies, for instance?
Any way to opt out of the database? (Score:2)
-D
Opt OUT!? (Score:2)
In return, I will set up a spy camera in the homes of everyone who works for the comapany unless they respond to this post telling me that they want to opt out.
OPT_OUT working? (Score:2)
One ws called id, with a value of "A"
The other was had like a 16 digit alphaneumeric name, with similar content.
Anyone else see anything similar?
Re:just call me streetlawyer man (Score:2)
Sad, really.
Re:Drive Business Offshore? (Score:2)
these regulations will have an unintended consequence -- drive these businesses offshore.
The best thing to do is to keep a public list of companies that do this. I have already blackholed doubleclick in my DNS caching server. I will do the same to any company that wants to violate my privacy. To me, doubleclick ads look remarkably like the broken image icon.
I'm certain that they are not exactly crying over my action, but if enough people do that (especially if ISPs do that as a service to their customers) they will be hurt, and moving offshore won't help them.
Re:how will they do this? (Score:2)
Yes, I do believe that it violates certain privacy laws, but I don't think that's the case if whatever forms they use to gather that information have an opt-out or opt-in procedure. The customer must be made aware of this information exchange.
As I understand it, they SORT OF let the customer know, but it's like in the Hitchiker's Guide, it's on file in the planning office (in a locked filing cabinet in a disused lavatory in the basement. The light had gone out and so had the stairs). In other words, the notification is in fine print in the privacy statement which is several pages deep.
Re:Do it yourself opt-out (Score:2)
I say put in 'OPT_OUT', since they can always reestablish the cookies. At least this way, if your information does end up in your stash, you can point to your cookie file and say, "See, it says, 'OPT_OUT'!"
Re:how will they do this? (Score:2)
It's number two. They have setup limited partnerships with various companies to have that information relayed back to them. Yes, I do believe that it violates certain privacy laws, but I don't think that's the case if whatever forms they use to gather that information have an opt-out or opt-in procedure. The customer must be made aware of this information exchange.
Re:Contradictory (Score:2)
personally, I support something like this:
Re:blackhole all doubleclick URLs (Score:2)
Windows, and Macs with IE5 or NS2-5. yes, and right now I can't go to your no-ads [schooner.com] page because Junkbuster sees "ads" in the url and tosses it
Junkbuster works like a dream, it's a really tight little program, and it even seems to cure Netscapes horrible DNS hangs. It comes as a rpm, exe, whatever, and also compiles from source in a few seconds, with a raw makefile that doesn't need configuring. One obvious improvement: instead of just giving you a link to the reason why it tossed a page, it should give you a "go there anyway" link as well. I'll see what I can do...
Re:an analogy from broadcast television (Score:2)
Re:an analogy from broadcast television (Score:2)
Former Sysop/AssistOp -- Adobe; Comics; Artists
Unfortunately folks jumped ship to save a few dollars a month so we could spend hours longer searching for the same information. Now I'm on email lists that have 10 times as much noise, no threading and half the information of the old fora. But I guess that's progress!...
Re:My Doubleclick cookie looks like this: (Score:2)
id
This is the cookie name. Don't trust any cookie with a name of "id", "user" or names containing these words if they are from a site you don't know or don't trust. It's a tracking cookie. Delete all such cookies on sight (unless they are from a site you trust, like slashdot), and if possible block access from the site via your firewall.
OPT_OUT
This is the cookie value.
doubleclick.net/
This is the domain and path for the cookie. This one means the cookie will be sent to all sites with a domain of doubleclick.net.
0
Don't know what this is, any ideas?
1468938752
31583413
This is the expiration time of the cookie. More details on the format later. When you decrypt this time, you'll find that it's about 2030 or so. Most sites that push cookies at you with an expiration time this far in the future are not to be trusted.
776923520
29321255
This is the creation time of the cookie.
*
I don't know what this is either, any ideas?
The times are a 64-bit number. Take the first number, add the second number * 2^32, and divide by (I think) 10 million. You get number of milliseconds since about 1/1/1601. I have been having a little trouble determining the exact epoch (time when number = 0) of this number, because Microsoft seem to be deliberately obfuscating this information. For example, if you export cookies in Netscape format, the exported time is wrong.
If you want to fake this date and time for any reason, such as destroying any usefulness of tracking you by the creation time, then note that the date and time is always exactly divisible by (I think 10 million), with no remainder.
--
You want the government running your firewall? (Score:2)
You really want the government telling you who you can and cannot connect to? Personally, that idea scares me. For one, it is just about the same thing as censorship. Sorry, but I don't want the government in that business.
You can setup your own proxy server or firewall to prevent such privacy invasions, however. I recommend The Internet Junkbuster [junkbusters.com]; I set it up in like ten minutes the other day and it works great.
Re:Drive Business Offshore? (Score:2)
Sure, eventually all the big businesses could go offshore, but users still need homepages, and small sites still need banners, which would mean that there would be a market for a legal banner site.
And, think of the fun, if they were offshore in such a way that our laws didn't apply to them, theirs wouldn't to us. A free site to hack on, and they'd have no legal grounds to stop you unless you broke laws of your host country, and I doubt the government would go out of their way to help them.
I'm with the other poster in this group, I've filtered out banners I don't like. I use junkbuster (www.junkbuster.com) instead of misrouting the IP because the browser stops looking, but otherwise, I do the same.
Re:But ads pay for the web. You'll hurt by filteri (Score:2)
If companies go under because they get boycotted for being sleezy it'll just open up a place for a new company. And if they use a banner company that doesn't suck, maybe people won't blacklist them, and they'll make a buck. If not, there'll be another right behind them willing to try.
By your logic we should all go watch movies now, because the MPAA needs money, and if we don't support them, there will never be any entertainment again.
Re:Think about this in Real World Terms (Score:2)
The companies that do this are sleezy, because they usually jack the non-club price of hot items up, forcing non-participating shoppers to either go to two stores, pay very high prices, or sign over their privacy.
And I like how the poster you (the poster I'm responging to) talked about a free plane trip every $2000... How about a free trip every $20k, and then only to certain destinations, for certain times, etc. That's how airmiles cards work.
Speaking of bum deals, I received some gift certificates to the movies for my birthday and when I went to see James Bond:TWINE, I was told it was a premeire night and my gift certificates weren't any good. So I gave them hell about refusing to honor a contract. They didn't say anywhere that the gift certificates weren't valid for everything, except on the gift certificate itself, which you didn't see till you paid. Gave them hell for a while until they backed down. Freaking good for nothing assholes. As soon as they have your money they make it clear how much they care.
Re:OPT_OUT working? (Score:2)
That's what it was after I went there. I had to unblock them temporarily, but I thought it was worth the experiment.
I wonder what the numbers are... Could be an ID.
I've never seen a real doubeclick cookie, or I'd post that too for comparison.
Everyone: Post your cookies from doubleclick. We'll figure out what everything means and then find a good way to screw with their stats.
Re:Internet Junkbuster (Score:2)
Thank you.
Re:just call me streetlawyer man (Score:2)
First off, you sound like an ambulance chaser trying to justify his decision to leech off the teet of the productive portions of society.
Secondly, you must not be overly educated if you don't know that most of the upper crust, semi-working class (politians, CEOs, etc.) have more vile mouths than your average hardened criminal.
Thirdly, posting as an AC is no more in public than hiding in your closet.
Fourthly, lawsuits are not particularily indicative of freedom, unless you mean the freedom to fuck over anyone who has less money than yourself. Or the freedom to run roughshod over the rights of others because they don't have enough money to stick it to you in a court of law.
My solution to doubleclick.net (Score:2)
127.0.0.1 ad.doubleclick.net
127.0.0.1 ads.doubleclick.net
Bingo! no more problems, no more crappy ads, etc. I've been doing this with every banner provider I can find. However, can anyone come up with a good reason why this is a bad idea? (other than 'hope you don't work for doubleclick?')
Well (Score:2)
Re:Do it yourself opt-out (Score:2)
echo:>cookies.txt
attrib +r cookies.txt
---
Flashback (Score:2)
"We don't think it's an issue," said Kevin Ryan, DoubleClick's president.
DoubleClick says there is no demand for prior consent. For instance, of the 75 million people per month who view DoubleClick network ads, only ten per day elect to remove the company's cookie, which tracks surfing habits, from their computers.
"I've been very active on the online privacy issues with the FTC since 1997," he added. "We spent a lot of time on this in discussing the merger--if consumers are not happy, neither one of us has a business."
Re:My solution to doubleclick.net (Score:2)
//rdj
Re:Think about this in Real World Terms (Score:2)
Far fetched? Not at all. Our local mall does this already. Of course they call it "Mallperks" and you have to show a card to get your reward (the free plane ticket was just an example), but people seem to be willing to trade their privacy for a few extra gewgaws. And they do it even though anyone with a room-temperature IQ should know that all that information is going into a big database somewhere that They are going to use to know everything about you, including what games you play, what kind of makeup you buy, what toys your kids play with and probably how often you have sex.
Needless to say I don't have one of these cards.
--
Trying to explain this to the masses. (Score:2)
BTW, I tried DoubleDlick's opt-out script using Netscape 4.7 under Linux (Gnome, Redhat 6.1) and it didn't work. Maybe something just glitched, but I ended up editing cookies manually.
Another Engineer Speaks (Score:2)
The problem is that there is very little acting to remove bad law, and thus they just pile up, clogging the system.
Force every federal law to stand for review every 10 years, and watch the volume of law shrink.
I also say that all laws ought to be required to stand for 1 year public scrutiny, then be voted on as a straight yes/no vote. Any modifications restart the clock.
Basically, let's bring the OSS methodology of "publish early, publish often" to law.
Roblimo, make this a new story! (Score:2)
This is the STUPIDEST way to handle this I can think of! "Hmm, I've set my shirt on fire. Perhaps I can run outside and dowse myself in something cold, like liquid oxygen..."
You don't get this stupid by accident. It takes bad genetics, years of practice, and chemical assistance. I've blocked DC for years on my firewall, now I know I made the right decision.
Re:DoubleClick Privacy Statement (Score:2)
What that means is you would have to read every privacy statement of every website you visit, and if even one mentions something in the fine print about viewing "personally tailored ads", DoubleClick can identify you and your web browsing habits.
The odds are pretty good that you have "agreed" to that somewhere, since DoubleClick has such a large percentage of the banner ad business.
Re:Another Danger (Score:2)
Here is where I read [cookiecentral.com] about it.
And you are correct about second level domains sharing cookies. It depends on how you set the cookie. If you were to set it to "somerandomsite.com" it can be shared. If you were to set it to "www.somerandomsite.com" only www.somerandomsite.com can read it.
Here is the reference I use anytime I need to use cookies: Cookie FAQ [cookiecentral.com]
Good lawsuits (Score:2)
I don't know when it started, but I certainly didn't give anyone express permission to buy and sell my life's history as a consumer, just so they could "target" the junk mail and telephone spam that they insist on hurling at me. These giant databases of consumer information are sketchy in and of themselves, but when they are combined with what I consider browsing surveillance, they very well could cross the line into corporate big brother behavior.
If we have the freedom not to be illicitly watched by the government in our private lives (without cause), wouldn't that freedom extend to restrict the behavior of corporations?
Additionally, if someone is indiscriminately watching my habits online, how close does that get to wiretapping?
Just rambling
Who is she? (Score:2)
Re:Who is she? (Score:2)
Re:Drive Business Offshore? (Score:2)
Maybe now, maybe not for long.
how will they do this? (Score:2)
have doubleclick explained how they are going to make this thing happen? i mean, yes they have a database with cookie 'movements' and yes, they have a database with names. but unless they have some way to link these two together, there is no way to make the name db usefull.
there are two ways they can do the name->cookie mapping.
1) if you give them your name, they obviously got what they need, so avoid that
2) if they make a deal with major sites that use banners from doubleclick where the sites relay personal information submited to them back to doubleclick, the name->cookie mapping may be done.
but i belive #2 violates some privacy laws.
larva
Blocking doubleclick with Apache proxy (Score:2)
My Doubleclick cookie looks like this: (Score:2)
id
OPT_OUT
doubleclick.net/
0
1468938752
31583413
776923520
29321255
*
Anyone else who opted out, do you have these EXACT same numbers? Seems weird that my optout gives me random numbers....
Blocking DNS - Everyone is missing a few... (Score:2)
here are a the major ad corps
127.0.0.1 adforce.imgis.com
127.0.0.1 ads.enliven.com
127.0.0.1 Ogilvy.ngadcenter.net
127.0.0.1 oz.valueclick.com
Double click below...
127.0.0.1 doubleclick.net
127.0.0.1 ads.doubleclick.net
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad2.doubleclick.net
127.0.0.1 ad3.doubleclick.net
127.0.0.1 ad4.doubleclick.net
127.0.0.1 ad5.doubleclick.net
127.0.0.1 ad6.doubleclick.net
127.0.0.1 ad7.doubleclick.net
127.0.0.1 ad8.doubleclick.net
127.0.0.1 ad9.doubleclick.net
you might want to add in these for when they grow...
127.0.0.1 ad10.doubleclick.net
127.0.0.1 ad11.doubleclick.net
127.0.0.1 ad12.doubleclick.net
127.0.0.1 ad13.doubleclick.net
127.0.0.1 ad14.doubleclick.net
127.0.0.1 ad15.doubleclick.net
127.0.0.1 ad16.doubleclick.net
127.0.0.1 ad17.doubleclick.net
127.0.0.1 ad18.doubleclick.net
127.0.0.1 ad19.doubleclick.net
127.0.0.1 ad20.doubleclick.net
Aaron "PooF" Matthews
E-mail: aaron@fish.pathcom.com
To mail me remove "fish."
ICQ: 11391152
Quote: "Success is the greatest revenge"
This is why I never worried about cookies (Score:2)
When I've heard people criticize cookies, this has always been the horror story that they theorized about. My reply has always been that if someone was stupid enough to try it, they would be instantly sued by privacy groups.
Hopefully this lawsuit will have the intended effect, and he we will have a precedent set that it's illegal to do this type of tracking. Then hopefully (although I doubt it will happen) people will stop freaking about cookies.
Cookies are your friend. Cookies make web sites a whole lot simpler and more reliable.
--
Re:Then you bet wrong --way wrong! (Score:2)
Well, first I should say that I don't really care about market tracking that much. I'm just not that paranoid ("Diana, get your gun. The marketing police are trying to break down the door!"). I just opt out when I find out.
Second of all, they probably will just get a slap on the wrist and who cares? As long as they stop, I'm happy. I should point out that the women suffered no real financial damages.
Personally, I don't want them to "go out of business". I like web advertising. You know why? Because without it, a lot of web services that I enjoy using would cease to exist. Having some ads that take up a minuscule part of my screen is a small price to pay for these services.
Like Slashdot? Junkbuster just makes it harder for Slashdots to exist. You might try realizing that ads are what make a lot of these things possible, and show a little more appreciation and respect./P.
--
mixed feelings (Score:2)
This, however, is a stupid lawsuit. If the woman was genuinly concerned about privacy, she should do what many of us already do and filter out doubleclick before it arives at the browser.
This individual is looking to raid some deep pockets, and she has targeted doubleclick because they are disliked enough that she may not look greedy compared to them.
But this is still about greed. No, we don't like doubleclick, but is my enemy's enemy my friend?
Location, Location, Location! (Score:2)
One interesting thing about the lawsuit is that it is brought in California, by a California resident.
California is one of a handful of States which, by State Constitution, gives its residents more privacy rights than afforded to the U.S. at large by the U.S. Constitution. It is unclear from reporting I've seen so far whether this Plaintiff is claiming privacy rights under the California constitution, but I am a California lawyer, and I would think about it seriously.
The beauty of this would be that, if the Plaintiff does have a good case under California privacy law, then even if (hypothetically) she doesn't under federal law, as a practical matter DoubleClick would have to modify its behavior throughout the country, since it would be untenable for them to have one set of rules for California web users, another for everyone else.
Re:mixed feelings (Score:2)
You know how to filter DoubleClick. I know how to filter DoubleClick. 99 and 44/100% of Internet users do not know how to filter DoubleClick. And there is no reason in the world that they should have to learn. Her privacy has, obviously, been invaded--the question now is whether a jury decides that her privacy is worth much.
cookies file, not bookmarks (Score:2)
Re:Who is she? (Score:2)
Well, let me check my server logs... she's a single white female who seems to like puppies and chocolate. She sleeps around a bit, has good credit... ha ha, just kidding.
I'm trying to make the point that wanting to learn about people and their backgrounds and motives is just what Doubleclick does. I'm not saying I'm in favor of it, but folks who wish to regulate it have to realize that there are free speech implications. We are allowed to learn things and share what we learn, it's part of a free society.
What Really Should Happen, But Won't (Score:2)
If you think about it for a moment, one person suing a company won't do much. True, it does take money out of their pockets, give them some bad PR and perhaps invites other lawsuits, but this accomplishes nothing in the long run.
What needs to be done is there should either be stricter laws against this kind of thing, or someone (dare I say the government?) should intervene. Personally, I perfer to see stronger privacy laws, but don't beleive it will ever happen due to lobbying by companies and senators thinking there are more "important things" that need to be done instead (such as government funded tests to see how fast ketchup flows. It's true.).
So, in the end, the question stands "What can you do to help?". Contact representatives in government and tell them how you feel about abuses such as this. Write, e-mail, fax, call, stop by, whatever it takes to make your voice heard. If you don't help make a difference, then you're just helping DoubleClick by keeping quiet.
A few people getting some money from a company won't help, but laws and speaking out against this sort of thing will.
Re:how will they do this? (Score:2)
According to the article in yesterday's post, a few companies have cut deals with them to record this information and pass it on. All it takes is one company trading it for them to get a lock on you.
I'm not so worried about opting out. Frankly, cookies are sometimes useful, and really, Doubleclick is counting on people either not hearing, not caring/bothering, or forgetting when they reinstall their browser/use a different one/ get a new computer.
Re:Who is she? (Score:2)
This strikes to the heart of what bugs me. I'm capable of finding out about Doubleckick's shenanagins and Junkbuster to block it out. I worry for those who can't.
Doubleckick's dealings take the privacy of Joe Average who's gettin' on this "Internet Thing" without realising what's at stake. Notice all the new net-enabled stuff coming out (TV boxes, game consoles, microwave ovens). Now that web access comes in a box - just plug in and go, what technologies protect these people?
I really don't have too much problem with Doubleckick collecting info. I do have a problem with them doing it behind the back of the average person. I hope this suit helps the masses.
Another Danger (Score:2)
--Hephaestus_Lee
Everyone use the same cookie? (Score:2)
DoubleClick/NetPrivacy on National Public Radio (Score:2)
For anyone who is interested, a realplayer replay of the program should be available by tomorrow at http://search.npr.org/cf/cmn/cmnps02fm.cfm?MM=1&YY =2000&PrgID=5).
Re:Do it yourself opt-out (Score:2)
ln -s /dev/null cookies.txt
and it accomplishes the same thing. writes do go to RAM so that for the duration of the netscape session, cookies are readable, but when you exit and restart netscape, all cookies are gone! ;-)
--
an analogy from broadcast television (Score:2)
then "cable tv" came about. it was a pay-to-access (or decode) service. and while there was some doubt that folks would actually pay for what they used to get for free, it soon took off in a big way. now, there are more than 10x pay stations compared to 'free' stations. (maybe even 100x if you have a BUD dish.)
so why can't the new internet learn from this example? I, for one, would gladly pay for actual factual real content just to avoid spam, ads, Blinkin'Gifs, JavaScript hacks and other such annoying nonsense.
but in return for my money, I'd want to be sure that my privacy is being protected. perhaps a contract that has, in essense, "if my personal information or viewing/browsing habits are ever recorded or exposed/sold, then $X dollars are to be refunded - plus damages - back to me". ie, a check and balance system of sorts. just to keep the sites honest.
end effect: sites would get paid, consumers' rights would not be abused and content would continue to exist. and freedom of competition would keep it all affordable.
--
OPT-OUT is a joke. (Score:3)
Re:Another Danger (Score:3)
As you state, if you have a cookie set for domain.com, then the cookie will be accessable by www.domain.com, ftp.domain.com, and anything with that ending. Basically, a domain-level cookie is valid for all machines within that domain.
However, thanks to the Americanization of the web, Netscape didn't check the domain: they checked the last two fields for the match. So a cookie registered for demon.co.uk would work for all those machines, but a cookie set on co.uk would also be valid for *all* *.*.co.uk sites. This hole was used by a few malicious web masters, but I think it was quickly patched by Netscape.
blackhole all doubleclick URLs (Score:3)
http://www.schooner.com/~loverso/no-ads/
(I also blackhole a slew of other "ad banner" servers; mostly those that serve cookies or animated images)
Do it yourself opt-out (Score:3)
Then set the bookmarks file to read-only.
This allows doubleclick and its ilk to set a cookie. But every time you re-start, it starts all over. So they get a little bit of data, but they can only trail you through one session.
Or would you rather trust those bastard's opt-out, we wouldn't do anything nasty, we're good guys farce?
Better Way Still (Score:3)
Good! (Score:3)
Remember, when it comes to these 'marketing companies'....
How is it companies that you do business with are free to give any information you give them to a marketing company, but the marketing company will not give you information about *their* customers?
Hey, I can't opt out! (Score:3)
Aw, darn.
Databases are their property, unfortunately (Score:3)
Unfortunately, that information was likely collected using perfectly legal means, and is thus their property. You can control how they use it (e.g., stopping them from calling you to sell you things), but not the fact that they have it. You can usually tell them not to rent or sell your name, but I believe the law isn't clear on your rights in such cases.
Check out the Data About You [junkbusters.com] page at JunkBusters.com [junkbusters.com] for more information about this sort of thing.
Re:Do it yourself opt-out (Score:3)
Re:Better Way Still (Score:3)
Just setup a machine to act as the DNS server for your little network (or for your friends, or the whole internet - I wonder if it scales well?) and put those ad site (127.0.0.1) entries into the server's /etc/hosts file. Also, make a directory called /etc/dnrd (owned by root). Then run dnrd like so:
Any entries in the server'sRe:just call me streetlawyer man (Score:3)
Actually, the fact that a society needs specialists to interpret for its members just about every one of its rules indicates to me, as an engineer, that the system has grown too unwieldy & complex (too many special cases, too many "conflicting" rules, etc). If I were in charge of the design of this system, I would be working to consolidate & simplify the system until it were more maintainable - this would mean that more people would be able to understand "the rules" by themselves, and wouldn't need lawyers except for the most complex cases.
Of course, I know that anybody who is benefiting strongly from the current state of the system (lawyers are a good example :) is going to strongly resist any attempt to change the system, even if changing the system would result in an overall improvement in the "happiness level" of the society. It's only when the forces of change are stronger than the forces of the status quo that a change will occur - and if the forces are severely polarized when a massive change occurs, then the fallout can cause major societal damage.
To knock them out by filter... do this: (Score:3)
block in quick on ne0 from 199.95.208.0/24 to any
block out quick on ne0 from any to 199.95.208.0/24
block in quick on ne0 from 199.95.207.0/24 to any
block out quick on ne0 from any to 199.95.207.0/24
block in quick on ne0 from 209.249.231.0/24 to any
block out quick on ne0 from any to 209.249.231.0/24
block in quick on ne0 from 204.253.104.0/24 to any
block out quick on ne0 from any to 204.253.104.0/24
block in quick on ne0 from 208.184.29.0/24 to any
block out quick on ne0 from any to 208.184.29.0/24
This seemed to be more reliable than using the doublclick.net network. But everytime i blocked on out they got back in through another spot
Think about this in Real World Terms (Score:3)
yay! (Score:3)
--
just call me streetlawyer man (Score:4)
I mean it. Lawsuits are a sign of freedom. They're a sign that the government has decided to leave as much as possible to the free market and the law of contract and tort, and not to come in with a big wet fucking nanny agency. Which of course still generates work for lawyers through a regulatory practice, but less open and less honest work.
Would you rather Big Fucking Brother came in and spent fifty fucking years drawing up a piece of legislation precisely specifiyng what information could and couldn't be collected? All stuffed with pork, and with a big-ass federal agency to enforce it? Or would you rather this was decided in terms of general principles of tort and property, in an open court?
Well, I've got news for you, dickhead, the second method involves lawsuits. And those lawsuits have to be argued by lawyers. And that means that lawyers get rich. Check out the alternative any time you grudge us our big fucken' payoff. We don't get stock options, you know.
If the woman has a case, she will win. If she's whining like a bitch, she won't. End of. It's like a free market, only it's better than a free market because the smartest lawyer with the best argument always wins. How many other industries are there where the best product always wins? Not software.
Lawsuits are freedom. That's why we have so many in America, and they have so many government agencies in Europe.
AC posting allows an educated professional like me to swear like a thug in public. I say fucken keep it.
Internet Junkbuster (Score:4)
The Internet Junkbuster is a non-caching proxy that you run on your local computer. You tell it URL's to block and sites that you want to allow cookies from. It's really great. I can deny ads from doubleclick and any other company, as well as anything else I feel like blocking. It supports regexes for those that want them. I can allow cookies from Slashdot and deny them from everyone else.
Drive Business Offshore? (Score:4)
as with the EU privacy regulations
(where companies are not allowed to maintain
databases of customers or use such information for
focused marketing) and Texas's on again, off again
status as far as selling DMV information to
outside parties (Public Data [publicdata.com.ai])
and E-Banking (ebanking.com (luxembourg) [ebanking.com]),
and countless internet casinos and porn sites,
these regulations will have an unintended
consequence -- drive these businesses offshore.
No longer does the US and EU have a monopoly
on high-speed internet connectivity; it's possible
for any business selling valuable data illegal
in the US/EU to colocate a machine in a
less-regulated country, such as Anguilla, or
Costa Rica, or many others, employ a few locals
to maintain it, and pay admittedly higher rates
for satellite or undersea cable connectivity.
In exchange, pay lower or no taxes, have no
government interference in your business, etc.
Sure, this only makes sense for certain kinds of
data, data for which people are willing to pay
money, but that's the only interesting data,
anyway. When a T1 costs $100k/month, running
an online gambling site making $3m/month is a
lot better business than letting people
leech mp3s.
In the end, it's futile to try to restrict
businesses like this; all doubleclick would need
to do is contract with an offshore tracking
company, connected to the net over a 128kbps
satellite link, something they could set up
for $20k/month, and put that machine anywhere
in the world -- even on the back of a boat.
If they need help, they should email me -- I've
lived in Anguilla, the erstwhile datahaven, and
know a thing or two about such things
situation is only getting better, as far as
offshore colocation goes, as the major governments
get more and more restrictive and bandwidth
becomes more widely distributed -- in a few years,
every country in Africa will have fiber-optic
connectivity via redundant SONET, and that
gives the prospective colocator a lot of
potentially friendly and cash-starved countries
to negotiate with who wouldn't care about
the difference between online advertising and
online pornography.
The net views regulation as damage and routes
around it -- cypherpunks.
Hack Mozilla to opt you out (Score:4)
Maybe there should be a contest to come up with the best anti-tracking hack for Mozilla.
Re:mixed feelings (Score:4)
I say revoke their corporate charter, liquidate all corporate assests, fine the corporate officers and anyone else the law allows, and distribute the proceeds to everyone who was tracked or had their privacy compromised. But then, that's my opinion of what should happen to a lot of corporations.
DoubleClick Privacy Statement (Score:4)
- In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. DoubleClick does, however, collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type...
But they go on to say- However, as described in "Abacus Alliance" and "Information Collected by DoubleClick's Web Sites" below, non-personally identifiable information collected by DoubleClick in the course of ad delivery can be associated with a user's personally identifiable information if that user has agreed to receive personally-tailored ads.
Does anyone know which sites are a part of the "Abacus Alliance" and whether those sites explicitely ask your permission first? (eg. big flashing letters that say WE ARE WATCHING YOU! ?)Better way (Score:5)
Add this to
127.0.0.1 www.doubleclick.net
127.0.0.1 ad.doubleclick.com
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad.preferences.com
127.0.0.1 ad.washingtonpost.com
127.0.0.1 adbot.theonion.com
127.0.0.1 adpick.switchboard.com
127.0.0.1 ads.doubleclick.com
127.0.0.1 ads.doubleclick.net
127.0.0.1 ads.i33.com
127.0.0.1 ads.infospace.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.switchboard.com
127.0.0.1 ads.washingtonpost.com
That removes quite a lot of ads, and all of doubleclick.
---
Might be time for a law or two, here (Score:5)
You got a network card in your system? That has a "thumbprint" too. The MAC address.
You got any commercial software (e.g., Windows) on your system that you had to enter a software key to use? There's another "thumbprint" for you.
How about a static IP address? Ever time you send a network request, you're identifying yourself.
You think you're safe because you have a dynamic address? Do you at least always call the same ISP at the same phone number? You'll always be getting the same range of IP numbers, then. You and maybe a few dozen or hundred more people. That is almost as good as a unique personal ID, as far as demographics go.
Fact of the matter is, tracking a computer is not that hard to do. If you ever give out any personal information at all (name, email, phone number, ZIP code), that can be combined with any of the above to nail down exactly who you are.
I think Scott McNeally's right on this one. Privacy on the Internet is dead.
The only way to improve things would be for the government to step in and make such unauthorized tracking illegal, with hefty fines for violators. You could even do some good by donating said fines to the EFF [eff.org].
Re:Everyone use the same cookie? (Score:5)
.doubleclick.net TRUE / FALSE 1920499140 id a486b3cd