Do Not Call Site Has AT&T Stats Tracker?

hookedup writes "The Register is carrying an article about suspicious content at the FTC's Do Not Call site. It has been a runaway hit with US consumers, with over fifty million signing up to avoid spam calls from telemarketers. But the web site hides a little secret: a 1x1 pixel image tracking visitors... and where does the trail lead but to the AT&T, one of the most persistent telemarketers." However, the tipster, James 'Kibo' Parry, notes: "There isn't any evidence proving they _are_ up to anything improper, but this relationship between the FTC and AT&T fails to avoid the potential for impropriety."

Off by a power of ten?

[Delphix]

shouldn't that be FIFTY million, not five million?

Re:Off by a power of ten?

[Aidtopia]

It's fifty million phone numbers that have been registered, not customers. Many (most?) customers register more than one phone number, so there are probably fewer than 50 million customers, but certainly more than 5 million.

Re:Off by a power of ten?

[c0dedude]

You must be new here. That's only one order of magnatude. Around here, that's pretty good.

Re:Off by a power of ten?

[Murdock037]

Wait until the story is duped a few times, they should all add up to the right number eventually.

Re:Off by a power of ten?

[letxa2000]

Yeah, well to me the amazing thing in the story is that the government apparently paid AT&T $3.5 million to build the website. Have you visited the website? I've built more complex websites in a matter of weeks. Even charging $200/hour that would be easily less than $32k.

I would hope that "building" the site for $3.5 million also includes running it, ongoing maintenance, etc. Because if the government really paid AT&T $3.5 million to BUILD it and still has to pay some ongoing fee, they got ripped by an order or two of magnitude.

Government waste isn't surprising, but it's sad when it is made so obvious. A good percentage of the folks here at Slashdot could have done just as good a job for a fraction of the cost and STILL recorded a very good year income-wise.

should be called

[joeldg]

the "don't call me, spam me" list.. saying they are collecting millions of email from users and have a dubious privacy policy.

Re:should be called

[pla]

the "don't call me, spam me" list.. saying they are collecting millions of email from users and have a dubious privacy policy.

Agreed. So, why do Slashdotters, a group I consider more privacy-aware than most people, sign up through their website? Use the 800 number, and you don't need an email address (and you don't really "give up" any info by telling them your phone number, since they need to know it to block it anyway).

Strange. I agree completely this looks a tad bit unkosher, but a very very simp

Re:should be called

[joeldg]

I think I used a mailinator.com address when I signed up.

Re:should be called

[pla]

for the phone company to know in advance of the deadline who is signing up is worth $$$, and if you dial the 800 number, guess who finds out? probably, two phone companies. other permutations too... read the article.

I consider it unfortunate you posted as AC, you have a good point deserving a score better than zero.

However, while I agree with you, consider the long-term (and not all that long, actually, a month or two) difference between giving them your phone number, vs giving them your email address.

All this carp...

[Atario]

...is exactly why I haven't signed up (and don't plan to) with the no-call list. Seems like a giant reverse honeypot. "Get on our website [tracker bug] so you can sign up [provide all your juicy contact & demographic info] so we can make sure you don't get bothered again [make sure ultra-crosslinked, up-to-date data on you is in all our 'affiliates'' clutches so you'll never recover from the flood you're about to get]."

It's like the occasional spams I get with the subject "Tired of spam?".

I'll take

So what?

[larry bagina]

Slashdot runs MS ads.

Re:So what?

[Kenja]

Dear God your RIGHT! Lock the doors Martha, there gona be comming for me any second now. Get out my good shotgun and push the couch up against the window. You'll never take me alive Slashdot Bastards! You or your Microsoft Overlords.

Re:So what?

[rifter]

Slashdot runs MS ads.

They also have (or had at one time) web bugs on their site... :)

Re:So what?

[NanoGator]

"Slashdot runs MS ads."

So that means you can thank Slashdot for being here. Not just by providing a scapegoat for the world's problems, but also for paying Slashdot to stay alive!

Re:So what?

[Paul Jakma]

Oh even better, Slashdot run ads for bulk-mailers [jakma.org]and spam, sorry, "opt-in" [jakma.org] address list resellers. Kind of ironic considering slashdot's editorial stance on spam: "Spam is evil and bad", - unless of course its money they send you rather than spam...

Nitpick

[trveler]

Just a small nitpick - the article fails to mention that only users of browsers capable of (or set to by default) showing images can be tracked by this method.

Long live lynx!

Re:Nitpick

[rmarll]

Just a small nitpick - the article fails to mention that only users of browsers capable of (or set to by default) showing images can be tracked by this method.

Long live lynx!

Heh moderately funny.

Almost as funny as being moderated informative.

Re:Nitpick

[carlmenezes]

I disagree that this is Nitpicking.

If over 90% of the browser market share is owned by Internet Explorer, does that not mean that over 90% of visitors to the Do Not Call site will be affected?

That's a major effect to me. Not a nitpick.

Just how many people do you think actually browse the internet at all times with a text mode browser? I'm asking people here - not scripts or web spiders or any such thing, so be careful when quoting numbers :)

Re:Nitpick

[(eternal_software)]

Why are comments like this still getting modded up to +5?

It's 2003, the web has images, and noone uses Lynx to browse. Stop kidding yourselves.

Nothing "weirdo" about Lynx

[bkrrrrr]

There's nothing "weirdo" about using Lynx. It's very effective for many tasks, and far more efficient for using certain websites than Mozilla, et al.

bkr

Re:Nitpick

[Gherald]

> never come across Mozilla's "Accept images that come from the originating server only" setting

Oh he's come across it alright, but he doesn't consider it a valid option because it makes it harder to browse for porn with Google's image search.

Re:Nitpick

[Mattcelt]

Or Opera's "load cached images only"?

I love this feature - I can load images selectively, and often will only load one or two images per page.

This is especially great with dialup, when you can save a bunch of time on graphic-intensive websites.

It even helps with my cable modem when some sites are /.'ed!

Re:

[account_deleted]

Comment removed based on user account deletion

More Info

[c0dedude]

I went to ftc.gov to see if such a link is standard operating procedure for them. It isn't on that site. Strange, no? Why would they track anyone who wants to stop receiveing phone ads? <conspiracytheory> To make up for it in spam!</conspiracytheory> :-)

Re:More Info

[WTFmonkey]

Fine by me. Spam's a lot easier to filter than telemerketers.

But where is it?

[EggMan2000]

I can't find the referenced att pixel in the html. Is it on the actual DNC list? only see the page saying the list is closed.

There it is!!!

[EggMan2000]

It is http://aens.net/ [aens.net]

Att Managed Services. I assume that it the ISP that is hosting this site or something?

Re:There it is!!!

[jsprat]

And it is inside a <noscript> tag, which will only be fetched if javascript is disabled. Lynx and links will only fetch it if you ask them to.

It looks like its purpose is tracking how many people surf with javascript disabled.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Oh NO! A tracking pixel!

[Kenja]

Sure, it seems like nothing now. But once all the Opera and Mozilla users have been rounded up, put into camps and executed it'll be too late.

Re:Oh NO! A tracking pixel!

[Piquan]

I don't care what they do with those Opera/Moz freaks. I use Konqy, and they aren't going after us.

Re:Oh NO! A tracking pixel!

[Kenja]

First they came for the Netscape users and I did not speak out because I was not a Netscape user.
Then they came for the Opera users and I did not speak out because I was not an Opera user.
Then they came for the Mozila users and I did not speak out because I was not a Mozila user.
Then they came for me and there was no one left to speak out for me.

If Pastor Martin Niemoller had been a Slashdot user.

Re:Oh NO! A tracking pixel!

[Equuleus42]

But once all the Opera and Mozilla users have been rounded up, put into camps and executed it'll be too late.

I'm sure glad I'm using Safari (a Konqueror derivative)... :^)

Re:Oh NO! A tracking pixel!

[Guppy06]

Except that us Moz users also tend to have the PrefBar [mozdev.org] Images checkbox cleared on many sites. Heck, if someone is feeling bored one weekend I'm sure they could hammer out a XUL plugin to automatically disable images (and/or Flash) in certain domains.

Re:Oh NO! A tracking pixel!

[Liselle]

The joke is on them. Opera lets you pretend to be any one of a multitude of web browsers. Right now, I'm MSIE 6.0, tomorrow I could be Mozilla 4.78. Technology is grand!

Re:Oh NO! A tracking pixel!

[Kenja]

For all you know I could have been talking about the Japanese occupation of China, the US handling of accused terrorists, the US imprisonment of American citizens of Japanese descent or any other instance of mass imprisonment. Nothing said has anything to do with Goodwin?s Law, so bugger off ya Nazi. Oh dang.

Re:Oh NO! A tracking pixel!

[c0dedude]

I know you're joking, but that information is really valuable. On a page with that many hits, a survey to be used in web design could be quite accurate of the general population and could likely be sold for quite a bit. Bet that wasn't in the contract... I'm not saying it is, or is going to be, but it could.

Re:Oh NO! A tracking pixel!

[supun]

Oh yeah, just look at it IMG tag!!!! This is bad!!

<img BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1"SRC="http://g6589dcs.nyc2.aens.net/DCS00 0003_6D4Q/njs.gif?
dcsuri=/nojavascript&name=supu n&ip=127.0.0 .1
&likes=long%20walks,ice&cream,supermodels&
dislikes=spiders,spiders,spiders&
breath=bad&cl ean_underwear=false&nose=picking" >

Re:Oh NO! A tracking pixel!

[LVWolfman]

It probably is a counter. AT&T is the company that the FTC contracted to host the DNC servers. That was mentioned in articles when the DNC site went up and got slammed. The articles stated that AT&T was scrambling to add extra servers to the pool to handle the unexpected load.

Kibo?

[kaden]

Kibo [kibo.com] is submitting to Slashdot? Party like it's 1989!

Re:Kibo?

[joe_bruin]

wow, the same kibo of usenet fame now graces slashdot.
for those of you not familiar with one who has been once declared a "USENET Deity", here's a brief article [wired.com] describing the man, the myth, the legend.

Re:Kibo?

[RevMike]

wow, the same kibo of usenet fame now graces slashdot.

No, you are thinking of Joel Furr.

ATT has the contract to impliment the DNC

[Christopher_G_Lewis]

Um...

AT&T Government Solutions Will Operate Do-Not-Call List [donotcall.com]

So?

[Faust7]

Why do they need a 1x1 pixel tracking bug to maintain a Do-Not-Call list? Aren't the telephone numbers of the participants sufficient? What reason directly related to the administration of this list is there for this? If the answers to these questions were obvious, the Register (to give them the benefit of the doubt) wouldn't be asking them.

Re:So?

[Christopher_G_Lewis]

The web bug is to http://g6589dcs.nyc2.aens.net

Aens.net is
AT&T Enhanced Network Services (AENS6-DOM)
POB 919014
San Diego, CA 92191-9014
US

Which is basically AT&T Managed Services.

I'm assuming its a bug to make sure the site is up and running...

Course I could be wrong, and it is a part of a national conspiracy to make my dinner get cold.

Re:So?

[ukyoCE]

It could easily be to prevent someone from writing a script to add every number in the phone book to the list. They may have a flag get raised if for instance one ip address adds 100+ phone numbers

Re:So?

[DAldredge]

Well, the could monitor the damn server directly, see as they run it and all.

There is NO need to track the users of the site. None.

Re:ATT has the contract to impliment the DNC

[edrugtrader]

the common way is to request a script that will generate and return a 1x1px image but pass in the width and height of the browser pane or screen using javascript or java.

then on the server side, associate that data with their session.

personally if you have to do this, i believe you are designing your site wrong.

AT&T has the server logs!

[Anonymous Coward]

The article says, "The FTC confirmed that AT&T Managed Services is its contractor, and hosts the website."

They don't need a 1x1 image to track usage... they have the server logs!

Re:AT&T has the server logs!

[Dark Lord Seth]

The admin has access to the system logs, yes.

However, does the person who WANTS the data has that? If the admin is a bit like me, he'll laugh at the request for access to the logs and tell the person who requested log access to take a hike and find something creative instead.

Re:AT&T has the server logs!

[matthewn]

Server logs don't tell you everything you need to know if you're going to run a serious, full-service Web site -- things like what resolution your lusers are running at, etc. You need to use 1x1 shenanigans for that. Period.

Re:AT&T has the server logs!

[Dave2 Wickham]

Err...what? People visit 1x1 gif => entry in server logs. Using 1x1 gifs is 100% based on server logs.

Re:AT&T has the server logs!

[ChangeOnInstall]

How do you determine screen resolution using an image web bug?

Re:AT&T has the server logs!

[matthewn]

You use javascript to determine browser width and height, which are the measurements you really care about. (I forget whether js can actually get you screen res; if it can, then you can capture those values if you prefer.) Anyway, client-side javascript gets you those values, but how do you get 'em back to the server? You again use javascript to dynamically write out an image tag. Something like <img src="window_widthXwindow_height.gif" width="1" height="1">. You put width=1 and height=1 in the image

Re:AT&T has the server logs!

[edrugtrader]

same data but rant on an editor [slashdot.org] and get -1...

mention "lusers" and get +5...

i love this place.

Re:AT&T has the server logs!

[crapulent]

Uh, what? How does loading a 1x1 GIF reveal anything about your screen resolution? It will simply be another entry in a log file, which records the URL, the IP address, the time, the referer, and the user-agent. All of those fields are present in the log of the server that's serving the main html page.

In order to determine any further info about the user, you'd have to use Javascript to get this information from the DOM, and then somehow code that into a URL which gets submitted or posted to a server so

Re:AT&T has the server logs!

[pediddle]

As other people have mentioned, the image is inside a <noscript> tag, which means it's very simply a tracker to see how many people surf with Javascript disabled. Server logs won't tell you that.

The worst telemarketers...

[Soulfader]

...are the damned phone companies. In our first apartment, 1 out of every 3 calls was Qwest offering us new services. That was the only DNC list I've ever felt the need to be put on.

I can't fathom what they think they might do with this information, though. Maybe my mind isn't quite twisted enough...

Incest?

[rlandrum]

Big Brother and Ma Bell in cahoots? Say it's not so!

I'd be willing to bet that after the collosal failure of the FTC site after launch that the FTC sought the hosting services of a more robust entity. AT&T probably said "IT" first.

The real question

[b1t r0t]

Kibo is the one who found this?

In that case, what everyone really wants to know is: "Is AT&T allowed [slashdot.org]?

Re:The real question

[RevMike]

Real men don't go to kibo.com, they contact kibo through kibo@world.std.com.

Kibo # 66

AT&T is owned by spot, so it is not allowed.

Kibo numbers, anyone?

[Tackhead]

> Kibo is the one who found this?
>
> In that case, what everyone really wants to know is: "Is AT&T allowed ?

I SLASHDOTTED K1B0!

Does that mean I can finally use a fractional Kibo number?

Or at least put a "K++++andahalf" in my Geek Code entry? I mean, [censored]ing Kibo's webserver is pretty close to [censored] with Kibo himself.

Re:The real question

[YOU LIKEWISE FAIL IT]

Kibo is the one who found this?

Yeah, they must have put put "kibo" in the ALT tag or something, I guess.

--YLFI

But....

[MobileDude]

It's just a tiny, wafer-thin image...

(please review Monty Python Meaining of Life prior to modding down)

Re:But....

[pboulang]

Please do not use any more Monty Python humor. That wasn't in the least bit funny. John Clease is coming to kick your ass.

AT&T is a huge corporation

[dcocos]

I'd be willing to be that AT&T hosting people don't even know that the AT&T phone people exist.

Re:AT&T is a huge corporation

[southpolesammy]

As someone who used to run www.att.com [att.com], I think I can safely say that they know each other.

Intimately.

Hmmm

[NeoSkandranon]

Checking the page info with moz Firebird...i don't see it. Maybe they got rid of the thing?

Ahem...

[inertia187]

Will someone please tell me what would prevent a telemarketing company outside the US from obtaining this very accurate list of phone numbers?

Re:Ahem...

[Anonymous Coward]

Nothing, considering they will be getting it on cd from the FTC in order to comply with the program if they are conducting buisness within the US, just like every other telemarketing company.....

Re:Ahem...

[keesh]

From most countries it costs a fair bit to call the US... So probably not worth the money.

Re:Ahem...

[NeoSkandranon]

Long distance charges.

Re:Ahem...

[JayBlalock]

Hey, better yet, let's combine it with the "809" Telephone Scam. People on that list are going to assume any business call left on their machine is legitimate - OR else be calling to get the ID of the company so they can sue. They'd make millions. (look here [about.com] for info on the basic scam)

Re:Ahem...

[edrugtrader]

i just found this list on a soviet russia telemarketing list... i think they already got it!

(408) 100-0000
(408) 100-0001
(408) 100-0002
(408) 100-0003
(408) 100-0004
(408) 100-0005
(408) 100-0006
(408) 100-0007
(408) 100-0008
(408) 100-0009
(408) 100-0010
(408) 100-0011
(408) 100-0012
(408) 100-0013
(408) 100-0014 ... ...
seriously, this goes on for pages!

huh?

[scovetta]

How is this a problem? The URL is not dynamic, so unless there is a back-end conspiracy between the dnc list and AT&T, what the hell is AT&T going to do with 50 million IP addresses? They can't look them up to people unless they get info from elsewhere. If AT&T and the dnc list were sleeping together, then the dnc list could give AT&T the IP/name/phone/etc ANYWAY, and that would be a MAJOR betrayal of trust. It's probably just for web-traffic analysis-- pretty standard these days, so the dnc people can say, ooh, 3000 people per second are signing up, and the such.

AT&T does in fact manage it

[Qbans]

I remember seeing one of AT&T's agents concerned about the amount of E-Mail being generated from the site and posted it on NANOG (North American Network Operators Group) which you can see here. [merit.edu] I don't really think that there is any "shady" tactics going on here, I think it's more for one of their in house monitoring apps, especially considering the amount of traffic [merit.edu] that they received initially.

check the privacy policy

[I Want GNU!]

First off, they can log information with or without these "web bugs." I know this because I run my own websites and I track visits because I like knowing how much traffic I'm getting, with what terms, etc.

Given that, this article is useless.

But even more so, if you go to the site it says at the bottom:

This site is operated by Consumer.net and is not operated or controlled by the US Government or the telemarketing industry

Consumer.net testified at Federal Trade Commission Workshops for Internet Privacy in 1997 and the "Do-Not-Call" Forum in 2000.
Consumer.net authored a paper for an Online Profiling workshop at the Department of Commerce in 1998.

The Consumer.net Privacy Policy is found at PrivacyPolicy.com

This privacy policy states:

Web Site Log Files: We site log files are generated that collect the IP Address of the visitor, date, time, and pages visited. Aggregate reports for web site visitors are generated that do not contain personally identifiable information.

Advertising reports are generated that show the IP addresses of visitors who clicked on ads. This information may be sent to the advertiser to confirm the number of "click-throughs." The advertiser normally already has this information as a result of the user clicking on the adverstisement. No additional information about the visitor is supplied to the advertiser. The log files are eventually deleted.

There. Case solved. Stop being paranoid about such silly things. If you want to be paranoid, be paranoid that the MPAA might accidentally associate your IP with file sharing even if you don't file share, or be paranoid that John Ashcroft is using the PATRIOT Act or Patriot Act II (to be introduced in Congress soon) to spy on you for reasons unrelated to terrorism (as he has done). Better yet, donate some money to the ACLU [aclu.org] to protect your civil liberties or to the EFF [eff.org] to protect your electronic freedoms.

Re:check the privacy policy

[oGMo]

There. Case solved. Stop being paranoid about such silly things. If you want to be paranoid, be paranoid that the MPAA might accidentally associate your IP with file sharing even if you don't file share, or be paranoid that John Ashcroft is using the PATRIOT Act or Patriot Act II (to be introduced in Congress soon) to spy on you for reasons unrelated to terrorism (as he has done). Better yet, donate some money to the ACLU to protect your civil liberties or to the EFF to protect your electronic freedoms.

Copy and Paste?

[akiy]

Soooooo....

What would happen if all of us started putting the below image on all of the websites that we run?

Hmm...

<img BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1" SRC="http://g6589dcs.nyc2.aens.net/DCS000003_6D4Q/ njs.gif?dcsuri=/nojavascript">

Now THIS is interesting...

[MP3Chuck]

Shortly after I signed up for the Do Not Call list through the website, I began recieving calls (about 4 calls since around Sept 1, I believe) from AT&T about getting long distance service. Or I was eligable to recieve a phone card. Or something. I wasn't really listening. Since I live on a college campus there's really no reason for them to be calling.

Re:Now THIS is interesting...

[Esion Modnar]

Which is why I'm not an early adopter of anything. Not PDA's, cellphone, digi-cams, or do-not-call lists. I wait and see how many people walk into the whirling abattoir blades, before I decide to buy or sign up.

Its to count the number of people w/o javascript..

[molo]

Here is the snippet from the page http://www.donotcall.gov/ Note that the img tag is embedded in the noscript tag. That is, this img is only loaded in graphical browsers that don't use javascript. Since AT&T has the government contract to implement the DNC list, I don't think there's anything sinister going on here, they just want a count of the number of users that don't use/enable javascript.

-molo

<noscript>
<img BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1" SRC="http://g6589dcs.nyc2.aens.net/DCS000003_6D4Q/ njs.gif?dcsuri=/nojavascript">
</noscript>

And finally, monsieur, a wafer-thin mint.

[Ichijo]

KABOOM!

Warning

[nochops]

Warning:

Your computer is broadcasting an "IP Address" which others can use to track your activity on the Internet.

Gimme a break. This is every bit as lame as the above message we've all received as popup spam.

Here's the 1x1 image in question

[carlmenezes]

From the source code of http://www.donotcall.gov/:

<span id="userHeader_lblError"><!-- Date: 10/8/2003 Time: 6:53 PM From: W3 --></span>

<br>
<noscript>
<img BORDER="0" NAME="DCSIMG" WIDTH="1" HEIGHT="1" SRC="http://g6589dcs.nyc2.aens.net/DCS000003_6D4Q / njs.gif?dcsuri=/nojavascript">
</noscript>

.....

Chances are...

[ElYonderboy]

YHBT. YHL. HAND.

Yawn

[4of12]

Those of us behind proxies (Squid) aren't too concerned about ATT finding 500 sign ups coming from megacorp.com .

They've probably found out that many dozens of employees at att.com have been signing up to avoid voice spam.

But maybe MY tin-foli hat is on too tight

[orthogonal]

I'm glad this was reported, and I think it needs to be looked into more closely.

But.

There's this taunting little voice in my head wondering if somebody didn't say,

Web Developer 1: "Hey, let's add a web bug to Do Not Call page, and then we'll leak it to Slashdot."

Web Developer 2: "WTF would we want to do that?

Web Developer 1: "So when they find out about it, we can watch those Slashdot monkeys dance!"

Web Developer 2: "Yeah, yeah, dance dance dance in their tin-foil hats! Coool!"

Oh yea they wanna do that, how about this

[codepunk]

Just link that image into the slashdot home page. That ought to give them about 6 million worthless hits per day...

Boy do I feel less than 'leet doing this

[be-fan]

Could somebody tell the non-web-developers in the audience how a 1x1 pixel can track you? Sounds a bit evil to me...

Re:Boy do I feel less than 'leet doing this

[(H)elix1]

Could somebody tell the non-web-developers in the audience how a 1x1 pixel can track you? Sounds a bit evil to me...

Most folks call them web bugs. The idea is the img src makes an HTTP request to a web server - the sneaky buggers then return a transparent 1x1px graphic. One the client side, it has very little impact. On the server side, you get all sorts of data you can mine from the request - browser type, os, IP, etc - usually just pulled from the log files, though some go strait to cgi (or their co

My Personal Struggle Against AT&T Telemarketin

[istartedi]

Thanks to Google for archiving [google.com] my struggle against AT&T.

Not sure if I mentioned it in the USENET postings, but I just started documenting things around Oct. 1, when DNC was supposed to go into effect. We registered our number almost as soon as DNC was available. In reality there were at least 10, perhaps even 15 calls to me from AT&T "Advantage" wireless, and even without the DNC they are still not supposed to be telemarketing me after I've informed them that I don't want to be called.

I have n

ATT Persistence

[Austerity Empowers]

I am under the impression that AT&T and other regulated telephone and airline agencies are already regulated in terms of telemarketing calls they can make and are not affected by the Do Not Call list. At least that's what the rules of the do not call list indicate.

Maybe we're just a little paranoid?

Web bugs are a violation of federal policy

[sakusha]

I clearly remember reading that the fedgov had implemented a strict ban on web bugs and cookies. I couldn't find the exact law, but here's an interesting tidbit from a .mil site:
http://www.defenselink.mil/nii/org/cio/doc/ cookies .html

The Office of Management and Budget (OMB) has reaffirmed (attachment 1) that it is Federal policy that each Federal agency operating a public web site, or contractors operating such sites on behalf of an agency, must post clear privacy policies at their principal web sites, at known, major entry points to the sites, and at those sites where the agency or the contractor collects substantial personal information from the public. The OMB emphasizes that it also is Federal policy that web technology, such as "cookies," should not be used at Federal web sites to identify and track the activities of web users unless a compelling need exists to collect such information, appropriate publicized procedures are established to safeguard the information, and collection has been personally approved by the head of the agency.

Telemarketers can suck my disk.

[rice_burners_suck]

Hmmm... I know a lot of people who signed up for that stupid do not call thing. They hardly ever got calls before. But now, they're getting tons of telemarketing calls. Know why? Because the law doesn't take effect until next year, and in the meantime, telemarketers have access to the list. Furthermore, to show you how stupid government is: The government is now mandating that companies purchase the list of people they cannot call, and furthermore, the law says that only companies that purchase this list are affected by the law. In other words, if you don't buy the list, you can make the calls. Punishing the companies that did buy the list. Does that make any sense?

That's your tax dollars at work.

It only goes to prove that GOVERNMENT SHOULD NOT GET INVOLVED IN STUPID STUFF LIKE WHO CAN CALL WHO. Don't like telemarketers? Nobody likes them? Then run marketing campaigns all over the damn country that tell everyone to HANG UP when a telemarketer calls! If EVERYBODY hangs up WITHOUT listening to anything that telemarketers say on the phone, then guess what? THE TELEMARKETERS WON'T CALL ANYMORE, BECAUSE IT WOULD NO LONGER BE PROFITABLE ANYMORE!!!

Check out the site's suspicious JavaScript

[Animats]

You can read the Do Not Call site's Javascript. [donotcall.gov] Here's an excerpt:

• // START OF Data Collection Server TAG
  // Copyright 2002 NetIQ Corporation
  // V2.1
  ...
  var dcsADDR="g6589dcs.nyc2.aens.net";
  

What's that doing in there?

There's also a link to Microsoft's Intellisense web site on the Government's Do Not Call page, but that looks like typical Microsoft dreck from their page generator. The "NetIQ" stuff was put there on purpose.

All this is totally unnecessary. The pages are so simple that all this stuff is doing nothing useful.

Re:Not for "tracking"

[NotAnotherReboot]

There is no reason to have a 1x1 pixel image except to track usage. Whether this is shady or not is up for debate; AT&T is contracted to run the site.

Re:Not for "tracking"

[valkraider]

Unless it's a really cool image for people with really low resolution monitors...

Re:Not for "tracking"

[jafiwam]

I'd like to point out a reason why someone might put a 1x1 pixel gif in a web page.

Not all versions of IE and Netscape (especially the versions earlier than 4 and 5 of both) render table cells correctly unless there is an object in the cell. Sometimes the cell border is not drawn, or the size specification of the cell is ignored by the browser (which then in turn messes up the layout). So a single-pixel, transparent gif or a non-breaking space character can be put in the cell to make it behave. As a occas

Re:AT&T is more than a phone company

[JayBlalock]

Then why doesn't the FTC own up to it? I agree, simple user tracking would be a completely legitimate use for the "bug" - but if that was the case, they'd be completely up-front about it, wouldn't they?

Then again, in this government, it seems nebulous quasi-denials that sound suspicious are the defacto norm...