DoubleClick Accused of Double-Dealing Double-Cross

Washington-based watchdog organization the Center for Democracy and Technology (CDT) has launched a hard-line campaign against an alleged effort by online advertising service DoubleClick, Inc. (Nasdaq:DCLK) to track individual identities and actions online and tie them to offline behavior.

The group kicked off the campaign Tuesday by launching a “Websit” under the slogan I Will Not Be Targeted, where users can opt out of Doubleclick’s profiling activities; send an e-mail to Doubleclick’s CEO, Kevin O’Connor, objecting to the tracking; and e-mail Doubleclick’s member Web sites telling them not to sell or disclose individual identities to Doubleclick.

According to CDT Staff Counsel Deirdre Mulligan, “You may have already been double-crossed by DoubleClick or you may be next in line. In either case, if you care about your privacy and want to surf the Web without your every move being recorded in a giant database connected to your name, its time to opt-out of DoubleClick’s profiling.”

“Once Doubleclick knows who you are, it can tie information about your use of the Web garnered through its cookies to information about your offline habits,” Mulligan added. “Opt-out is not a perfect solution to privacy concerns online, but it’s something you can do right away and we’ve tried to made it quick and easy with our online resource.”

Lawsuit Pending

As recently reported by Newsbytes, DoubleClick has been hit by a lawsuit brought by a Californian woman who alleges the company unlawfully obtained and sold private personal information. The company is also the target of a complaint filed by Internet privacy group Electronic Privacy Information Center (EPIC) with the Federal Trade Commission (FTC), which will reportedly consider the action on February 4th.

DoubleClick also was cited as a culprit in passing on sensitive customer information from medical Web sites in a report released Tuesday by the California HealthCare Foundation. DoubleClick Senior Vice President Jonathan Shapiro said his company has one goal in recording which Web pages and Internet ads consumers see on its network.

“This is about getting the right ad to the right person at the right time. I believe it’s important for users to understand that the only time that DoubleClick… will actually have personally identifiable information attached to a browser is where the user has volunteered the information and been given notice and choice,” Shapiro added.

But, CDT contended that DoubleClick uses cookies to link online surfing habits and purchases with offline names, addresses and other identifying information, threatening to deprive consumers of control over their identity online.

Major Sites Involved

The group said DoubleClick’s network includes major sites such as AltaVista, the New York Times, Sesame Street, CBS SportsLine, Travelocity, drkoop.com, Mindspring, TheStreet.com, NBC and the Wall Street Journal.

CDT conceded that it doesn’t know for sure which of DoubleClick’s member sites are actually passing on user information.

By utilizing their Opt-out Website, the organization said users who care about their privacy can take action against DoubleClick, reassert control over their data and send a message through the marketplace that anti-privacy business practices don’t pay.

CDT described DoubleClick’s tracking and profiling system as one which plants a cookie when a user visits one of the sites in the DoubleClick network, and added that most users don’t know the cookie is in operation. The group contends this allows DoubleClick to recognize an individual computer when the user visits the same site again or another site within DoubleClick’s network, allowing the customization of content and advertisements based on prior visits.

CDT inferred that DoubleClick uses the data to compile user profiles that may contain “inferential” or “psychographic” data, based on surfing habits.

Computers Versus Users

The watchdogs said that DoubleClick has repeatedly stated that its cookies identified computers but not users, and that it couldn’t link cookies to names and home addresses or other elements of personal identity and didn’t want to do so. But, CDT said, DoubleClick now acknowledges it has begun to tie surfing habits and online searches to personal identity and asserts that DoubleClick has quietly entered into pacts with at least 10 unidentified Web sites to collect names, addresses, and other personal information, including credit card numbers.

Moreover, CDT stated, DoubleClick can tie information about Web usage to offline habits from data gathered by DoubleClick’s recently acquired Abacus Direct Corp.’s online purchasing database. DoubleClick officials said users already have the opportunity to “opt out” by going to the company’s Website and hitting an opt-out button, but privacy advocates declare the option is ineffective because many users don’t realize the extent to which they are supposedly being tracked.