By: Jason Williams
The DoubleClick Controversy
The attention snowballed for online advertising firm DoubleClick this
month. What began as independent expressions of discontent in the form
of six individual lawsuits grew to inquiries by two states’ attorneys
general and a Federal Trade Commission (FTC) investigation.
All this over a bunch of cookies?
But these are no ordinary Oreos. These cookies are tiny strings of
data, usually text files, that are stored on a user’s hard disk when he
or she visits a particular site. Originally designed to provide e-
commerce sites (e.g., Amazon.com) and personalization sites (e.g., My
Yahoo!) with stored user profiles, online cookies are being used by
DoubleClick to track the Web-surfing habits of specific users for
marketing and advertising purposes.
Why should newspaper Web sites be paying attention to the great cookie
First, a few newspapers, such as The Washington Post and the New York
Daily News , allow DoubleClick to post its cookie-giving banner ads on
their sites, and DoubleClick has been courting additional newspaper Web
habits could lead to problems for reporters using the Internet to work
on controversial stories.
DoubleClick essentially uses banner advertisements on a variety of
sites to send out the cookies, which allow information to flow between
the user and the server. DoubleClick then collects the information from
the cookies and matches it to known factors in its database to
construct a detailed user profile for advertisers and marketers.
For example, if a report details that a specific user visited the Major
League Baseball Web site six times in one week, interested parties
could use DoubleClick’s information to target that user for baseball
an invasion of Web-user privacy and could lead to misuse of the
DoubleClick executives did not return a number of phone calls
requesting comment for this story.
In an official letter of complaint to the FTC, the Electronic Privacy
Information Center (EPIC), a public-interest research organization,
predicts that DoubleClick’s enormous database (made larger by the
acquisition of the direct-marketing firm Abacus) ‘is likely to cause
substantial injury to consumers.’
‘The opportunities for an individual to secure employment, insurance,
and credit, to obtain medical services, and the rights of due process
may be endangered by the misuse of certain personal information,’ reads
the EPIC letter.
Newspaper Web sites in the DoubleClick network, therefore, may be
contributing potentially damaging details to the user’s DoubleClick
profile, according to the EPIC argument. Of course, these profiles
could also affect newspaper reporters who happen to be investigating
controversial stories on a Web site included on the DoubleClick
In such cases, reports on Web-surfing habits may tag the user with an
undeserved categorization, and the user may be bothered by special-
interest groups or others who have purchased the information from
According to Media Metrix, 45.8% of Web users visited a DoubleClick
network site in December 1998, and, according to the EPIC, ‘DoubleClick
has compiled approximately 100 million Internet profiles to date.’
Under the ‘Options’ or ‘Preferences’ menus, most current Web browsers
can be set to reject cookies or alert surfers when one is being sent,
but such settings make shopping on the Web or using personalized
portals at best very tedious to click through and at worst inoperable.
In March 1998, the U.S. Department of Energy’s Computer Incident
Advisory Capability released a study on cookies, in which it stated
that, ‘The vulnerability of systems to damage or snooping using Web
browser cookies is essentially nonexistent.’
But a year earlier, in the first edition of the West Virginia Journal
of Law and Technology , Viktor Mayer-Sch?nberger argued that all cookie
usage is potentially harmful to the consumer if regulations are not
‘Existing regulations, targeted at protecting personal information,
limit the use and application of cookies. Current cookie usage violates
these regulations and browser producers unwilling or incapable of
bringing their products into accordance with these laws both risk legal
liability,’ wrote Mayer-Sch?nberger.
DoubleClick isn’t the only online operation to get flak over the cookie
issue. A Texas lawsuit against Yahoo! and its Broadcast.com subsidiary
accuses the megaportal of ‘stalking’ by tracking its users’ Web surfing
Whether more cyberstalking lawsuits will pop up against others in the
cookie business remains to be seen, but DoubleClick intends to take the
bull by the horns with a privacy initiative of its own.
In a statement released Feb. 14, Kevin Ryan, president of DoubleClick,
announced the company’s intention to launch a $50-million banner-
advertisement campaign to educate consumers on their privacy rights.
The banner ads will take the user to http:// www.privacy.org where they
will be able to ‘opt-out of the DoubleClick cookie with only two
clicks,’ officials said. However, the site is dominated by privacy news
and information and finding the correct ‘cookie cutter’ for DoubleClick
isn’t as easy as it sounds.
The campaign also involves the creation of a Consumer Privacy Advisory
Board and chief privacy officer to advise the company; a strict policy
of working with companies to insure ‘effective’ privacy policies; and
‘periodic privacy audits’ of DoubleClick’s business practices by
‘DoubleClick is proud that we already have one of the strongest privacy
policies on the Internet. The major steps that I announced today will
strengthen that policy even more,’ said Ryan. DoubleClick’s privacy
statement allows for some collection of ‘personally identifiable
information’ on its Web site and its subsidiary Abacus Online, if the
user has agreed to volunteer the information. But the policy assures
users that ‘DoubleClick is committed to providing meaningful notice and
choice to users before any personally identifiable information is
submitted to us.’
Despite the campaign, however, the heat from the lawsuits and inquiries
has resulted in a meltdown of DoubleClick’s market valuation. Shares
fell 187/32 from an opening price of 1113/8 after the Feb. 16
announcement of the FTC investigation. The following day, the company
sold investors 7.5 million shares at 901/4 in a public offering. The
shares closed that week at 9229/32.
Whatever the outcome of the DoubleClick cookie investigation, it is
likely to make an impact on the way cookies are used on the Web, and
may force Web sites into finding alternatives for tracking and
analyzing their audiences.
Jason Williams (firstname.lastname@example.org) is a reporter for
Editor & Publisher magazine.
(c) Copyright 2000, Editor & Publisher