Logo

RealityCheck Report from Remar Sutton header

September 2004

Online Marketing—You’re a Target, and in Ways You Can’t See

Ads are everywhere—on the TV, in newspapers and magazines, in your mail, and especially online. We are so used to seeing ads that we typically pay little attention to them. But the advertisers are always trying to change that—they want to make the ads more relevant. Now as you take advantage of the Information Highway, your use of the Internet offers advertisers new ways to target your interests and personal information, and, they hope, your wallet. In a nutshell, this report tells you how they are doing that online and what you can do about it.

Advertising fuels many websites by providing the revenue that allows them to pay the bills. The more effective the ad, the better the dollars. And the more the ad is tailored to specific individuals, the more effective the ad. So marketing and advertising companies are always refining their ways to gather and use information about you.

Here are several examples of how information is currently being used to target individual consumers for marketing barrages.

  • Google is beta testing its “Gmail” e-mail service. This service scans each email message you send or receive, then shows on-screen text ads that relate to the content of the email message. Although the Gmail privacy policy states that advertisers receive no personally identifying information, many consumer privacy advocates have raised alarms about the intrusion into personal communications and the potential for abuse.
  • Most websites have business relationships with ad services. As you surf the Web visiting a number of sites, the ad services collect data on your surfing. Then the ads displayed on your screen (either embedded or popup, banner or text) start to reflect the sites you’ve visited. For example, if you visit travel-related sites, more travel-related ads are displayed.
  • Let’s say that you frequently visit a retail site that sells a variety of items. You usually visit the electronics and video pages to see what bargains are on offer. Tracking this pattern, the website begins to display ads on electronic and video items every time you log on.
  • Using information collected online can go beyond targeting you online, too. Recently, a friend was T-boned at an intersection, resulting in an unplanned search for a new car. She visited the websites of several local car dealers. She didn’t request any information, fill out any forms, or provide any identifying information. A couple of days later she received a phone call from one of the dealerships—“I see that you are looking for a new car.” The dealership had used information collected about her surfing to personally identify and contact her. Incidentally, with that one phone call, that dealership lost any possibility of a sale to this consumer.

How The Marketers Collect Information

So just how do marketers and ad services and other companies gather information online about you? Here are several ways.

Cookies. Cookies (identification files placed on your computer) are used in various ways to collect information. And that’s not all bad:

  • Some cookies are absolutely required for security purposes. Financial institutions such as your credit union must use cookies to enable and protect your online banking services.
  • Cookies are necessary to implement online shopping carts.
  • Cookies are used for personalizing a site.
  • Other sites use a cookie to track how frequently you visit a site and what you’ve looked at on the site to enhance their site content.

Now for the potentially bothersome use of cookies: Ad companies use cookies to track the sites you’ve visited. Look closely at the web page addresses (on the status bar at the bottom of the window) as your browser loads a page. You will see addresses other than the site. These addresses may be requesting the ads you see on the page. For example, an ad company will place a cookie with an ID on your machine the first time you visit a page with an ad served by that company. The ad company can then use that ID to build a database of the pages you’ve seen from any website you’ve visited; it doesn’t matter whether these websites are clients for the ad service or not—they can collect and use them all.

Protocol info required to use the Internet. Just as you can’t call a friend without knowing his phone number, your computer can’t connect to and use the Internet with out having an IP address. So the act of visiting a website necessarily provides information to the site. The primary information is your computer’s IP address (assigned by your Internet Service Provider, or ISP), and usually the date and time of day, your browser and version (such as Internet Explorer 6), and your operating system (Windows ME or XP, MacOS, etc.). Some browsers send out your email address. Even your ISP may be identified. The previous site you visited may also be identified.

Registering to use a site. You provide information when you register to use a site. The web company may call it “free” registration—it doesn’t cost money but it probably costs some personal information. This information can be as little as a username and password or it can be filled with demographic information: name, address, phone number, sex, age, income range, marital status, hobbies, etc.

You may have good reasons to register at a site. For example, registration may provide access to additional information or services on the site, such as additional articles on a newspaper or magazine site. Or you may wish to customize the home page or entire site that you visit regularly. But you need to be aware that registering provides marketable information to the company (even if they are only “marketing” internally as many privacy statements assert). Another trend is that many sites that formerly required no registration are now requiring it. One newspaper recently wanted to know my exact age and my income just so I could read a sports story, and another site I ran across recently required registering to get a printer friendly version of an article.

Spyware. Programs on your computer can also collect information. These programs are typically called “spyware,” although marketers tend to call them “adware.” Some of these programs tag along with another program that you choose to download. The program that you wish to download may or may not openly state that the adware exists (many bury this fact in the license agreement usually at the very end). Other programs get loaded without your permission into your machine when you visit a website.

How to Control the Marketing Machine

The good news is that you have some control over the harvesting of your information. Follow these steps to better control the marketing machine:

  • Read the site’s privacy policy before providing any personal information. Don’t sign up with the site if you don’t agree with it.
  • Provide only the minimum information required. Look for indications, such as an asterisk (*) or boldface type, for the required fields.
  • If you decide not to use the site, give them feedback on why you won’t sign up.
  • Look for the opt-out and opt-in sections. Make sure you scroll to the bottom of the registration page to look for all the fields. A few sites put the opt-out/opt-in check boxes below the submit/signup/continue button. On a few sites, I’ve found the opt-in check boxes already selected.
  • Check your account information and personal settings regularly. Some sites reserve the right to change their policies without notification. I’ve had at least one site change their marketing preferences, setting all the choices to yes.
  • Take control of your cookies. Set your browser to show you cookies before setting them (be prepared to be bombarded). Another option is to use a cookie manager. Some Internet security software packages such as Norton Internet Security or McAfee Internet SecuritySuite include cookie managers. Cookie manager programs are also available. Some firewalls, such as ZoneAlarm Pro, contain cookie managers. Rejecting all cookies will limit what you can do on the web. Legitimate uses of cookies include online banking, shopping carts, personalizing a site, and automatic site login.
  • Don’t allow your browser to store your personal information. This is a trade off between convenience and privacy.
  • Check your machine for adware/spyware. Use a free program such as Ad-Aware or Spybot Search & Destroy. PestPatrol costs $39.95 or try their free online scanner. The Symantec and McAfee Internet security packages also look for some spyware.
  • Change your browser settings to not allow programs to be automatically downloaded and installed. At the very least have the browser ask you before it does it. When you are asked, don’t just click yes without understanding what is happening. The best bet is if you don’t know the reason for the download, click No.
  • Use a firewall, particularly one that blocks outgoing transmissions not just incoming. The Symantec and McAfee Internet security packages contain firewalls. A free firewall is ZoneAlarm (also has paid versions).

The EPIC Online Guide to Practical Privacy Tools has links to numerous tools— including cookie busters, firewalls—that may help protect your privacy online. EPIC is the Electronic Privacy Information Center.

 

Prepared for Elevations CU by Remar Sutton & Associates, September 2004. All rights reserved.

RealityCheck Tip

RealityCheck Reports may link to sites provided by a variety of sources. Even though we review sites for credibility and reliability, RealityCheck, of course, can't control advertising and other links on these sites. We advise ignoring pop-up ads, links to sales of products and service, and the like.