The pages in this forum set a cookie (user@stats1.clicktracks[2].txt) which is a known means of tracking people across the Web. Why do you do it?

No reply?

Personally, I object to a Web profile being built up about me by miscellaneous companies, and I imagine that most people would think the same. I'm amazed that this forum goes along with it.

Phil, let me ask you what may be a technical question or two. In any forum:

>What's used by forums so that when a member returns they don't have to sign in again - every time?

>What's used by forums so that threads are visibly marked so that an individual can see whether he/she has already looked at the thread or hasn't seen it yet?

>What do all VBulletin forum installations (and some other as well) use so that you can look and see which members (and guests) are currently in the forums?

>What mechanism is used to identify and keep track of how many posts members have done?

Hey Phil,

let me assure you, I'm not trying to ignore this question - I just didn't see it until today, and it's been a busy one.

I completely understand the concern about privacy -
I'm the person responsible for reviewing Clicktracks usage here on the forums and SEW, but I can tell you I personally do not have the time to build up review your complete web profile and would never use that information that way.

i know this doesn't specifically answer the question, but there is a lot of info about Clicktracks cookies here:
http://support.clicktracks.com/clicktracks/search/search.php?query=cookies&search=2

I've also asked the folks at Clicktracks to address the issue if they can as well.

Marcia. The answer you are looking for is cookies, although it's not the correct answer to some of the questions you asked. I'm not at all concerned about cookies from this site. It's the 3rd party cookie that is planted by clicktracks that concerns me, because it is classed by Lavasoft (Ad-Aware) as a data miner, and I am sure that there is very good reason for them to class it as such.

Elisabeth. I didn't think for a moment that anyone connected with this site is gathering information to build people's Web useage profiles. My concern is that clicktracks do that. It's almost 2 a.m. here and I'm too tired to read the stuff from the link, but I'll read it tomorrow and post again.

I've just learned something that I never knew before. From the clicktracks documentaion:-

XYZ Ad Network's third-party cookies follow a standard format that makes them readable by any web site, regardless of what web site issued the cookie. I never knew that some cookies can be read by all websites.

Having read some of the stuff that you pointed to, Elisabeth, I understand your useage of clicktracks cookies because of your various sites - assuming that's the reason you do it. But since it is clicktracks who deliver the cookie, you have no control over what they may do with the data that they are capable of gathering. Every time they deliver a cookie, thay can store information about who (IP) requested it and from which site, and since their system is used on many sites, they can build profiles of people's Web useage.

I am happy to receive cookies from sites that I trust, like this one, but I am not happy to receive them from sites that I don't know. It's something that concerns me, and I am sure it would concern many people if they knew about it.

I understand that there's a Firefox extension that can block third-party cookies en mass. IE users (like me) can block cookies from certain sites. So far I've blocked clicktracks and another one, but I haven't been to many sites since I noticed it happening. I've set my brower's Privacy to always prompt when a cookie is being delivered. In the prompt I can see what the cookie is and allow it or not as I choose. Sites that don't cause third-party cookies can be set to always allow, and when a third-party cookie is seen, it can be always blocked, so the prompt doesn't come up all the time.

I'm sorry Elisabeth. I am more than happy for SEW to gather information about my useage of your various sites, but I'm not happy to allow unknown (to me) companies like clicktracks to gather that information, because they could put it together with my useage of other sites where their system is in operation, and, if their system is widespread, compile a pretty comprehensive profile of my Web useage.

Hi Phil

Without detracting from your concerns - here's an option:

In IE 6:

To adjust your cookie settings:

Select Internet Options from the Tools Menu.

In the Internet Options dialog, click Privacy tab -> Advanced button.

In the Advanced Privacy Settings dialog click the Override Automatic Cookie Handling to adjust the settings. You can Accept, Block or be Prompted about both first-party and third-party cookies. First-party cookies are those used by the site you're actually visiting. Often these are benign and you'll want to allow them. Third-party cookies are those planted by sites external to the one you're visiting. ...... The Always Allow Session Cookies option lets you permit the creation of session cookies. These are cookies that are used purely during your current IE browsing session; as soon as you close the browser, all session cookies are deleted.

If you want more specific control, return to the Privacy tab and, under the Web Sites section, click the Edit button. This opens the Per Site Privacy Actions dialog, where you can specify site addresses and allow or block cookies on a site-by-site basis. http://www.geekgirls.com/windowsxp_ie6.htm

In Firefox - using the Chris Pederick web developer toolbar, you can both block cookies, and hide referrer details - and easily toggle these settings on and off.

Thanks Chris. That's exactly what I'd done :)

I guessed so Phil. :)

Nevertheless, I thought it would be good to provide instructions in case anyone else reading this thread wanted to know how to disable cookies....

It was a 'pre emptive answer' post :)

And a very good one!

I've spoken with the fine people at Clicktracks to get a direct and clear answer on the issue - and they actually have a newsletter interview with John Marshall, about Clicktracks & Privacy Issues (http://www.clicktracks.com/newsletter/clicktracks_privacy_explained.php).

Specifically, I thought these were helpful comments:


AH: So there are many different ways to collect the data. But who can see my visitor data?

JM: Well, first, let's talk about what web analytics vendors say they will and won't do with your data. Almost all Web analytics vendors promise that they won't sell your visitor's data. However, they don't rule out the possibility of using your web analytics data for business purposes. And recently, we've had many customers point out to us their discomfort with using web analytics from a business whose purpose is to provide advertising—and I've got to admit that their concerns make sense to me. Even if a potential customer doesn't choose ClickTracks, we urge them to choose a web analytics solution from a vendor whose primary business purpose is to provide web analytics to the paying customer.

So on to who can see your visitor data. Here at ClickTracks, we maintain a strict policy that forbids viewing or use of a customers' web analytics data unless requested to do so by the customer for support purposes. In other words, we don't look at or use your data if you don't expressly ask us to. Period....



AH: Why does my anti-spyware program highlight cookies from ClickTracks as ‘critical'?

JM: Well, firstly they're not critical. There is nothing inside the cookie beyond a number, and no ability to track that number across different sites. There's nothing to identify an individual or know anything about them. Anti-spyware programs exaggerate this stuff because the more items they list, the ‘better' they appear in the eyes of users. People prefer to see the antispyware program do something, and everyone has a bunch of cookies on their machine that are easy scapegoats


Clicktracks also does recommend using 1st party cookies over 3rd party.

Thanks, Elisabeth.

It doesn't alleviate my concerns though:

However, they don't rule out the possibility of using your web analytics data for business purposes.I don't know what "business purposes" Clicktracks might use the data for, and that part of the interview doesn't say that they don't store IP and site data on their servers. If they store that data, then they are capable of putting together reasonable Web useage profiles of people if they choose to do so for their business purposes. That's because Clicktracks is (presumably) used on many sites.

The number in the cookie itself is irrelevant. It's the IP and site data that they are very capable of storing, and probably do, that concerns me.

I now have all 3rd party cookies blocked, so I'm not personally concerned any more, but thank you for looking into it.

Would I be right in assuming that, if you are only using 1st party cookies, then data isn't passed back to Clicktracks? From your last sentence, it sounds like it may be passed back, and perhaps the reason they recommend 1st party is because people won't block all 1st party cookies.

Hello Phil,

This thread was just brought to my attention. I understand your concerns about visitor privacy. You may be surprised to know that ClickTracks is a regular advocate of protection of visitor data privacy. Part of our business is to provide reliable hosted data collection on behalf of our customers. These customers entrust the collection of raw data to us, and then download it from our secure servers in order to analyze aggregate visitor behavior on their websites. We have no business reason to look at this data, to analyze it or to cross analyze it among multiple sites (it's actually very hard to do, and we have no reason to build the infrastructure to do it). In addition, we believe that to do so would break our customers' trust and damage our business reputation.

By the way, the other part of our business purpose is to license web analytics tools that keep all visitor behavior data behind the firewall. See our white paper on the technology at http://www.clicktracks.com/downloads/ClickTracks_JDC_White_Paper.pdf

The portion of my interview that you quoted "However, they don't rule out the possibility of using your web analytics data for business purposes. " was in reference to two particular vendors that have created a business reason to 'look at' and use the data they collect. One is an advertising provider that gives away 'free' web analytics as long as you send your visitor behavior to them. Anyone who provides contextual advertising has good business reason to 'look' at visitor behavior data and use it. The other is a competitor that does aggregate analysis of their customers' data and sends out press releases on firefox usage, and general conversion trends. A scan of the web will show that ClickTracks does not engage in this behavior, nor do the majority of our competitors.

One can speculate that there is a conspiracy behind every marketing measurement system, every point of sale, every major transaction. And it is sad that some shady businesses break that trust and cast a shadow on us all. On the whole, I applaud your astuteness, and your willingness to test the credibility of the method of data collection used on this or other web sites. I encourage you to test the credibility and reputation of ClickTracks and other web analytics vendors. And, I invite you to contact me directly, anytime, if you would like to learn more about how ClickTracks operates.

Finally, let me state that Lavasoft classifying this cookie as a dataminer is simply incorrect. It cannot be, because the only people able to mine such data would be us, and we don't. We don't blame Lavasoft for making the error, since it couldn't be otherwise. They don't have the resources to check each cookie domain, who owns it, and whether that company is capable and motivated to track across domains. They are a wonderful group of people and their tool is excellent, but they're not infallible.

Sincerely,

John Marshall,
CEO and President
ClickTracks
jmarshall at clicktracks dot com

Hi John!

first of all, thank you for joining the conversation and confirming ClickTracks' position on the issue.

Phil, I assure you, this is not a CEO who just merely spurts out the company line, he's thoroughly involved with all operations and cares deeply about his company's reputation - you can always trust what he and the entire CT team says as fact.

If you can make it, I also invite you to meet the Clicktracks team at SES London. You'll know what I'm talking about once you spend some time with them.

John. Many thanks for popping in to explain that. It's appreciated. I'm sure that you understood my concerns. I had no knowledge of clicktracks, or any other such system/company, so it was a big concern when I saw the "data miner" tag, and it is easy to realise what *could* be done with the data by a company that had access to it from a great many sites on the Web, and that wants to compile profiles for whatever reason.

Elisabeth. I'd love to pop in. I have time, I have nearby accommodation, BUT do you know how much it costs to get into one of those shindigs??? I'm a Yorkshireman, for goodness sakes, and I'd be letting Yorkshire down if I shelled out that much for it ;)

Actually it would be nice to meet a few people, but the prices :(

Elisabeth. I'd love to pop in. I have time, I have nearby accommodation, BUT do you know how much it costs to get into one of those shindigs??? I'm a Yorkshireman, for goodness sakes, and I'd be letting Yorkshire down if I shelled out that much for it ;)

Actually it would be nice to meet a few people, but the prices :(

Hey Phil,
I get that the price thing can be an issue. That's why some people look to get a one day pass if they find a day on the agenda that offers a lot of valuable sessions/of specific interest to them.

Otherwise, just getting the expo pass (free in advance) really cheap day of - will get you in to meet the Clicktracks people (looks like they have a booth) and of course, we all hang out in the hotel bar a lot:)

Otherwise, just getting the expo pass (free in advance) really cheap day of - will get you in to meet the Clicktracks people (looks like they have a booth) and of course, we all hang out in the hotel bar a lot:)That sounds more like it :)

I feel satisfied about Clicktracks, btw. I still have 3rd party cookies blocked, because Clicktracks isn't the only system out there.