WASHINGTON, DC – Consumer Watchdog called online industry claims that consumers’ personal privacy is protected when they surf the Web to be meaningless in light of a study released today by Stanford University’s Computer Security Laboratory. The research was released at a forum discussing digital data collection sponsored by a coalition of 10 consumer, privacy and civil rights groups. Consumer Watchdog called on the Federal Trade Commission to investigate whether identified companies violated their privacy obligations to consumers.
“Industry tries to lull consumers by claiming that online tracking gathers behavioral data anonymously,” said John M. Simpson, privacy project director at the nonpartisan, nonprofit Consumer Watchdog. “This study proves that personally identifiable information is regularly shared without consumers’ knowledge. We can’t rely on industry promises to protect consumer privacy; clearly we need Do Not Track legislation and we need it now.”
The study of 185 of the most visited websites found a consumer’s username or user ID was shared with another website on 61% of the sites visited.
One site, OkCupid, a free online dating website, appears to sell user information to the data providers BlueKai and Lotame, including: gender, age, ZIP code, relationship status, and drug use frequency, said Jonathan Mayer, who wrote up the research and is not affiliated with Consumer Watchdog. He cited these other examples of personal information that was passed along:
— Viewing a local ad on the Home Depot website sent the first name and email address to 13 companies.
— Entering the wrong password on the Wall Street Journal website sent the email address to 7 companies.
— Changing user settings on the video sharing site Metacafe sent first name, last name, birthday, email address, physical address, and phone numbers to 2 companies.
— Signing up on the NBC website sent the email address to 7 companies.
— Signing up on Weather Underground sent the email address to 22 companies.
— Interacting with classmates.com sent the first and last names to 22 companies.
The top five public recipients of username and user IDs, according to Mayer, were:
— scorecardresearch.com (comScore), on 81 (44%) of the websites in the sample.
— google-analytics.com (Google Analytics), on 78 (42%) of the websites in the sample.
— quantserve.com (Quantcast), on 63 (34%) of the websites in the sample.
— doubleclick.net (Google Advertising), on 62 (34%) of the websites in the sample.
— facebook.com (Facebook), on 45 (24%) of the websites in the sample.
Read the complete study, “Tracking the Trackers: Where Everybody Knows Your Username,” after 10 am, at: http://cyberlaw.stanford.edu
“We believe there is now overwhelming evidence that third-party web tracking is not anonymous,’” Mayer wrote.
“It appears that most companies’ ‘privacy policies’ are nothing but empty promises and worthless shams,” said Simpson. “The Federal Trade Commission needs to examine their claims closely and take action where there is deception.”
The Stanford study was released at the National Press Club during an event discussing digital data collection of private information from consumers and citizens. Federal Trade Commission Chairman Jon Leibowitz was the keynote speaker at the event, which was sponsored by the ACLU, Center for Digital Democracy, Consumer Action, Consumer Federation of America, Consumers Union, Consumer Watchdog, Electronic Privacy Information Center, Privacy Rights Clearinghouse, US PIRG and World Privacy Forum.
– 30 –
Visit our website at: http://www.ConsumerWatchdog.org