Web Bugs Everywhere Raise ConcernUntil recently, the term "bug," when used in computer parlance, meant a glitch or programming error in a software product, such as the "Y2K bug."
Today, the term is being used in a more traditional manner, such as "to eavesdrop." Web site operators and e-mail marketers use "Web bugs" to track an individual's activity on a Web site and when opening, reading and forwarding an e-mail. The use of these bugs, however, raises serious legal concerns.
A Web bug is embedded in a Web page or in an e-mail's HTML code. Also known in the industry as "invisible GIFs," "clear GIFs" or "1-by-1 pixels," Web bugs are efficient because they take up little space and are virtually invisible. Because they are not easily detectable, however, critics refer to them by the less flattering term "spyware."
Web bugs are primarily used to provide their users with information about how others behave on a Web site or their activity with respect to an e-mail. However, they may also be used for less suspect activities, such as to verify that a PC has the latest patches and fixes issued by a software vendor.
Because Web bugs are placed in HTML coding on a Web page or e-mail, they are often invisible - unlike cookies, which are visible on a user's hard drive. This invisibility, coupled with the failure to disclose their use, has, not surprisingly, given rise to several legal actions. Class-action suits have been brought against software companies, including RealNetworks and Netscape, for violations of the Electronic Communications Privacy Act (which generally prohibits the interception of electronic communications of others) as well as the Computer Fraud and Abuse Act (which generally prohibits the unauthorized access to and use of a computer).
Though no law specifically addresses the use of Web bugs, legislation in this area (and for Internet privacy in general) may not be far off. In January 2001 alone, the Spyware Control and Privacy Protection Act was introduced in the Senate and the Congressional Privacy Caucus (a bipartisan group of legislators interested in privacy matters) announced that it would conduct hearings to investigate the privacy issues raised by Web bugs. The Federal Trade Commission has also held hearings on the use of Web bugs and is considering whether their undisclosed use may be harmful to consumers and e-commerce in general.
On the public relations front, companies that use Web bugs, or that use the services of a third party that uses the technology, have received an increasing number of complaints from consumers and consumer groups alleging that the practice invades their privacy under a number of legal theories, such as the common law tort of trespass, wiretapping, conversion and breach of contract, as well as violations of the ECPA and CFAA mentioned above.
More recently, some tech-savvy users of online games became aware that certain Web sites they frequent use Web bugs for similar purposes. Faced with consumer criticism and a decline in business, one online game site host, Verant Interactive, San Diego, a division of Sony Online Entertainment, chose to eliminate its practice of using Web bugs completely.
Similarly, when eGames Inc., Langhorne, PA, an online vendor of family oriented game software, incorporated technology for advertising-supported software from Conducent Technologies Inc., Sterling, VA, that contained Web bugs, the attorney general of Michigan initiated an investigation into the company's online data collection and use practices. In a settlement, eGames agreed to revise its software and to provide full disclosure of its data collection and use practices. EGames is also making a software utility available online that will remove the Conducent software (and the Web bugs) from existing installations of the games.
What guidance may be gleaned from these cases?