Some marketers may be violating their privacy policies or collecting consumer data without permission by using Web bugs on their Web sites, according to a study released this week.
Titled “Web Bugs — A Study of the Presence and Growth Rate of Web Bugs on the Internet,” the study was conducted by Internet site tracking firm Cyveillance Inc. Cyveillance gathered data from more than 1 million Web pages and compared a random sample of pages from 1998 and 2001.
Web bugs, also known as clear GIFs or 1-by-1 pixels, are graphics embedded in Web pages or in e-mail messages that can track site visitors or readers of e-mail.
While Web bugs can be used for such benign purposes as tracking the number of visitors to a Web page, its potential for collecting more detailed information worries privacy advocates.
The Privacy Foundation, a nonprofit consumer education group and privacy watchdog, has said the use of Web bugs is tantamount to illegal wiretapping.
Data that can be collected by Web bugs include IP addresses, the URL of the Web page location of the Web bug on it, the time and date it was served, the type of browser used to retrieve the Web bug and previously set cookie values.
It is through cookie values that marketers using Web bugs could collect data such as personally identifiable information and transactional information.
“The results of this study emphasize what we're seeing everyday — companies want to earn and retain the trust of their customers, and an association with Web bugs has the potential to seriously undermine those efforts,” Panos Anastassiadis, president/CEO of Cyveillance Inc., Arlington, VA, said in a statement.
Unless the presence of Web bugs is stated in a Web site's privacy policy or a user has installed software that detects such Web bugs, they are virtually invisible to site visitors.
Eight of the top 50 brands used Web bugs on their home pages, the study said. At least one such brand stated that it did not share information with third parties in its privacy policy. The presence of the Web bug was a clear violation of that policy.
While overall Web bug use on the Internet is not rampant, it has increased 488 percent from 1998 to 2001, according to the study.
The study also reported that 0.6 percent of Web pages contained Web bugs in 1998 compared with 3.9 percent in 2001.
The likelihood of Web bug presence on pages featuring top brands also went up from 1998 to 2001. In 1998, a top brand was present on 7.6 percent of the sampled Web pages. Of those pages with a top brand, 64.4 percent had Web bugs. In 2001, 25.8 percent of sampled pages had a top brand and 95.9 percent of those pages had Web bugs.
One conclusion made by Cyveillance was that as consumer awareness of Web bugs rises, marketers using Web bugs will be at greater risk of having their data collection practices disclosed.
Last August the Privacy Foundation issued an advisory on its Web site to raise consumer awareness of Web bugs. The group also proposed guidelines for the use of Web bugs and sent them to 40 Internet marketing companies and trade groups. Those guidelines call for icons indicating that Web bugs are present; identification of their origin; full disclosure of the bugs' functions; the ability for the visitor to opt out; and the exclusion of bugs from pages of a sensitive nature, such as those containing medical or financial data.
This June the Privacy Foundation released Bugnosis, freeware that it claimed could detect Web bugs when they appear on Web pages and can inform users that they are being tracked. Although the software detects Web bugs, it does not block them.
