Slide 1OverviewPrivacyDoubleClick and PrivacyDoubleClick’s Privacy PolicyMerger with AbacusOpt-In EMail.com“Invisible” Third PartyComplaints against DoubleClickSlide 10DoubleClick’s ResponseSlide 12Other Privacy IncidentsSlide 14New Privacy Laws?Good side of DoubleClickStakeholdersSlide 18Ethical ImplicationsSummaryMain SourcesThe DoubleClick controversy and other related issues pertaining to privacy on the InternetOverviewOverview•Privacy •DoubleClick•Other Privacy Issues and Incidents•Stakeholders•Ethical Implications•SummaryPrivacyPrivacy•Accessibility to others•Form of control•Amount of information known•Physical access•When does private information become public?•Information as propertyDoubleClick and PrivacyDoubleClick and Privacy•Collecting personal information about people without their knowledge–Acquiring companies which have large databases of personal information (eg. Abacus, Opt-In EMail.com)–Collecting information from web-sites that claimed such info was not being shared–The “invisible” third partyDoubleClick’s Privacy PolicyDoubleClick’s Privacy Policy•Information Collected in Ad Recovery–“In the course of delivering an ad to you, DoubleClick does not collect any personally-identifiable information about you, such as your name, address, phone number or email address. DoubleClick does, however, collect non-personally identifiable information about you, such as the server your computer is logged onto, your browser type (for example, Netscape or Internet Explorer), and whether you responded to the ad delivered.”Merger with AbacusMerger with Abacus•Nov. 13, 1999 - Merged with Abacus Direct Corporation•Merged databases - Information about where people live, how much money they make, where they travel, entertainment, health information, recreational web-sites they visit (eg. http://www.sleazypics.com), etc.•Contrary to privacy policyOpt-In EMail.comOpt-In EMail.com•Dec. 1, 1999 - DoubleClick announced acquisition of Opt-In EMail.com•Opt-In EMail.com gathers demographic information like name, gender, age, occupation•Merging of databases again•Web-based email““Invisible” Third PartyInvisible” Third PartyComplaints against Complaints against DoubleClickDoubleClick•Target of six private lawsuits•Several privacy advocacy groups•Electronic Privacy Information Center (EPIC)–Accused DoubleClick of building massive databases on consumers’ buying habits and identitiesComplaints against Complaints against DoubleClickDoubleClick•Federal Trade Commission (FTC) conducting inquiry•New York Attorney General inquiry•Michigan Attorney General files notice against DoubleClick–Accused of violating Michigan’s consumer protection lawsDoubleClick’s ResponseDoubleClick’s Response•Moves to quell privacy debate•Internet Privacy Education Program•Allows users to block its “cookies”•Educate consumers on how to protect themselves when browsing and shopping onlineDoubleClick’s ResponseDoubleClick’s Response•Privacy Officer•Privacy Advisory Board•Pricewaterhouse Coopers, L.L.P to perform periodic privacy audits•Refer users to http://www.privacychoices.org•EPIC calls its “feeble attempt at crisis management”Other Privacy IncidentsOther Privacy Incidents•Lawsuit against Yahoo•“E-stalking”–“Cookies” act as surveillance cameras that illegally monitor and stalk web-users without their full knowledge or consent–Yahoo accused of theft, trespassing and other related wrongs.Other Privacy IncidentsOther Privacy Incidents•Health sites violate their own privacy standards•Accidental violations–Unaware that third-party advertisers have access to personal information they are collectingNew Privacy Laws?New Privacy Laws?•DoubleClick controversy has ignited demand for legislation regarding privacy on the Internet•Legal system struggling to keep pace with technological change•Cannot rely on self-policing industryGood side of DoubleClickGood side of DoubleClick•Not clear if DoubleClick is causing harm to anyone•User has option to opt-out•Increased profiling may lead to web-surfers actually finding something they likeStakeholdersStakeholders•Joe Shmo•DoubleClick•Clients of DoubleClick (sending end)•Clients of DoubleClick (receiving end)•Government (Clinton administration)StakeholdersStakeholdersEthical ImplicationsEthical Implications•Breach of privacy (personal info becoming public)•Anonymity•Responsibility and fault fall on all stakeholders to varying degrees•Deliberate misrepresentation on privacy policiesSummarySummary•Breach of privacy laws as theft of property•DoubleClick merging databases with other companies, accumulating personal info; channeling private info from one client to another•Need for new privacy laws•Conclusion:–“Government, industry, and privacy advocates will have to decide where to draw the line on how much information one company can maintain”Main SourcesMain Sources•New York Times Archives–http://www.nytimes.com/library/tech/•Wall Street Journal–http://www.wsj.com/•DoubleClick–http://www.doubleclick.net•Computers, Ethics & Social Values–CS 99