Menu lock

Online

Nov 8, 2010

Fairfax’s hypocritical web ‘spying devices’ beat-up

"Politicians are letting foreign-owned companies covertly gather information about voters" screamed Fairfax today. Pot. Kettle. Black.

Stilgherrian — Technology writer and broadcaster

Stilgherrian

Technology writer and broadcaster

“Politicians are letting foreign-owned companies covertly gather information about voters” screeched the  Nicky Phillips “EXCLUSIVE” in Fairfaxland today. “The websites of Barry O’Farrell, Kristina Keneally, Tony Abbott and the Greens plant spying devices on visitors’ computers, which can track them as they browse the internet.”

Pot. Kettle. Black.

Fairfax’s own websites, from smh.com.au and theage.com.au to Essential Baby TradingRoom.com.au and personals site RSVP, all use these “spying devices”. They’re called cookies, and they’ve been a common part of the commercial web since the mid-1990s.

A cookie is nothing more than a piece of data that a website leaves on your computer. It might contain a unique session ID that’s used, say, by a shopping website to ensure you see the contents of your shopping cart rather than someone else’s. A cookie can remain on your computer between browsing sessions. A unique user ID can for example, ensure that any customisation you made to your “browsing experience” is preserved for next time without you having to log in. So far so innocuous.

But consider “third-party” or “tracking cookies”. They’re placed on your computer by another website whose content is included in the web page you’re visiting — such as the advertising inserted into the page by an advertising network. Every time you visit a website in that network, the advertiser knows because they see the same cookie with your unique ID.

“Information gathered about a user’s online behaviour can be used to build detailed profiles to help target advertisements — a practice many believe is a threat to privacy,” writes Phillips. True. This is precisely what tracking cookies are for.

But none of this is news. And for Fairfax to criticise anyone for using tracking cookies is the height of hypocrisy. Fairfax’s own sites are riddled with the damn things — almost all of them from “foreign-owned companies”.

A single visit to the smh.com.au home page this morning placed no less than 21 cookies from seven third-part sites on my computer.

Among them was a cookie for Google subsidiary DoubleClick, one of the biggest online advertising networks and a foreign-owned company. There was one for IMR Worldwide, part of the foreign-owned Nielsen audience-measurement empire. For 2o7.net, a website analytics tool operated by Utah-based Omniture. They’re owned by Adobe, a foreign-owned company. Scorecard Research, another website analytics company. Guess what? Foreign-owned.

While Phillips tried to scare us with the news that Tony Abbott’s website installed “a tracking device, owned by Yahoo! and dated to expire in 2037”, Phillips’ own story at smh.com.au installed “tracking devices” from amgdgt.com (Google’s advertising manager, foreign-owned) set to expire in 2020 and serving-sys.com (another advertising network, Eyeblaster, foreign-owned) expiring in 2038.

The last third-party cookie was from atdmt.com. As Crikey’s deadline approached I ran out of time to look it up, but I wouldn’t put money on it having anything to do with an Australian-owned company.

The ad networks will tell you that their cookies don’t contain any personal information. Perhaps. But if you provide any personal details to any website in the network, it can be cross-matched. Log into your Google Gmail account and your personal data can be correlated with everything collected from networks using DoubleClick’s advertising. If you have a profile at RSVP, Fairfax can cross-match that with your news viewing.

Now the response from Tony Abbott’s office — that any inquiries about third-party cookies on his website should be directed to those third parties — is lame. His office should be taking responsibility for the privacy implications of the technology they use. And if politicians aren’t mentioning this tracking in their website privacy policies then they’re behaving very badly indeed.

However, the mere fact that someone uses tracking cookies isn’t news. Even Crikey uses them, for the DoubleClick ad network, and for analytics by IMR Worldwide and Effective Measure analytics.

Phillips’ story, with its scary-sounding foreign-owned spying devices, is nothing but a beat-up.

We recommend

From around the web

Powered by Taboola

35 comments

Leave a comment

35 thoughts on “Fairfax’s hypocritical web ‘spying devices’ beat-up

  1. splurkles

    imagine her horror when she discovers the thing called “facebook”

  2. Cameron Manning

    Watch out, they may sick Annabel Crabb onto you..

  3. amy c

    No Stilgherrian, I wasn’t going to, because I like to be able to comment on Crikey stories in general without doing so in my capacity as a Herald journo. But thanks for outing me. It’s not as if it was a secret who I was, since I made that comment within minutes of commenting directly to you on twitter.

    I don’t imagine readers will search every previous story. But I do imagine a journalist – for whom the whole point of their article is that something wasn’t disclosed – might do a quick google search to see what else has been written.

    And furthermore, I don’t think Nicky’s article was actively criticising politicians as you make out. It was critical, but it was also just about raising the issue and letting people know it was happening, which, while it may be widely known in internet-nerd land (and I use the term with affection) is not actually widely known among most people.

    But I also think it is certainly legitimate for a journalist in a company that collects cookies to highlight the fact that political parties (or government agencies) collect them. There are potentially serious privacy concerns there (for example, what if centrelink were to use cookies to follow me online if I’m receiving payments from them etc etc)

  4. Elan

    “No Stilgherrian, I wasn’t going to, because I like to be able to comment on Crikey stories in general without doing so in my capacity as a Herald journo.”

    Righty ho ducky! That clarifies that.

    (Oooooo you meany, meany thing, Stillers!)

  5. Meski

    @Amy: unfortunately, the perceptions of readers when you get outed by someone else, rather than admitting it up front, outweigh the benefits of commenting privately. The story still sounds like a beat-up, but that may be because I’m fairly aware of how cookies work.

  6. amy c

    @ Meski, yes it is a shame. What a pitty I need to be attacked instead of the substance of my argument!

  7. Stilgherrian

    @Amy C: I’d contend that the number of people following this discussion on both Twitter and in the Crikey comment stream would be vanishingly small. And while I reckon it’s perfectly fine and proper for you to comment as yourself and not with an official Fairfax hat — none of us are the puppets of our employers, or shouldn’t be — I also reckon that your employment by Fairfax is a relevant fact to disclose when joining this particular discussion.

    My view is that it’d be more ethical to use a pseudonym and disclose the relationship than to use half your real name and not disclose.

    That said, if “Amy C” is a persistent identifier that you use when commenting at Crikey and elsewhere, it’d be reasonable to continue using it.

    I think we’ll have to agree to disagree about the intent of the story. From where I sit, it looks like the story was intended to invoke fear.

    I reckon if the story’s aim was to inform then it would have explained more accurately what utility politicians get from using an analytics firm — discovering the location, age, gender and other demographics of the website visitors and correlating that to the pages they read — and explained how easy it is to disable third-party cookies or install privacy-protection software. It might also have refrained from loaded language like “spying devices” and just called them “tracking cookies” which is, after all, the name of the things.

  8. Stilgherrian

    Further to my statement:

    Log into your Google Gmail account and your personal data can be correlated with everything collected from networks using DoubleClick’s advertising.

    A Google spokesperson writes:

    When a user visits websites that display ads provided by Google’s AdSense program, or watches a video on YouTube, Google stores a random, unique number in the user’s browser (the DoubleClick cookie) to remember the browser’s visits. Only these visits — and not searches on Google or Google account information — are associated with the DoubleClick cookie.

  9. Infoholic

    @AmyC

    Nicky Phillips chose to use hyperbolic rhetoric (e.g. “spy devices” and “tracking device, owned by Yahoo! and dated to expire in 2037”) in a story that was aimed at the non “internet-nerd”. She chose to only mention web-sites of key politicians and political parties. She conveniently forgot to mention (even though she, according to your previous comment, knows all about cookies) that these third party cookies are created by almost every commercial web site on the planet (even the SMH site). Given that Ms. Philips and the SMH editors are smart people, this can only mean one thing. Ms Phillips wrote and the SMH editors published a story that strictly followed standard beat-up creation guidelines.

    Just accept your colleague wrote a poor story and your employer published it.

  10. GlenTurner1

    AdBlockPro, NoScript, BugMeNot, Firefox’s setting “Accept cookies, keep until I close Firefox” and disabling Flash’s Local Storage Objects. You know you should.

Leave a comment