News
Commentary
6/21/2001
05:30 PM
Fred Langa
Fred Langa
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Langa Letter: The Web-Bug Boondoggle

Don't be suckered in by the latest security hysteria. "Web bugs" aren't the threat you fear they are.

Overall Privacy Is The Issue; Web Bugs Are Not
I said the fear fantasy "mostly evaporates" when you look closely at it. But it is true that a Web company that gets the right personal information from you, either directly or via collusion with another company, could learn a lot about you, if it wanted to invest the time and money.

So, isn't this a major new security problem? To analyze the risk, let's first establish a context by looking at non-Web, paper-based transactions.

If you order something via a paper catalog, the catalog company will know your name, address, and payment method. They'll know what you bought, and from that they can infer something about your other interests or needs. If the company wants to go to the expense and bother, it can determine your income, either by running a credit check or by using census data to see what the average income is for your zip code. It can (via a credit check) also see your banks and credit cards, your payment history, and what other companies you deal with. It can learn about your mortgage and car loans, and from that, how much you paid for your house and cars. It can get additional info from the Department of Motor Vehicles--or from any other public source of information. And, of course, the paper-catalog company can sell your name to other companies, who can perform the same kind of research. Again: if a paper-catalog company is willing to spend the time and money, it can find out a lot about you.

Now let's look at Web bugs. What's the very worst that can happen if you get involved with E-companies that gather and share your personal data? The very worst case is that you'll be no more exposed than you already are in your paper-based dealings.

Web bugs afford no additional risk beyond what has existed for many years in the paper-based world--and to me, that's where the problem really lies. The true solution to privacy invasion is in limiting the amount of personal information that any company--not just Web-based companies--can access and share.

Long-time readers know I take online security and privacy very, very seriously. But I don't regard Web bugs as a very serious matter at all. To sum it all up:

First, there's nothing inherently special about Web bugs, because exactly the same information can be obtained from any graphic or link.

Second, any kind of "tracking" or information sharing is fairly difficult to pull off, and requires your voluntary input of information. If you're careful with the information you give out, most of the Web-bug risk vanishes.

Third, even in the worst-case scenarios, your Web-bug privacy risk is about the same as what it already is with (for example) paper-catalog companies. Again, Web bugs pose no additional privacy risk.

Bottom line: Even if you use Bugnosis (or a similar tool) and you eliminate every Web bug you run into, you gain essentially nothing in terms of meaningful privacy. That's why I don't use Bugnosis or similar software; that's why I surf with cookies fully enabled. But I do check the privacy policies of all sites where I enter personal data, and I never enter more data that really is needed to complete the transaction. I'm similarly careful about the paper-based companies I deal with.

So, I rank Web bugs (and cookies) near the bottom of the pile of "things to worry about." You can use bug trackers and cookie trackers if you want to, but doing so is almost always a waste of effort.

What's your take? Does Fred have his head in the sand about Web bugs and cookies, or do you agree that the security risks are mostly overblown? Are Web bugs a central issue in online privacy, or--as Fred suggests--just a minor sideshow? Does your company's E-commerce site use Web bugs? If you use bug filters and "cookie crushers," have you encountered problems with them? Join in the discussion!

Previous
4 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ShahA411
50%
50%
ShahA411,
User Rank: Apprentice
5/16/2014 | 3:01:41 PM
Antibug software discovred
Web bug have some advantages and some disadvantages too. It helps the webmaster in order to keep the traffic records. But nowadays, technolohy is improving and everything would be possible by the use of technology in near future. gel fuel fireplaces
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.