Online Marketing—You’re a Target, and in Ways You Can’t See

| Print | E-mail |

August 2004

Ads are everywhere—on the TV, in newspapers and magazines, in your mail, and especially online. We are so used to seeing ads that we tend to pay little attention to them. But the advertisers are always trying to change that—they want to make the ads more relevant. Now as you take advantage of the Information Highway, your use of the Internet offers advertisers new ways to target your interests and personal information, and, they hope, your wallet. In a nutshell, this report tells you how they are doing that online and what you can do about it.

Advertising fuels many websites by providing the revenue that allows them to pay the bills. The more effective the ad, the better the dollars. And the more the ad is tailored to specific individuals, the more effective the ad. So marketing and advertising companies are always refining their ways to gather and use information about you.

Here are several examples of how information is currently being used to target individual consumers for marketing barrages.

• Google's “Gmail” e-mail service scans each email message you send or receive, then shows on-screen text ads that relate to the content of the email message. Although the Gmail privacy policy states that advertisers receive no personally identifying information, many consumer privacy advocates have raised alarms about the intrusion into personal communications and the potential for abuse.
• Most websites have a business relationship with ad services. As you surf the Web visiting a number of sites, the ad services collect data on your surfing. Then the ads displayed on your screen (either embedded or popup, banner or text) start to reflect the sites you’ve visited. For example, if you visit travel-related sites, more travel-related ads are displayed.
• Let’s say that you frequently visit a retail site that sells a variety of items. You usually visit the electronics and video pages to see what bargains are on offer. Tracking this pattern, the website begins to display ads on electronic and video items every time you log on.
• Using information collected online can go beyond targeting you online, too. Recently, a friend was T-boned at an intersection, resulting in an unplanned search for a new car. She visited the websites of several local car dealers. She didn’t request any information, fill out any forms, or provide any identifying information. A couple of days later she received a phone call from one of the dealerships—“I see that you are looking for a new car.” The dealership had used information collected about her surfing to personally identify and contact her. Incidentally, with that one phone call, that dealership lost any possibility of a sale to this consumer.

How The Marketers Collect Information

So just how do marketers and ad services and other companies gather information online about you? Here are several ways.

Cookies. Cookies (identification files placed on your computer) are used in various ways to collect information. And that’s not all bad: for example, financial institutions must use cookies to enable and protect your online banking services. Other sites use a cookie to track how frequently you visit a site and what you’ve looked at on the site to enhance their site content. Cookies are used for online shopping carts. Personalizing a site also uses cookies.

Now for the potentially bothersome use of cookies: Ad companies use cookies to track the sites you’ve visited. Look closely at the web page addresses (on the status bar at the bottom of the window) as your browser loads a page. You will see addresses other than the site. These addresses may be requesting the ads you see on the page. For example, an ad company will place a cookie with an ID on your machine the first time you visit a page with an ad served by that company. The ad company can then use that ID to build a database of the pages you’ve seen from any website you’ve visited; it doesn’t matter whether these websites are clients for the ad service or not—they can collect and use them all.

Protocol info required to use the Internet. Just as you can’t call a friend without knowing his phone number, your computer can’t connect to and use the Internet without having an IP address. So the act of visiting a website necessarily provides information to the site. The primary information is your computer’s IP address (assigned by your Internet Service Provider, or ISP), and usually the date and time of day, your browser and version (such as Internet Explorer 6), and your operating system (Windows XP, MacOS, etc). Some browsers send out your email address. Even your ISP may be identified. The previous site you visited may also be identified.

Registering to use a site. You provide information when you register to use a site. The web company may call it “free” registration—it doesn’t cost money but it probably costs some personal information. This information can be as little as a username and password or it can be filled with demographic information: name, address, phone number, sex, age, income range, marital status, hobbies, etc.

You may have good reasons to register at a site. For example, registration may provide access to additional information or services on the site, such as additional articles on a newspaper or magazine site. Or you may wish to customize the home page or entire site that you visit regularly. But you need to be aware that registering provides marketable information to the company (even if they are only “marketing” internally as many privacy statements assert). Another trend is that many sites that formerly required no registration are now requiring it. One newspaper recently wanted to know my exact age and my income just so I could read a sports story, and another site I ran across recently required registering to get a printer friendly version of an article.

Spyware. Programs on your computer can also collect information. These programs are typically called “spyware,” although marketers tend to call them “adware.” Some of these programs tag along with another program that you choose to download. The program that you wish to download may or may not openly state that the adware exists (many bury this fact in the license agreement usually at the very end). Other programs get loaded without your permission into your machine when you visit a website.

How to Control the Marketing Machine

The good news is that you have some control over the harvesting of your information. Follow these steps to better control the marketing machine:

• Read the site’s privacy policy before providing any personal information. Don’t sign up with the site if you don’t agree with it.
• Provide only the minimum information required. Look for indications, such as an asterisk (*) or boldface type, for the required fields.
• If you decide not to use the site, give them feedback on why you won’t sign up.
• Look for the opt-out and opt-in sections. Make sure you scroll to the bottom of the registration page to look for all the fields. A few sites put the opt-out/opt-in check boxes below the submit/signup/continue button. On a few sites, I’ve found the opt-in check boxes already selected.
• Check your account information and personal settings regularly. Some sites reserve the right to change their policies without notification. I’ve had at least one site change their marketing preferences, setting all the choices to yes.
• Take control of your cookies. Set your browser to show you cookies before setting them (be prepared to be bombarded). Another option is to use a cookie manager. Some Internet security software packages such as ZoneAlarm Internet Security or Norton Internet Security include cookie managers. Rejecting all cookies will limit what you can do on the web. Legitimate uses of cookies include online banking, shopping carts, personalizing a site, and automatic site login.
• Don’t allow your browser to store your personal information. This is a trade off between convenience and privacy.
• Check your machine for adware/spyware. Use a free program such as Ad-Aware 2008 Free or Spybot Search & Destroy. Webroot's SpySweeper costs $29.95 or try their free online scanner. Many security suites check for spyware. Experts recommend using more than one antispyware program.
• Change your browser settings to not allow programs to be automatically downloaded and installed. At the very least have the browser ask you before it does it. When you are asked, don’t just click yes without understanding what is happening. The best bet is if you don’t know the reason for the download, click No.
• Use a firewall, particularly one that blocks outgoing transmissions not just incoming. The Symantec and McAfee Internet security packages contain firewalls. ZoneAlarm offers free and pay versions of a firewall and also has a security suite.

The EPIC Online Guide to Practical Privacy Tools has links to numerous tools— including cookie busters and firewalls—that may help protect your privacy online. EPIC is the Electronic Privacy Information Center.

Prepared for Corning Credit Union by Remar Sutton & Associates, August 2004. Reviewed and updated June 2008. All rights reserved.