Article 43

 

Monday, December 31, 2007

Amazon Datamining

amazon-honor.jpg Have you ever visted a website and see ONE OF THESE little pay boxes sporting your name? I think Amazon, Pay-Pal, and E-Bay use similar neat little tricks, whose use on the internet seems to grow every day.

Although clearly visible - these cute little thingies are as BAD FOR PRIVACY as any other WEB BUG, and can let Amazon, Pay-Pal, etc, collect lots of info on the websites you visit - to DO WITH AS THEY PLEASE.

And not too many people seem to care based on the lack of articles I found about it on the internet.

Looks like something GOOGLE should have thought up.

---

No Honor In Amazon’s Site Scheme

By Mike Himowitz
Baltimore Sun
February 12, 2001

If you’ve ever bought a book or CD from Amazon.com, try this little experiment: point your Web browser to SETI’S web site.

You say you’ve never heard of this outfit? Well, it appears they’ve heard of you. In fact, when you arrive at the SETI Web page, you’ll probably see a little box that welcomes you by name and asks for a donation. Now try browsing around couple of other sites you’ve probably never heard of, such as satire wire.com, or chank.com, or indigenousrocks.com. They all seem to know who you are.

Big Brother at work? No, Big Amazon, flexing its muscle to make a few million extra bucks and let you know how easy it is to track your comings and goings, even when you’re surfing far away from the bookseller’s Web site.

Amazon’s trick is one of several Internet privacy busters that surfaced in the past week or so, proving that every time I think I’m getting paranoid, something comes along to prove that I have good reason to look over my shoulder.

For example, consider the clever folks who send you junk mail that automatically notifies them that you’ve read it - thereby ensuring that your address will be permanently inscribed in their “Make Big $$$” database. Or another little e-mail security glitch that not only alerts the sender that you’ve read a message, but also passes on information about everyone to whom it’s forwarded, along with any comments they’ve added along the way.

We’ll take these little horrors one at a time.

Amazon’s latest contribution is known, ironically, as the “Honor System.” It’s a scheme that allows its customers to donate money to a worthy Web site by clicking on a graphic inviting the contribution. If you choose to give, Amazon uses its billing system to charge your credit card. The Web site profits, and the bookseller makes money by taking a cut of the donation.

Amazon has used a benign variant of this scheme to sign up hundreds of thousands of “associate” Web sites. They offer visitors a link to Amazon in exchange for a small commission on any sales the link generates. No ethical or privacy problem here.

But the Honor System is different because Amazon knows where you are even if you haven’t clicked on the Amazon link.

That’s because the graphic in the Honor System box is actually stored on Amazon’s site. When your Web browser requests the graphic from Amazon (which happens invisibly in the background), Amazon queries your browser to see if an Amazon customer’s “cookie\” is stored on your hard drive. This is a tiny file with information about you that Amazon uses when you visit its Web site. If such a cookieexists, Amazon looks you up and displays your name in the graphic. To you, it appears that the Web site you’re visiting knows who you are.

Given Amazon’s reach and the lure of free money to Web site operators, it won’t be long before Amazon can track its customers all over the Web - without their knowledge.

In its official pronouncement, Amazon naturally said it doesn’t store this information and has no intention of using it. But Amazon is known for changing its mind. Last year it abandoned a longstanding promise never to sell information about its customers’ book-buying habits. Critics point to Amazon’s track record.

“Amazon’s policy may change significantly, as it has in the past,” said Jason Catlett, president of Junkbusters, an Internet privacy monitor at JUNKBUSTERS “Amazon didn’t use the word ‘never’ in this statement, and even if they did, why should we trust them? They’ve betrayed that trust before.”

Let’s move on to e-mail. If you use Microsoft Outlook, Outlook Express or Netscape Messenger, you’re probably viewing mail in “HTML” format. This is the coding system used to create Web pages. It allows you (and advertisers) to create mail with attractive typefaces, colors and graphics. Unfortunately, HTML can hide programming features that turn an e-mail message into an Internet spy.

Try it yourself. Send a message to a friend who uses Outlook or Netscape, but append “.confirm.to” to the address. If your friend is , make the address .

When John sees it, you’ll get e-mail telling you when he read it, along with the Internet address of his computer. And here’s the kicker - John doesn’t even have to open the message. If his mail preview windowis open, that’s enough to trigger the response.

For this we can thank a Korean company called POSTEL SERVICES INC., which intercepts any message addressed this way and attaches a piece of HTML code that links to a tiny, invisible graphic stored on a company Web server. Because your computer has requested the graphic from Postel, it knows that you’re reading the mail.

These graphics are known in the trade as “Web bugs,” and they’re nothing more than tiny, invisible spies. They operate under the same principle as Amazon’s Honor System graphic. Displaying a message with a Postel Web bug is all that’s needed to let Postel know that John has seen it. Postel forwards the information to you.

Postel will let you send 30 bugged messages per month free of charge (no signup required). After that, it charges 2 cents apiece. But the company hopes to make its real money selling the service to commercial e-mail advertisers.

An even more insidious e-mail weakness - publicized recently by the Colorado-based PRIVACY FOUNDATION - allows a programmer to embed invisible JavaScriptcode in an HTML message that secretly forwards the contents of the message back to the sender every time it’s read - along with any text that’s been added to it.

A business memo thus bugged and circulated for comment could conceivably give a competitor amazing insights into a company’s thinking - making e-mail an invisible tool of corporate espionage. Law enforcement agencies could also use the technology to spy on any group of associates without the niceties of a search warrant or wiretap order.

So I’m not paranoid. People are out there watching and snooping, and they’re finding new tools every day. You should be worried, too. Next time, we’ll discuss steps you can take to protect your privacy.

SOURCE

---

Amazon Knows Who You Are

Associated Press
March 27, 2005

Amazon.com has one potentially big advantage over its rival online retailers: It knows things about you that you may not know yourself.

Though plenty of companies have detailed systems for tracking customer habits, both critics and boosters say Amazon is the trailblazer, having collected information longer and used it more proactively. It even received a patent recently on technology aimed at tracking information about the people for whom its customers buy gifts.

Amazon sees such data gathering as the best way to keep customers happy and loyal, a relationship-building technique that analysts consider potentially crucial to besting other online competitors.

“In general, we collect as much information as possible such that we can provide you with the best feedback,” said Werner Vogels, Amazon’s chief technology officer.

But some privacy advocates believe Amazon is getting dangerously close to becoming Big Brother with your credit card number.

“They are constantly finding new ways to exploit personal information,” said Chris Hoofnagle of the Electronic Privacy Information Center, an Amazon nemesis since 2000 after the company changed its privacy policy to allow sharing of personal information with companies it buys or partners with.

For years, Amazon has collected detailed information about what its customers buy, considered buying, browsed for but never bought, recommended to others or even wished someone would buy them. It has built ever-more sophisticated tools to recommend more purchases, direct your searches toward products it thinks you’re most likely to want, or even stop the forgetful among us from buying the same book we purchased five years ago.

For example, a customer who buys the movie Lost In Translation might also be prodded to buy 21 Grams or Kill Bill, Vol. 1 because others have made similar purchases. And customers who searched several times for a Laurie R. King mystery novel might find a book by her the next time they visit Amazon’s home page.

More recently, the Seattle virtual retailer has launched a web search engine, called A9, that can remember everything you’ve ever searched for—and the site reserves the right to share that information with its retailing arm.

Amazon also funds a website called 43 Things. It seeks to link people with similar goals, such as getting out of debt.

Technology that can accurately anticipate a customer’s greatest desires is going to be crucial in the growing competition with internet-based upstarts and traditional retailers moving online, said analyst David Garrity with Caris and Co.

“One would argue that this is the basis on which a great relationship with a customer was founded,” Garrity said. “If only our significant others were like this.”

But Amazon must build that relationship without alienating the customer. As customer tracking gets more detailed, Garrity said Amazon and other companies should start asking customers for permission to gather certain information.

To some privacy experts, Amazon has already crossed the line. Most recently, Amazon tangled with privacy advocates over a patent on technology that aims to track a shopper’s gift-giving habits, including the recipient’s age and preferences.

Karen Coyle, a member of Computer Professionals for Social Responsibility, worries that the technology would be used to gather information on children, perhaps violating a federal law that limits the gathering of information on kids under 13.

Amazon spokesman Craig Berman says the company hasn’t yet used the technology, and he insisted it would not violate those federal guidelines.

Coyle said some privacy-minded users also might be turned off by the A9 search engine. Although such personalization would improve the quality of search results, Coyle said she would be uncomfortable with a commercial business keeping that data. Analyst Mark Mahaney with American Technology Research questions whether A9 is worth the hefty investment.

A9 ranked 41st in popularity among search engines in February, according to Nielsen/Net Ratings, attracting only a fraction of visitors to Google or Yahoo.

“It’s a little more of a stretch to me as to why investors should be excited about that,” Mahaney said. “Isn’t that a little crowded space?”

Udi Manber, A9’s chief executive, says the idea behind A9 is to improve search, both on Amazon and in general. A9 is adding some Amazon functions, such as reviews and recommendations, to a system that searches the Yellow Pages.

But Manber said A9 has no current plans to link customers’ web searches with their Amazon shopping habits, even though data from both sites are stored using the same customer log-in.

Amazon’s backing of 43 Things potentially gives it an opening into social networking. At the site, people list personal goals and find out who else shares their ambitions.

Many companies, including Yahoo, Microsoft and Google, also are investing in community-building technology, and Garrity said Amazon has a clear interest in cultivating that same feeling around its sales site. But for now, it’s unclear how 43 Things might eventually relate to Amazon’s grander plans—Berman said it’s too early to speculate on such things.

Even some of Amazon’s biggest foes say customer tracking can make shopping more convenient. Despite the benefits, however, government-backed restraints are needed as technology gets smarter, said Jason Catlett of the privacy advocacy group Junkbusters.

People need legal rights to see the profiles that are built about them and to change or delete what they want,” Catlett said.

SOURCE

Posted by Elvis on 12/31/07 •
Section Privacy And Rights
View (0) comment(s) or add a new one
Printable viewLink to this article
Home
Page 1 of 1 pages

Statistics

Total page hits 9766484
Page rendered in 0.8195 seconds
41 queries executed
Debug mode is off
Total Entries: 3223
Total Comments: 337
Most Recent Entry: 07/15/2020 08:32 am
Most Recent Comment on: 01/02/2016 09:13 pm
Total Logged in members: 0
Total guests: 11
Total anonymous users: 0
The most visitors ever was 172 on 12/25/2019 07:40 am


Email Us

Home

Members:
Login | Register
Resumes | Members

In memory of the layed off workers of AT&T

Today's Diversion

It would be possible to describe everything scientifically, but it would make no sense; it would be without meaning, as if you described a Beethoven symphony as a variation of wave pressure. - Albert Einstein

Search


Advanced Search

Sections

Calendar

July 2020
S M T W T F S
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Must Read

Most recent entries

RSS Feeds

Today's News

ARS Technica

External Links

Elvis Picks

BLS Pages

Favorites

All Posts

Archives

RSS


Creative Commons License


Support Bloggers' Rights