Search


  • Categories


  • Archives

    « Home

    Update on KISSmetrics’ Tracking of Consumers’ Web Use

    Recently, researchers at the University of California at Berkeley reported that KISSmetrics, which is used by Web sites to track visitors, was using tracking technology that consumers could not opt-out of. Now, Wired has an update reporting that KISSmetrics “quietly overhauled its web tracking methods over the weekend, and is now permitting users to block its surveillance.”

    The 17-person Bay Area startup made the changes after two of its highest profile customers — Hulu and Spotify — suspended their use of the service on Friday in light of the research and the Wired.com story that was first to report it. Separately, Hulu and KISSmetrics were also sued in federal court Friday for allegedly violating federal privacy laws, first reported by Online Media Daily.

    One of the issues was a tracking technique that bypassed traditional cookies by storing unique identifiers in temporary documents that browsers use to speed website rendering. These so-called ETags acted just like cookies, even if users erased or blocked traditional cookies.

    Sometime over the weekend, KISSmetrics published a longer privacy policy, and changed the “How It Works” page on its website to reveal that the company would stop using ETags. “As of July 30, 2011 KISSmetrics uses standard first-party cookies to generate a random identity assigned to visitors to our customers sites,” the new text promises. “This identity by itself does nothing.” The company added in a separate privacy policy for end-users that users can now set an opt-out cookie that excludes them from tracking entirely — as one can do with many online advertising companies and some analytics companies. […]

    Ashkan Soltani, one of the lead researchers on the Berkeley study, wasn’t impressed with the changes, calling it “privacy whitewashing.” […]

    Moreover, he added that the research covered only the top 100 websites, and that there were likely many more examples of invasive tracking in the top 1,000 and in the seedier portions of the internet, particularly porn sites.

    “I’m not getting paid to do this,” Soltani said. “The FTC is not sitting around looking for this — there is no one sitting around watching. Unless there are clear policies around what tracking is legitimate, companies will continue to push the envelope.”

    Leave a Reply