{"id":12,"date":"2007-12-23T19:15:44","date_gmt":"2007-12-24T00:15:44","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/mbabin\/2007\/12\/23\/doubleclicks-privacy-policy\/"},"modified":"2007-12-23T19:17:13","modified_gmt":"2007-12-24T00:17:13","slug":"doubleclicks-privacy-policy","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/mbabin\/2007\/12\/23\/doubleclicks-privacy-policy\/","title":{"rendered":"DoubleClick&#8217;s privacy policy"},"content":{"rendered":"<p class=\"MsoNormal\"><font face=\"Times New Roman\"><a href=\"http:\/\/doubleclick.com\">DoubleClick<\/a> seems to be even less forthcoming about privacy than Google. I checked out their privacy policy, and here is a summary of what it says:<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">The only <strong>personal information<\/strong> DoubleClick collects is voluntarily provided by people and includes contact information from people who contacted DoubleClick and e-mail addresses of people who signed up for newsletters. (1) DoubleClick defines personal information as anything that can identify a particular person, including names, addresses, e-mail addresses, telephone numbers, social security numbers, credit card numbers, or bank account numbers. (2)<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\"><strong>Non-personal information<\/strong> is collected through session cookies, persistent cookies, server logs, and Web beacons. DoubleClick considers ISPs, operating systems, browser types, and cookie IDs to be non-personal information. (2)<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\"><strong>Session cookies<\/strong> are cookies that last only until a user closes his or her browser. DoubleClick uses session cookies when visitors reach their site through ads on other sites. The cookies track what site the user reached DoubleClick.com from and what ad they clicked on, so that DoubleClick can track the effectiveness of their advertising.<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\"><strong>Persistent cookies<\/strong> are cookies that last over more than one browser session and are stored in the Cookies folder on a user\u2019s computer. DoubleClick doesn\u2019t go into much detail on how extensively it uses these on its site, but states that it uses data from them \u201cto better understand how the website is used, resolve technical problems, and enhance your experience at this site.\u201d (1)<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">DoubleClick also uses a specific type of persistent cookies called <strong>DART cookies<\/strong> to serve ads on other sites. The cookie gives each user a unique numerical identifier so that DoubleClick\u2019s client sites can track what ads and sponsored search listings they click on in order to deliver personalized ads and gauge which ads are most successful. It is the clients, not DoubleClick, that decide how they will use cookie information to determine which ads to display. So, although DoubleClick makes clients promise never to use sensitive or personally-identifiable information to choose ads, (2) one never really knows what data the client sites are gathering about their users. <\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">Thankfully, DoubleClick makes it easy for users to opt out of the DART cookies. By merely clicking a button on DoubleClick\u2019s privacy page, a user can replace his or her DART cookie with an opt-out cookie. This opt-out cookie contains no unique numerical identifier, but it does track the user\u2019s operating system, browser type, IP address, and local time. For users who have opted out, ads are targeted based only on the content of the client web page that the user is viewing. Simply deleting the DART cookie is not a good way of opting out, since each site that displays DoubleClick ads will search for a DoubleClick cookie and will set a new cookie if there isn\u2019t already one. If a user clicks on the \u201copt-out\u201d link, however, all sites that display DoubleClick ads will recognize the opt-out cookie and will not set any new cookies. (3)<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">Another way that DoubleClick collects information is through <strong>server logs<\/strong>, which track IP addresses and referring URLs so that DoubleClick can find out how people use its site. (1) The privacy policy doesn\u2019t go into much more detail than this regarding server logs. <\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">Finally, DoubleClick uses <strong>Web beacons<\/strong>, which they describe as \u201csmall strings of code that are placed in a Web page.\u201d (1) I decided to do a little more research, and I found out that Web beacons are also known as \u201cWeb bugs\u201d and are used to track users\u2019 behavior on third-party sites. A Web bug is an image, usually transparent, that is displayed on a web site but resides on another site\u2019s server. When a Web bug loads, the server where the image resides can log information about who views the bug, and therefore who views the third-party website. This information includes what one would expect to find in server logs, such as the user\u2019s IP address, browser type, time of visit, and the URLs of the third-party site and the bug image. (4) So, for example, DoubleClick may place Web bugs on sites that it serves ads on. This would enable them to track how popular each site is, as well as (through IP addresses or cookies) which sites each individual views so that it can customize future ads to the individual based on his or her browsing history. <\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">Towards the end of its privacy policy, DoubleClick states that it may share information with third parties if it has a contract with them to \u201cprovide some part of the information or service that you have requested.\u201d (1) It also reminds users that personal information\u201d may be subject to disclosure pursuant to judicial or other government subpoenas, warrants or orders.\u201d (1) <span>\u00a0<\/span>Finally, DoubleClick says that it takes \u201creasonable security measures in order to protect both personal and non-personal information from loss, misuse and unauthorized access, disclosure, alteration or destruction.\u201d (1)<\/font><\/p>\n<p><u><font face=\"Times New Roman\">Sources:<\/font><\/u><u><span><font face=\"Times New Roman\">\u00a0<\/font><\/span><\/u><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">1. \u201cPrivacy Policy for Information Use at This Website.\u201d <u>DoubleClick.com<\/u>. 28 Aug. 2006. 23 Dec. 2007. &lt;<\/font><a href=\"http:\/\/www.doubleclick.com\/privacy\/index.aspx\"><font color=\"#800080\" face=\"Times New Roman\">http:\/\/www.doubleclick.com\/privacy\/index.aspx<\/font><\/a><font face=\"Times New Roman\">&gt;.<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">2. \u201cFAQ.\u201d <u>DoubleClick.com<\/u>. 23 Dec. 2007 &lt;<\/font><a href=\"http:\/\/www.doubleclick.com\/privacy\/faq.aspx\"><font color=\"#800080\" face=\"Times New Roman\">http:\/\/www.doubleclick.com\/privacy\/faq.aspx<\/font><\/a><font face=\"Times New Roman\">&gt;.<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">3. \u201cDART Ad-serving and Search Cookie Opt-Out.\u201d <u>DoubleClick.com<\/u>. 23 Dec. 2007 &lt;<\/font><a href=\"http:\/\/www.doubleclick.com\/privacy\/dart_adserving.aspx\"><font color=\"#800080\" face=\"Times New Roman\">http:\/\/www.doubleclick.com\/privacy\/dart_adserving.aspx<\/font><\/a><font face=\"Times New Roman\">&gt;.<\/font><\/p>\n<p class=\"MsoNormal\"><font face=\"Times New Roman\">4. Smith, Richard M. \u201cThe Web Bug FAQ.\u201d <u>EFF.org<\/u>. 11 Nov. 1999. 23 Dec. 2007 &lt;<\/font><a href=\"http:\/\/w2.eff.org\/Privacy\/Marketing\/web_bug.html\"><font color=\"#800080\" face=\"Times New Roman\">http:\/\/w2.eff.org\/Privacy\/Marketing\/web_bug.html<\/font><\/a><font face=\"Times New Roman\">&gt;.<\/font><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DoubleClick seems to be even less forthcoming about privacy than Google. I checked out their privacy policy, and here is a summary of what it says: The only personal information DoubleClick collects is voluntarily provided by people and includes contact information from people who contacted DoubleClick and e-mail addresses of people who signed up for [&hellip;]<\/p>\n","protected":false},"author":1650,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-12","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/posts\/12","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/users\/1650"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/comments?post=12"}],"version-history":[{"count":0,"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/posts\/12\/revisions"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/media?parent=12"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/categories?post=12"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/mbabin\/wp-json\/wp\/v2\/tags?post=12"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}