Privacy advocates decry

A study conducted by Cyveillance Inc., an Arlington, Va.-based Web site management firm, has found a sharp increase in the number of Internet sites that use “Web bugs” to collect visitor information, leading to potential privacy concerns.

The Cyveillance study, which compared a random sample of more than one million Web pages collected between 1998 and 2001, found that a Web page is nearly five times more likely to host a Web bug today than in 1998. (In 1998, 0.664 per cent of the sites studied contained Web bugs; in 2001, that figure rose to 3.906 per cent, according to the report.)

Moreover, the study found Web-bug use is especially prevalent among companies Cyveillance identified as “top brands,” perhaps signaling that the bugs have gained mainstream acceptance. In 1998, only 7.63 per cent of the top brand pages contained Web bugs, but in 2001, 64.42 per cent did.

A Web bug is a small file, typically a graphic object such as a GIF, that monitors user behavior without the user’s knowledge. Usually, Web bugs cannot be detected by users, because they match the colour of the page’s background and are very small. Web bugs can collect information such as the IP (Internet Protocol) address of the user’s computer, the time the page was viewed, and previously set cookie values.

Although the bugs are mostly used to customize and streamline a given user’s experience, the fact that users are unaware of their presence also gives rise to privacy concerns, according to the study.

The report further claimed that a Web bug’s ability to collect cookie value information is the most distressing to users, because cookies contain data that can be used to conduct detailed personal and behavioral profiling.

“The results of this study emphasize what we’re seeing every day: companies want to earn and retain the trust of their customers, and an association with Web bugs has the potential to seriously undermine those efforts,” said Panos Anas-tassiadis, Cyveillance’s president and chief executive officer (CEO), in a statement.