Moving Target
My partner Morley and I have recently been thinking about taking a trip to Chicago.
One Saturday afternoon as we started making plans, Morley got on the Internet and surfed over to www.lyricopera.org to see what the Lyric Opera of Chicago might be planning for next season. The upcoming productions included a rarely performed Verdi opera about Attila the Hun, a new operatic version of The Great Gatsby, as well as a brace of the usual Toscas and Rigolettos. After a few minutes of nosing about the site, he turned off our computer and the two of us went to the backyard to do some gardening.
An hour later, the phone rang and Morley went to answer it. After a few moments, he came back out onto the deck with a puzzled expression. "The strangest thing just happened," he said. "That was the Chicago Lyric Opera. They asked for me by name and said that they saw I had been to their Web site."
"Are you serious?"
"Yeah, he said his name was Bob and he told me about some special offers for out-of-towners. I said I'd call him back."
"You must have filled out a registration form or something while you were online," I said.
Morley shook his head. "No, I didn't. I just looked at their schedule, checked some ticket prices and left. So how did this guy know I had just been to his Web site? And how did he know my name and phone number?"
Very good questions indeed.
Over the past few months I had noticed numerous provocative reports about the death of Internet privacy reports I had simply chalked up to a media penchant for hyperbole and sensationalism. But until this call from Bob at the Lyric Opera of Chicago, I had never had any personal cause for concern. Now I was scared. If the Lyric Opera could so easily monitor our Internet activity for its telemarketing efforts, then other organizations -- ones with deeper pockets, greater technical sophistication and, perhaps, more sinister motives -- could do the same. What do they know about me?
Setting myself on a quest nearly as epic as Parsifal's search for the Holy Grail, I vowed to discover what personal information of ours might be leaking into cyberspace. I also wanted to find out about the technical wizardry that could explain how a guy named Bob at the Lyric Opera could possibly pick up a phone and call us after we merely glanced at his Web site.
***
My search started when a friend suggested I get in touch with California-based software developer and Web publisher Steve Gibson, who is a strident critic of the "Little Brothers" -- marketing companies who surreptitiously monitor Internet users to create detailed consumer profiles. He wasn't at all surprised when I told him my tale. "George Orwell missed the date by 16 years, but he sure got the concept right," said Gibson.
I asked him how it was possible for an organization to call me on the telephone after a peek at its website. Without the slightest hesitation, Gibson said it was something anyone with an online presence could do by employing the services of a company like DoubleClick Inc., an advertising agency that makes use of a simple piece of Web technology called cookies.
To understand what a cookie is and how it works, Gibson told me it's helpful to realize that a fundamental principle of the Internet is that it is "stateless." This means that every file request on the Internet stands on its own. In other words, you ask for a file by using its universal resource locator, or URL (for instance, www.nationalpostbusiness.com); the server sends the file; the connection between your two computers is broken. End of story.
"The file you just accessed, however, can itself contain many more URLs," said Gibson. "Once your browser reads the first file, it then launches more requests to get all the various pieces that will continue fleshing out the Web page -- things like logos, pictures, sounds and little animated things jumping around." Since the connection is stateless, he added, "the server doesn't need to remember what happened with the previous request to service a new one."
Operating in a stateless environment is a lot like being married to an amnesiac: namely, it's difficult to have a meaningful relationship with someone who can't recall anything about you. In such a marriage, life might be easier if a husband with amnesia could hang a sign around his spouse's neck that said: "I am your wife. We've been married for seven years. My favourite colour is blue and I just spoke to you five minutes ago about our rose bushes." That way she wouldn't have to introduce herself and get reacquainted every time she walks into a room.
And so it is with the Internet. Without the ability to keep some sort of history of a user's past actions or preferences, it is difficult for websites to offer users a convenient way to shop online or receive personalized content such as local team scores or weather. Beginning in 1996 with Navigator 2.0, Netscape tackled this problem by inventing "cookies," small text files that Web servers can deposit on your hard drive. Just like that sign on the amnesiac's wife, cookies help a server "remember" who you are. (Microsoft's Internet Explorer became cookie-capable shortly thereafter, with IE 3.0.)
"It's a bit of technology that had a really good purpose in the beginning," said Gibson. "People were still anonymous because the server could only see that a serial number was marching around its website. Now anonymity began to break down when someone realized that if you have a Web page and it asks for an advertisement that comes from a third server, that third server can also drop a cookie. And this is what Netscape never intended."
To ensure privacy, cookies were designed so that it is impossible for a site to read a cookie it did not generate itself. Therefore, Joe's Web site can't tell if you've been to Sam's Web site. But if Debbie pays a fee to both Joe and Sam to let her advertise on their Web pages, Debbie -- a third party with whom you have no relationship -- now has the ability to know about every visit you make to either Joe or Sam. And the more sites she advertises on, the more places she can track you.
Internet advertisers such as DoubleClick, Engage, 24/7 Media, MatchLogic, AdForce, NetGravity and AdKnowledge have this tracking capability because they take advantage of a piece of the Internet URL request called "http referrer." When a Web browser requests all the different parts and pieces that make a Web page look nice, the http referrer code basically says "oh and by the way, this is the page that I am requesting this for." The information that is passed to a company like DoubleClick in the http referrer field is the thing that helps them keep track of where you are and what you're looking at.
"But there's a bigger problem," said Gibson. "If you fill out a form on the Web, say to join a newsletter or something, the information you filled into these blanks is tagged on the end of the URL that requests the next page. It's called a URL tail. That information - which might include your first name, last name, phone number or anything else - is also sent to the third party advertiser. And it's this aggregation of personal information in a piecemeal fashion, a little bit at a time over several years, that allows companies like DoubleClick to build up a stunningly comprehensive profile on you. Suddenly, all your anonymity is gone."
***
I returned to the Lyric Opera site looking for traces of DoubleClick and its ilk, but found that its Web pages were totally devoid of any sort of third-party advertising. Perplexed, I sought the advice of Jason Catlett, president of Junkbusters Corp. Catlett is a computer scientist with a Ph.D. in data mining and one of North America's leading experts on technology, marketing and privacy. I asked him if the Lyric Opera could possibly be employing an even stealthier technology.
"Oh, yes. Certainly," said Catlett. "Anyone who surfs around widely on the Internet will have been picked up by Web bugs. There are hundreds of thousands, if not millions, on the Web now and their number is increasing enormously."
Web bugs? Catlett told me that these are invisible surveillance devices used by government and big business to monitor the Internet. "Web bugs can be used to track your movements on pages that contain every kind of information, including health, medical and sexual topics," he said. "It's frightening."
The controversy surrounding Web bugs centers on the fact that they are virtually undetectable by the average person. Savvy Web users know that whenever they see a banner ad on their screen they are being tracked by an advertiser, but Web bugs effectively conceal any trace of monitoring.
But what exactly is a Web bug? Despite its insidious moniker, a Web bug is simply a 1-pixel GIF - a graphic image so tiny that it's essentially the smallest dot possible on your computer screen. The Internet advertising community prefers to call them more palatable names like "l-by-l GIFs" and "invisible GIFs," but whatever the name, Web bugs behave the same as any other piece of third-party Internet advertisement. Every time you visit a site with a Web bug, the tiny GIF acts just like a regular banner ad. Even though you usually can't see it, that one pixel can "talk" to a cookie on your computer and it can report back to home base.
Catlett is correct that Web bugs are ubiquitous. You can find them on the websites of E-TRADE, Quicken, FedEx, American Express, Intel, Metamucil, Microsoft and thousands of others. Drug companies such as Glaxo Wellcome Inc. and Pfizer Inc. use them, as well as KwicMed, Inc., a major online dispenser of Viagara. A visit to the Web Bug Search Page helped me locate 81,494 Web bugs from DoubleClick, 51,254 from Extreme Tracking, 4,439 from PointClick. And these were only three of the companies that place Web bugs. There are at least 20 more.
Yet even though they seem to be crawling everywhere, in most cases, Web bugs are nothing to be afraid of. More often than not, they are simply employed as a tool to determine how visitors use a particular site. Advertising agencies use 1-by-l GIFs to help their clients better understand the effectiveness of advertising campaigns. By employing Web bugs in conjunction with normal banner ads, they have the ability to tell their clients not only how many customers clicked on a particular advertisement, but also how many requested further information and precisely how many times a particular ad resulted in a sale.
Agencies say they make these tracking GIFs invisible not to conceal any sort of covert monitoring program, but just to avoid bothering the user. Privacy advocates, however, say that users would rather be bothered. In the U.S., Web bugs are currently the subject of several lawsuits and a privacy initiative by the government. For example, in June, the Clinton administration had to order its drug policy office to stop using DoubleClick Web bugs on its anti-drug site, Freevibe.com.
Recently, Canada leapfrogged ahead of the U.S. in terms of online privacy. Last spring, Human Resources minister Jane Stewart let it slip that five government departments were compiling a massive Big Brother-like database of Canadian taxpayers. Predictably, citizens across the country reacted with outrage. After 68,000 people demanded to see their personal files, Ottawa passed Bill C-6, the Personal Information Protection and Electronic Documents Act. Starting January 1, 2001, no organization will be able to collect, use or pass on any personal information about you without first obtaining your express consent. At first the law will only apply to federally regulated organizations such as banks and telephone companies, but by 2002 the health industry will have to comply and by 2004 all businesses that collect and share personal information will have to follow suit.
Fortified with my wealth of new knowledge, I called the Lyric Opera and asked to speak to Bob. He wasn't in, so I explained the situation to his supervisor and asked him how the opera would know that my partner was looking at its Web site. "I don't retrieve information from the Internet myself," he said, "but as far as I know, we get our Internet information requests from people who visit the site and leave their names and personal information. Did he give us his name and phone number?"
"No, he just went to your site, looked at it, and left. An hour later our phone rang and Bob says he saw that Morley had stopped by the site. Does the Lyric Opera employ the use of cookies or Web bugs?" I asked.
The supervisor had no idea. He suggested that I contact Judy in marketing and relations. He gave me her number. I called but she wasn't in. I left a message.
***
One of Steve Gibson's biggest battles lately has been over a class of surveillance software he has christened "spyware," which has nothing to do with cookies or Web bugs. It's real software that gets installed on your system -- largely without your consent or knowledge -- to operate secretly in the background and report on you whenever you browse the Internet. Some of the most common examples of spyware include the advertising, monitoring and profiling software from Aureate/Radiate, Conducent and TSAdbot.
Companies like Aureate (recently renamed Radiate) pay software developers to allow their spyware to be installed at the same time as the developer's own products -- sort of like a Greek in a Trojan Horse. Once this spyware is on your system, it can communicate with its home office and supply information useful for targeted advertising. And you rarely know it's there. Spyware deliberately hides in your computer and tries to go undetected. For example, Aureate avoids slipping messages out of your computer if there is no mouse or keyboard activity. It takes this precaution so that users won't notice their modem lights flashing and wonder what in hell is going on.
Usually spyware comes as a part of "freeware," free software programs downloaded from the net. For instance, there are about 300 applications in all that install the Aureate tracker, including Go!Zilla, CuteFTP GetRight, and BuddyPhone. But commercial software can also harbour these spies. This spring, beta testers for Sierra's real-time strategy game Ground Control became upset when they learned that Sierra piggybacked Aureate along with the software they were testing. Assuming the worst, users inflamed chat room discussions with accusations that Aureate was transmitting information such as e-mail addresses, passwords and hard drive contents.
Steve Gibson calmed most of Ground Control users' fears by assuring them that he found no evidence to suggest Aureate had the ability to inventory the contents of a user's system, nor was it able to transmit personal or private data. "However," he told them, "this is not to say that I think the Aureate system is either benign or desirable. I continue to feel that it is neither." Gibson despises spyware because he feels companies like Aureate profit from valuable information that has essentially been stolen from unsuspecting users. In fact, he has such an intense antipathy for spyware that he wrote a special program to detect and remove it. Gibson's software is called OptOut and he gives it away for free at http://grc.com.
"OptOut was originally meant to attack companies like Aureate/Radiate, Conducent, GoHip and so forth," he said. "What happened though, just in the last four months of my really raising the level of attention and all the press that was generated, every one of these companies has cleaned up its act dramatically. They now all offer removers for their own technology and it is really no longer necessary for there to be a third-party solution to this."
Gibson suggested that one of the best things I could do to protect myself from unwanted surveillance is to install an outbound blocking firewall on my PC. In the digital world, a firewall is a program that protects your computer from hackers and other malicious intruders. Traditionally, firewalls have concentrated on keeping outsiders from getting in, but recently the paradigm has shifted. "Security is dealing with external intrusion," said Gibson. "Privacy is dealing with internal extrusion.
He recommended I download ZoneAlarm 2.1, a free personal firewall from ZoneLabs. The price was right, but Gibson was making me so paranoid, I made sure to check reviews in several computer magazines to convince myself that it was a safe and dependable product. (For the record, PC Magazine called it "an innovative program with powerful features," and Computer Shopper assured me it compared quite well with the commercial products in both effectiveness and features.)
As a firewall, ZoneAlarm stands metaphorically as the bouncer at your computer's front door, interrogating and frisking everyone who tries to get in or out. It also installs an ominous red and green blinking icon in the lower right-hand of your screen that flashes whenever Internet activity is detected.
My lights were flashing constantly -- even when I wasn't using the Internet. Since I have a cable modem, I'm essentially always online. Every time ZoneAlarm caught a program on my computer sneaking messages onto the Internet, a sort of cartoon dialogue balloon would pop up and identify the culprit and ask for my permission to let it pass. To my great surprise, my chequebook program, Quicken, and a game called The Sims were constantly trying to access the Internet while I was using other applications. The program that ZoneAlarm caught the most, however, was RealJukebox, a free music player from RealNetworks. So it got me wondering: if I wasn't using Quicken, The Sims or RealJukebox, why were they trying to phone home?
I phoned cybersleuth Richard M. Smith, the chief technology officer for the Privacy Foundation, a Denver-based non-profit organization for research and education on privacy issues. I sought him out because Smith is one of the folks who publicly accused RealNetworks of a gross invasion of his privacy. In October 1999, Smith discovered that RealJukebox was sending information to RealNetworks about the music CDs he was listening to, along with a unique player ID number that personally identified him. By using a software program called a "packet sniffer" that kept a careful log of the stream of data flowing out of his computer, Smith documented that, on a daily basis, RealJukebox was sending information back to headquarters about how he was using the product, how many songs he had recorded on his hard drive, the type of portable MP3 player he owned and his music preferences.
"It was just way too talkative," said Smith.
RealNetworks' RealDownload, along with its subsidiary NetZip's Download Demon and Netscape's SmartDownload, also gave Smith, Gibson and other privacy experts real headaches this past year. All these programs are free utilities that are supposed to make downloading files from the Internet easier. They also come with privacy statements that claim they will not send or receive personal information about you. Just as Richard Smith did with RealJukebox, Steve Gibson stuck a packet sniffer on his computer to test these three download programs and found a few surprises.
"EVERY TIME you use one of these utilities to download ANY FILE from ANYWHERE on the Internet," Gibson wrote in his hypercapitalized style to his coterie of loyal users, "the complete URL address of the file, along with a UNIQUE ID TAG that has been assigned to YOUR machine, and -- in the case of Netscape's SmartDownload only -- YOUR computer's individual Internet IP address, is immediately transmitted to the program's publisher. This allows a database of your entire, personal, file download history to be assembled and uniquely associated with your individual computer ... for whatever purpose the program's publishers may have today, or tomorrow."
On November 1, 1999, The New York Times printed a story about RealNetworks' alleged privacy leaks, creating such a public embarrassment for the company that it amended its privacy policy that very day. The new privacy statement, however, did not stop Steve Gibson from his continued criticism of RealNetworks and its monitoring practices. "You read these privacy statements and it's like, 'Oh this is anonymous! We're not collecting personally identifiable information!'" said Gibson. "Bullshit. They're watching you. This is big business. This is money."
Not amused by this kind of talk, on July 17 RealNetworks' lawyers sent Gibson a threatening letter demanding that he immediately publish a retraction to his 'false and inflammatory statements [that] make it difficult for consumers to make educated and informed choices about products.... RealNetworks does not track any individual's use of RealDownload, does not create profiles of RealDownload customers and does not transmit any unique ID when a customer downloads files using RealDownload."
In the face of RealNetworks' insistence that he was absolutely wrong, Gibson re-examined his findings and caught something that he had missed before: namely, that his exact personal name and private e-mail address were being sent back to RealNetworks whenever he downloaded a file. "When I confronted RealNetworks with this," said Gibson, "they explained that it was due to the fact that I had purchased a product from them in the past, and the cookie my system had received during the purchase was being returned to them. That certainly makes file downloads seem far less anonymous than RealNetworks continues to allege."
***
Judy in marketing and relations at the Lyric Opera of Chicago called me back. She was extremely cordial and willing to help, but after talking to Gibson, Catlett and Smith, my paranoia levels had started to max out. "So how do you do it?" I asked her with a tinge of hysteria in my voice. "Do you drop cookies on my hard drive? Do you have an arrangement with DoubleClick? Where do you stick your Web bugs? How do you know what I'm doing on my computer?"
Judy paused and said, "I ... I don't know. I'm the wrong person to ask. You could check with a gentleman named Paul in our ticket department. He's on vacation now until next week, but I'll give you his number."
***
I was starting to realize that perhaps the bigger question here is not so much how companies are able to monitor us all on the Internet, but why they would want to do it in the first place. In gumshoe terms, they had the means and the opportunity, but what's the motive?
"Most of the time the Orwellian picture of Big Brother isn't a good match because it's not the state that's tracking you, it's a business," said David Jones, president of Electronic Frontier Canada. "Although people might find it intrusive, the companies that are tracking you are not doing it to be evil. They're driven by the profit motive. They're doing it to sell you a product or they're trying to target an audience."
To get a better understanding of the profit motive behind all this data mining and customer profiling, I decided to learn more about DoubleClick, which dominates the online advertising market. In size alone, DoubleClick truly is a monster. At last count, the company had 1,981 employees in 23 countries and 5,461 advertisers. Currently, DoubleClick serves about two billion ads a day on the Internet -- a number that is growing by approximately 50% every quarter.
DoubleClick reported US$238 million of revenue in the first half of the year 2000 and had a market cap of US$5 billion as of early September. I contacted Wendy Muller, managing director of DoubleClick Canada, and asked her where all that money was coming from. "We make money two ways," she said. "Number one, we do it the same way you guys at the National Post do, which is you sell ad space on your Web sites on a cost per thousand basis. The impressions of Web users you sell to advertisers are deeply targeted because you use a piece of software called DART. And we do the same thing. The second way we make money is if people want to licence the DART software, they pay us a licensing fee and a user fee and we deliver the ads for them.
DART, which stands for Dynamic Advertising Reporting and Targeting, is the software developed by DoubleClick that delivers somewhere between 60% to 70% of all online ads in Canada. It rapidly matches advertiser-selected target profiles with individuals. Muller took pains to point out that since my own publication licenses DART from DoubleClick, I was in no position to throw stones.
DART figures out how to deliver all those targeted advertisements by maintaining a massive list of IP addresses. Every time you log onto the Internet, your Internet service provider (ISP) tags you with a new Internet protocol address. This is a unique string of numbers that identifies your computer in cyberspace. Your ISP owns a block of these addresses, and grants you one when you come online. It's like going to the theatre. You are given a specific seat number. If a stranger approached you and asked to see your ticket, he wouldn't know your name or your income or your credit card number, but he would know where you were and what time you were there. And as far as targeted advertising is concerned, that's sometimes enough.
Through DART, DoubleClick has logged the physical location of millions of IP addresses. "There are probably eight or nine thousand networks that we've mapped since the beginning of the company," said Muller. "It's not very often that when somebody comes online that we cannot identify where their dialup is. In some cases we will know the particular company they are coming from and we've individually mapped all the universities, so we'll know if you're coming in from the University of Western Ontario and not the University of Toronto."
DoubleClick can make a lot of assumptions about you simply from your IP address. If it's 2:30 in the afternoon and you're logging on from the University of Toronto, there's a good chance that you're a Canadian between 18 to 25 years old, but that's about it. What DoubleClick can do to learn more about a user is drop a cookie on that particular computer and track the user's activity.
Muller said, "Where it started to get confusing for everybody was they went, 'Well, you put a cookie on top of my IP address, so you must know that I'm Wendy Muller.' Well we don't because you're going to have a different cookie and a different IP address when you're at work versus home, right? So I don't know your email address. I don't know whether you're a boy or a girl. I have no idea what your household income is. I certainly don't know your credit card number. The reason DART was set up was to control the frequency of ads so that we wouldn't keep bombarding people with the same ad again and again and again."
But as I found out earlier, cookies absolutely give DoubleClick the ability to collect a staggering amount of personal information about you. In fact, DoubleClick says in its privacy statement that if you responded to an ad and voluntarily provided personal information (by filling out a survey or purchase form, for example), DoubleClick says it can collect that information "on behalf of the advertiser." Also, if at any time you have specifically agreed to receive personally tailored ads, DoubleClick will make use of whatever personal information it has on you.
"So Wendy," I said. "Does that mean you're keeping a dossier on me?"
"No, we don't," said Muller. "At this point, personally identifiable information is only good if people want that collected about them and they want to be marketed to. But eventually, people will want it. When we go down the road towards wireless, for example, they're going to say 'I want you at all times to know where I am.'"
Earlier this year, DoubleClick was pummelled in the media for pushing the world prematurely in this direction. The company had revealed its plan to track consumers' movements online and to attach that data to people's real names and addresses. The outcry was swift and hysterical and DoubleClick seemingly backed down. In June, however, DoubleClick purchased Abacus Direct Corp., a direct marketer that keeps a database of the names, addresses and spending habits of 90% of American households. USA TODAY claims that, in fact, DoubleClick now tracks Web users by name and address as they move from one Web site to the next -- a claim which DoubleClick denies.
"It's a complicated issue," said Muller. "Sometimes a little bit of knowledge becomes a scary thing and people jump to the wrong conclusions. All were looking at is the effectiveness of our ads. Our clients want to know whether thcy're working. People need to take the time to understand this. The reality is, we wouldn't be the leaders in the world without being able to show people exactly what were doing. It's not voodoo and it's not anything to be scared about."
***
Earlier, Richard Smith from the Privacy Foundation reluctantly
conceded to me that companies like DoubleClick are probably not
compiling the comprehensive dossiers that people like Steve Gibson
and Jason Catlert claim. "In reality, they're probably only getting
snippets of what you do," he said, then quickly added, "But I still
would be concerned about it."
Electronic Frontier Canada's David Jones said, "I think it is certainly wrong to think of this as a sort of mass conspiracy or Big Brother tracking your every move. That is unrealistic. I think with these companies, it's worthwhile to understand they don't really care at all about your personal life. They deal in probabilities: are you more likely or less likely to buy something? They don't actually care about you as an individual."
The thing Jones finds the most frustrating about the whole loss- of-privacy issue is not the actions of the folks doing the snooping, but the actions of ordinary people who squander their right to privacy. Instead of safeguarding who gets hold of their personal information, a great many folks give out their name, address, phone number and e-mail address to any sweepstakes, battery club or air miles scheme that comes along.
Jones calls this the Privacy Paradox. In poll after poll, the majority of Canadians say that the thing they worry about most with information technology is the erosion of their privacy, and yet at least 60% of Canadian households have an Air Miles card -- a blatant marketing profile tool that studies show only gives users the equivalent of a one percent discount on purchases. "They talk about Big Brother," said Jones. "But when push comes to shove, people sell their personal information for next to nothing."
And even though Forrester Research reports that it's safer to use a credit card on the Internet than give it to a waiter in a restaurant, people routinely think twice before charging a purchase online, but never hesitate to divulge all sorts of private information simply because a form on a Web page requests it. I've done it a hundred times. You've done it, too. Admit it.
"So to coin a phrase," said Jones, "the public gets the privacy that it deserves. If you're happy to have an Air Miles card and you're happy to fill out a form at Radio Shack every time you buy batteries, well fine. You're an adult. You made your choice. You can also complain about your loss of privacy, but I won't have a lot of sympathy for you."
Although I was becoming calmer, I was still concerned about what secrets my computer might be giving away. After all, ZoneAlarm was still flashing like crazy.
I called up Toronto-based journalist and computer buff Craig Saila to ask if he would come over and look at my computer and root out any gremlins I might be harbouring on my hard drive. Saila, who is also an advisory board member of the New Media Institute, an organization which offers programs in electronic commerce, readily agreed to help me, and the following Sunday afternoon, rode over to my house on his bike. He wore hospital scrubs and had his hair in a ponytail.
"You've got a firewall, which is really good," he said after taking my mouse for a test drive. "But your browser is probably your biggest problem. It doesn't matter which version it is, whether it's Internet Explorer or Netscape, there's a lot of holes in the browser itself." Keeping your browser up-to-date, he told me, is your best defence against people who exploit these weak spots.
Since I use Internet Explorer, Saila went to the Microsoft Windows Update page. Although I was using the latest version, I had not installed two critical security patches that had recendy been posted. One patch that I was missing would prevent someone from dropping a Java applet on my hard drive that could allow a hacker to read, write or delete files on my computer.
Saila assured me that my copies of Quicken and The Sims, so eager to get on the Internet, were more than likely not doing any more harm than checking for software updates. When I told him about my experience with the Lyric Opera of Chicago, he seemed equally skeptical that there had been any hanky-panky. "The only thing I can think of that happened is that maybe you went to the site before and registered your information in the past."
Hmm. I never thought about that. I told him about Steve Gibson's theory about the opera possibly using DoubleClick and Jason Catlett's theory about Web bugs, but Saila didn't think so. "If you registered at their site and they slapped a little cookie on you with random numbers and then you went hack to their site last week and they were able to identify that cookie with your name in their own personal database so they could then send off an e-mail to someone who picked up the phone and called you -- that seems way too labour intensive."
Still, how could it have been otherwise? There was no other explanation.
***
I went back to the Lyric Opera Web site one more time and had my browser "view/source" so I could inspect the HTML code of every single page. They were ridiculously simple: very basic HTML programming. No third-party server links, no cookie crumbs, no 1-pixel GIFs, no advertisements.
I phoned Paul, the Opera's director of ticketing services. He was back from vacation and was very concerned that I was concerned. Paul was familiar with the company's Web site and was quick to assure me that the Opera had no way of monitoring any of the site's visitors. "I would know if we had that capability," he said, "but we can't do anything that sophisticated. It's probably something we'd love to do."
He asked me if Morley had filled out the mailing list form on the site last week before he got the call. I assured him he had not. Then he asked me if we had ever received a brochure from the Lyric Opera. I vaguely remembered receiving one a long time ago.
"Well, that explains it," he said. With a few clicks of his keyboard, he located Morley on his database. "Do you guys live in Toronto? I'm just checking something here. Right. He was added on March 25, 1999. He was an Internet mailing list add. That's how he came on our site. We have a campaign going right now with telemarketers who have the ability to sell subscriptions over the phone. They would have extracted his name from our database based on the fact that he once had some Web activity. We're at the end of the campaign, so they would be dealing with out-of-town individuals."
I admitted that it was a possibility that Morley had given them all his information 18 months ago and just forgot about it. Apparently, it was a complete coincidence that minutes after he got off the computer, the telemarketer called and said the fateful. words: "I see you've been to our Web site."
"We're delighted that happened by the way," Paul added.
As for me, I had learned too much in the past week to be delighted. Though I was wrong about what the Lyric Opera was up to, I did discover that I was indeed being monitored -- and by a lot of organizations. But none of them were doing it in the sinister way I had imagined. I also realized something else: as far as privacy is concerned, Morley and I are our own worst enemies. Over the years, we've brainlessly given out so much private information, we can't even recall when, where or to whom we gave it. David Jones was right, we are getting the privacy we deserve.
I apologized to the Lyric Opera and in January we will be going to Chicago to hear Samuel Ramey sing the role of Attila the Hun. But while I'm away, I think I'll unplug my computer.