Websites ‘Leaking’ User Info To Other Firms

Many top websites share their visitors’ names, usernames or other personal information with their partners without alerting users and, in some cases, without knowing they’re doing it, according to a new study from Stanford University.

Many websites “leak” usernames to third-party advertising networks by including usernames in URLs that the ad networks can see in referrer headers, said the study, released Tuesday by Stanford Law School’s Center for Internet and Society. While there’s a debate in legal circles whether usernames are personal information, there’s a growing consensus among computer scientists that Web-based companies can use usernames to identify their owners, said Jonathan Mayer, a Stanford graduate student who led the study.

“The vast majority of usernames are unique,” he said. “Given the prevalence of social networking, often times, once you have a username for a social network, you then also have a person’s real name, possibly a photo, possibly more.”

Other websites share first names, email addresses and other information with advertising or other partners, Mayer said at a privacy conference in Washington. Those identifiers “get associated not just with what you’re doing right now, but get associated with what you’ve done in the past, and what Web browsing activity you may have in the future,” he said.

Source….

Does Linkedin Share User Data?

Linkedin has upset many of its 100 million users by opting them into a programme that reveals their personal details to advertisers without telling anyone about it.

Linkedin changed its privacy policy to allow it to display the names and pictures of users with ads. The system works by showing friends and colleagues who’ve followed a brand name, effectively making them an unwitting salesperson for that brand, since people are more likely to click such advertisements on the basis that it looks like someone they know is recommending them. In reality, the other person has no idea that their photo and name are being used to sell things.

It’s a clever approach to advertising, but an absolutely abyssmal approach to privacy, as Linkedin has decided to automatically opt-in all of its users without informing them of the change.

Users can opt out if they want, but the option is buried in the Settings page, a ploy similar to that used by Facebook to hide its privacy settings. The big problem here is that if users don’t know that their name and photo are being used in this way, then how can they opt out of it?

Linkedin could face legal trouble for this decision. Digital Trends reports it is likely that Linkedin broke Dutch privacy law, which requires user consent for employing user images with advertisements. It could also be brought up before the European Commission and the UK Information Commissioner’s Office (ICO).

Read More…