Join 3,496 readers in helping fund MetaFilter (Hide)


November 26, 2001
8:49 AM   Subscribe

Unknowingly sending all your personal finance information through the servers of a sleazy ad service: Priceless. Do you pay your AMEX bill online at americanexpress.com? If you do, you should know that you're being ported through the ad.doubleclick.net advertising service. Mouse over the links on the AMEX homepage and see. All your information travels through doubleclick's servers on its way to AMEX. Nice, huh?
posted by jpoulos (13 comments total)

 
(And, yeah, I know that's Mastercard's tagline.)
posted by jpoulos at 8:50 AM on November 26, 2001


It just makes explicit that which they were going to do anyways. Normally, they would transfer this data behind the scenes. Doubleclick's infrastructure allows them to accomplish the same goal, but without having to hire someone to do it on their end.

I'm not terribly surprised. Credit card companies aren't renowned for having great big hearts and being corporate "nice guys".
posted by websavvy at 9:05 AM on November 26, 2001


Not necessarily so. They could just be using Doubleclick to compile aggregate traffic numbers (in other words, using Doubleclick as a fancy log-analysis tool). If you click on the link to manage your accounts, you'll see the links off *that* page don't go through Doubleclick.

We do the same thing with certain vendor-sponsored content at work. For better or worse, Doubleclick has become a de facto third-party ratings service that many advertisers trust to provide reliable impression and clickthrough numbers.
posted by agaffin at 9:33 AM on November 26, 2001


Websavvy: I'm sure AMEX (and amazon, etc.) are sharing all sorts of info about me with companies like doubleclick, but there's a difference between exchanging demographic info and allowing such vital information as my credit card numbers, bank info, etc to go through their servers. I trust(ed) AMEX to keep that info secure. I don't have the same faith in doubleclick.

agaffin: I only caught this because we've just started blocking all doubleclick traffic here at work, so the links don't work for me. That's a good point, though. My main concern is the privacy of my financial info, not my web activity.
posted by jpoulos at 9:50 AM on November 26, 2001


Not necessarily so. They could just be using Doubleclick to compile aggregate traffic numbers (in other words,

SNIP!

advertisers trust to provide reliable impression and clickthrough numbers.


Wouldn't WebTrends work just as well?
posted by PWA_BadBoy at 10:21 AM on November 26, 2001


For that matter, so would Analog, with a wee bit of tweaking. But who knows what goes through the minds of the people who run Really Big Web Sites with Really Large Budgets? Actually, if they are running a site with Web farms and servers all over the place (which you might expect from a global company like Amex), it might be easier, maybe even cheaper, to filter everything through Doubleclick than running numerous instances of a log-analysis tool.
posted by agaffin at 1:53 PM on November 26, 2001


This is a good opportunity to see how powerful Mefi is: an original, arguably scandalous discovery. Lets see who picks it up in the media, etc.
posted by ParisParamus at 1:58 PM on November 26, 2001


FWIW, our company did work for AMEX and we handled the least sensitive information possible. yet, AMEX insisted on considerable background checks and strict adherence to all issues of legality for anyone working on the project.

not that that should make you trust doubleclick or prevent you from abandoning the use of AMEX products and/or services.
posted by donkeysuck at 2:59 PM on November 26, 2001


All your information travels through doubleclick's servers on its way to AMEX.

Uh, hardly. Not "all your information". It's a link. The only information that doubleclick gets here is that I clicked on a link, and my IP address, and whatever else they've linked to that IP through cookies -- information which may be considerable in relation to (say) what Matt can figure out about us, but certainly doesn't include (say) account numbers or balances.
posted by dhartung at 6:05 PM on November 26, 2001


Exactly dhartung. Come on, this is an alarmist silly item, worded to be scary, and as someone pointed out, it isn't the account stuff.
posted by beefula at 6:36 PM on November 26, 2001


What are you trying to hide? The truth will set you free, there is no fear.
posted by hitsman at 10:43 PM on November 26, 2001


PWA_BadBoy: No, WebTrends is not accurate enough for some big corporate folks who want to track offline and cached traffic too.

I think this thread is completely misdirected. This is not a Big Brother issue, merely one method of accurately tracking the clickstream on a website. I suspect that particular technique has been used to avoid the culling of third party cookies by modern browsers.
posted by nico at 4:35 AM on November 27, 2001


AMEX insisted on considerable background checks and strict adherence to all issues of legality for anyone working on the project.

Similarily, my previous employers also dealt with AMEX, including data such as card numbers, and the firey hoops that we had to leap through to meet AMEX's specs were many. Many many many.

It is most definitely within the interests of credit companies to be extremely strick with card data. If a card (or number) is stolen, it's usually the credit card company that ends up eating the lost money. Okay, it's probably their insurers, but that in turn means higher insurance rates.

Corporations are indeed all about the bottom line, and they aren't going to let data that negatively impacts that bottom line be bandied about on a whim.
posted by cCranium at 8:17 AM on November 28, 2001


« Older Did Google go too far ...  |  The Age: The perils and joys o... Newer »


This thread has been archived and is closed to new comments