No announcement yet.

WhenU privacy report - Part 2

  • Filter
  • Time
  • Show
Clear All
new posts

  • WhenU privacy report - Part 2

    CPG concluded that WhenU has a clear record of consistency in its public commitment to
    privacy and has modified its privacy statement only to clarify and enhance that commitment.

    From the same April 2002 report from Evolution Softworks, we evaluated the way (at that
    time) the SaveNow client application worked in order to test Avi Naiders explanation of the
    application with the reports analysis. We found the expected consistency.
    Next, we engaged an independent technical laboratory, ProStructure Consulting, of Portland
    Oregon, to verify that the behavior of the SaveNow application is consistent between the April 02
    report and today. Specifically, the lab investigated WhenUs client software for collection, correlation,
    and transmission of personally identifiable information, or PII. Their report concludes that the
    SaveNow software consistently supports the privacy protection claims. This conclusion came with a
    thorough set of observations of the installation, use, and removal of the software.

    The SaveNow software automatically pulls a database of triggering web sites and searches
    and the code for the matching ad that should be displayed. Only when a matching website is hit or
    the ensuing ad clicked will the Software notify the WhenU servers. In that case it does not send the
    entire URL, only the pattern ID that was matched. A randomly generated ID string is created for
    each new client which could be used to correlate the ID string to the ads viewed, however this could
    not be mapped to an actual person and could not modify the type of ads the user received because
    of the way the software works.
    We are careful to note that there are instances when a users computer will send a truncated
    URL back to the WhenU servers. For example, WhenUs technology incorporates keyword
    algorithms (e.g. the word cruise twice in proximity to the word discount) that analyze web page
    content to trigger select advertisements. The client-based algorithm is programmed to send a
    truncated URL in such cases to allow the algorithm to be checked for validity and completeness and
    eliminate false positives. WhenU previously encountered criticism for these types of
    communications in the face of their statement about not sending clickstream data.
    In the interest of transparency, WhenU updated their privacy statements to incorporate these
    specific communications. They emphasized publicly that these truncated URLs involve minimal data
    and are stripped of any unique identifiers. The intention is to evaluate and improve the accuracy of
    the client-side application, not to track user behavior.
    In assessing WhenUs technology and the manner these communications are used, we
    determined that they are consistent with the company position that they do not violate user privacy,
    cannot be used to assemble unique user profiles and do not constitute transmission of clickstream

    Once the software sees that there is a valid connection to the Internet, it fetches an updated
    Offers database from the WhenU servers. The Offers database contains a list of web site locations
    and search strings, each matched with a unique Pattern ID number. After this, the location code is
    determined when the software contacts the WhenU server and provides its IP address and from this
    the Country, State and Region codes are set. This information is populated into the Registry and
    local databases. One additional file is grabbed, called save.htm, which contains all of the JavaScript
    logic that is used for displaying pop-ups. After this initial data is fetched, the client goes into a
    pattern of regularly fetching database updates from the WhenU servers.
    SaveNow then begins to focus on displaying pop-up ads and handling clicks on those ads.
    To accomplish this, the process called Save.exe utilizes Internet Explorer as an embedded
    application, making all file access to cookies and IE specific files appear to be coming from Save.exe.
    SaveNow does store some data of its own at this point in the registry, including ads that have been
    displayed and those which have been clicked on.

    A distinguishing characteristic of principled downloadable applications is the ability to easily
    uninstall the application. The SaveNow software qualifies as easy-to-remove, though it will not
    uninstall without an Internet connection. The Internet connection is required to allow the program to
    send an uninstall notification message to the WhenU servers. At that point, all of the Registry data
    and files in the program installation directory are wiped clean. The Internet explorer cache and
    cookies remain untouched.
    We questioned the requirement for an Internet connection at uninstall. That requirement is
    something of a dilemma for WhenU. One the one hand, it may be inconvenient for consumers, and
    in some cases may prevent a timely uninstall. On the other hand, the information gained promotes
    accuracy in the number of active users and so supports WhenUs commitment to transparency. In
    the end, we are not recommending changing this practice.

    CPG concluded that WhenUs client software architecture accurately and consistently
    supports its public commitment to privacy protections.

    Our report concludes that WhenU says what its software does and the software accurately
    executes against those statements; there is no collection or transmission of personal information,
    user profile, or other data that is privacy threatening.
    In a world of anxiety about technology being used to invade individual privacy, intrude on
    user control over their personal computers, and data collection and profiling of Web behaviors,
    WhenU has distinguished itself as a principled player dedicated to transparency and user control of
    personal information. We were happily surprised by the strength of commitment and consistency of
    implementation we observed in their statements and technical architecture.
    We believe the way the WhenU software application resides on a user machine is clever,
    innovative and protective of consumer privacy. It makes regular (as often as daily) calls out to
    WhenU servers in order to report state and use as well as to request updates based on use. The
    servers respond with updated directory information that is the same for all users. Although an
    individuals Web-browsing activity may affect which ads get chosen from those available in the
    database, all users share the same database content. And in all of this activity, no personal
    information is exchanged, no user profile data is compiled and no individual user is identified.
    SaveNow is a very powerful tool that was obviously designed with growth, expandability and
    upgradeability in mind. This well thought-out software is complemented by an intelligent privacy
    policy with which it carefully complies, as this analysis has found.