NYT: Romney and Obama Campaigns Leaking Web Site Visitor Data

http://bits.blogs.nytimes.com/2012/11/01/romney-and-obama-campaigns-leaking-web-site-visitor-data/

November 1, 2012

Romney and Obama Campaigns Leaking Web Site Visitor Data

By NATASHA SINGER

The presidential campaign sites BarackObama.com and MittRomney.com have recently ratcheted up their use of third-party Web trackers. These are companies, like ad networks and data brokers working on behalf of the campaigns, that collect information about users' online activities to show political ads to people tailored to their own interests and beliefs.

Spokesmen for each campaign have separately said that their own campaign had put safeguards in place to protect that user data, as Charles Duhigg and I reported in an article published in The New York Times on Oct. 28. [1]

But now a new study by Jonathan Mayer, a graduate student in computer science and law at Stanford University, reports that both sites are leaking information about site visitors to a number of third-party trackers operating on their pages.

Several pages on the Obama site included a user's personal information in the page title at the top of the page or in the URL address, Mr. Mayer said, thereby giving third parties operating on the site the opportunity to collect identifying data. The information flowing to third parties, he said, variously included the username; the proper name under which a person registered; and their street address and ZIP code.

On the Romney site, Mr. Mayer said, he found that a number of pages included the user's name in the page title. Many pages also included a unique numerical ID number in the URL, which flowed to third parties, he said.

"Are the campaigns identifying their supporters to third-party trackers? Are they directly undermining the anonymity properties that they are so quick to invoke?" Mr. Mayer wrote in a blog post published on Thursday morning. [2] "Yes, they are."

In an e-mail, Adam Fetcher, a spokesman for the Obama campaign, wrote that, regardless of the kinds of data that flows from the site to its third-party partners, the campaign does not allow those trackers to use the voter data collected on the site for any other clients or purposes.

"We do not provide any personal information to outside entities for their commercial use or for reasons other than what's related to the work they do with us," Mr. Fetcher wrote, "and we stipulate that third party partners not use data collected on the site for other purposes."

A spokesman for the Romney campaign did not return an e-mail request seeking comment.

Mr. Mayer tested the Obama and Romney sites by registering as a user and examining the page codes and layouts that resulted as he visited the sites.

In registering for the Obama site with his e-mail address, for example, Mr. Mayer found that the site by default assigned him a username that was the first part of his e-mail address. On certain pages on the site, he reported, that username appeared in the URL, thereby sharing part of his e-mail address with ten tracking companies operating on the page. Because many consumers tend to use the same e-mail address or username on many sites, leaking such data could allow third parties to link other public accounts on the Web to individual users, Mr. Mayer said.

Meanwhile, after Mr. Mayer found that the Romney site leaked his member ID number in the URL, he logged out and then immediately tried to access his own information on the site using that ID number -- a tactic a third party who collected that data could hypothetically use. When he used that ID number on the site without being logged in, the site showed a message that said "Access Denied." At the same time, he said, the very same "access denied" page leaked more information on that page: the name under which he had registered.

I registered on both campaign sites on Wednesday night and had a similar experience.

The Obama site automatically assigned me a user name --nsinger -- taken from my e-mail address that was visible in the URL on various pages. Using a tracker identification program called Ghostery, I found four different trackers that could collect that information.

On the Romney site, certain pages leaked the ID number I had been assigned in the URL. Other pages, I noted, leaked my ZIP code or state in the URL.

Advertising industry executives have long argued that third-party tracking is beneficial to online consumers because it helps brands show relevant digital ads. They also argue the data collection about online consumers is "anonymous" because the third parties do not collect identifying information like people's names and home addresses.

But Mr. Mayer said his study, and previous research by other computer experts, indicated that many sites leak users' personal information to third parties -- challenging the claims about "anonymous" data.

"I think that for both campaigns this leakage is likely totally inadvertent," Mr. Mayer said in a phone interview. "But claiming this tracking data is anonymous just ignores the reality."

He also took a reporter to task for failing to sufficiently investigate the campaigns' claims about their data protection practices.

"The Gray Lady also deserves a light rap on the knuckles for insufficiently scrutinizing the campaigns' anonymity assertions," Mr. Mayer wrote.

Point taken.

[1] http://www.nytimes.com/2012/10/28/us/politics/tracking-clicks-online-to-try-to-sway-voters.html

[2] http://webpolicy.org/2012/11/01/presidential-identifying-information/