IP: Deja News

[Dave Farber <farber () cis upenn edu>]

> Deja News to terminate email trail
> By Paul Festa
> Staff Writer, CNET News.com
> May 4, 1999, 5:30 p.m. PT
> Deja News has pledged to stop collecting information about users' email
> correspondence following complaints by a high-profile user.
>
> Deja News, which provides a Web interface and search capabilities for
> Internet newsgroups, acknowledged tracking the Internet Protocol (IP)
> addresses of users who click on outbound links within Deja News. In what it
> termed an "unintentional result," the company also was keeping IP address
> logs when Deja News readers sent messages via "mailto" links within Deja
> News.
>
> "For the last year, we have been collecting information about where our
> users click on our site by logging their IP addresses when they hit a link,"
> said Deja News chief executive Tom Phillips in an email message to the
> media. "We've used none of this information for any purpose other than to
> better understand aggregate usage patterns. However, we recognize the
> concern of our users over its potential misuse. Therefore, we are
> implementing a plan to discontinue the collection of this data."
>
> Deja News general counsel Richard Gorelick today clarified that while Deja
> News will discontinue logging IP addresses of those who click on email
> links, it is still looking into the matter of logging IP addresses of those
> who click on outbound site links.
>
> Deja News user, security maven, and Phar Lap Software president Richard
> Smith initially drew attention to the problem last week with a series of
> postings to the "comp.security.misc" newsgroup. At that time, Deja News
> insisted there was nothing improper about its logging activities.
>
>
>
>  Do you want to know more?
> Read related news
> View story in The Big Picture
> Go to Message Boards
> Search News.com
>
>
>
>
>
>
> Smith, whose newsgroup postings spurred the change in policy, said he did
> not suspect Deja News of any irresponsible or nefarious use of the
> information it was collecting, but that the mere collection of it could put
> users at a privacy risk for reasons beyond Deja News's control--for
> instance, if the logs were to be subpoenaed.
>
> "The danger for Web sites that either intentionally or unintentionally are
> tracking what people do on the Web is that they're going to be more and more
> likely to find themselves drawn into legal fights. We've been seeing that
> over last the last three or four months especially," Smith said, citing in
> particular a case in which the FBI found the culprit in a stock manipulation
> hoax by examining server logs at Yahoo and Angelfire.
>
> "Web sites are going to be asked for this information more and more," Smith
> predicted. "And the more they record, the more they could wind up being
> required to turn [that information] over."
>
> Deja News, for its part, appears to be more concerned about customer
> complaints than subpoenas.
>
> "We approached this more as a customer service issue," said Gorelick. "We
> care about our users and about their concerns. We did not look at this as a
> legal issue."
>
> The proposed logging change at Deja News comes as the site is working on a
> major overhaul, expected to be implemented in the next few weeks. Changes
> include a user ratings feature, e-commerce offerings, and a name change to
> "Deja.com."