Don't let the web bugs bite

Now even seemingly innocuous personal home pages are tracking your every move on the Net
Click to follow
The Independent Online

If you have a personal web page with America Online or Geocities, which offer free setups, then you're unwittingly helping US corporations to track the movements of visitors to your pages.

How? By the insidious use of "web bugs", also known as "transparent GIFs". These are images that you literally cannot see because they are only 1 pixel in size, and colourless.

That might seem harmless, and a lot of corporations would like you to think that. Yet they clearly see some value in using them: a new report by Cyveillance, which tracks internet sites for corporate clients, has found that web bugs use has grown fivefold since 1998. Most remarkable was that their use on personal web pages stood at 18 per cent, compared with 4 per cent of all pages and 16 per cent of companies' home pages.

"The increase was so large on personal pages that we went back to check it, because we thought it must be a mistake," said Brian Murray, who wrote the report for Cyveillance. It was no mistake: the bugs are incorporated in the templates for the personal pages that those online services supply.

So what are web bugs? Why do they matter? When you look at a web page, the text and images it contains can come from all over the Web. A web bug is a 1x1 pixel image stored on the tracking company's site. When you load a page, it sends a request to the tracking company to send the 1x1 image to your computer. The web bug provider can then watch where you go, if they're sneaky and cross-reference them with cookies holding details such as your e-mail addresses (which you might enter on a page). From there, it's a short step to watching your entire wanderings around the Net.

Be Free, which embeds such bugs in AOL pages, said that it doesn't collect information that could be used to identify people but collates anonymous information, which it sells to marketing companies. However, worries about privacy issues are already surfacing in the US.

There are even sneakier uses for web bugs. "Spam" (or junk e-mail) could contain HTML links back to the spammer's server; if you open a piece of e-mail containing a bug while you're online, the e-mail will send out a request to the spammer for the bug. That tells them that your e-mail address works. So be wary opening junk e-mail, and do it offline if you can.

There is, thankfully, some help at hand. Windows users can download Bugnosis (, a plugin for Internet Explorer 5 offered by the Privacy Foundation in the US, which will highlight any web bugs on pages you visit.

"Our goal with the software is to reveal how web bugs are tracking all of us on the internet," said Richard Smith, its chief technology officer. "Any company that uses web bugs on their site should say so clearly in their privacy policies and explain the following: why they are being used, what data is sent by a bug, who gets the data and what they are doing with it."

For other users, finding out what bugs are about is trickier. One simple (but tedious) way is to examine the actual HTML of the pages you're viewing. Such examination can reveal bugs in the most surprising places, such as a New York Times article – which was warning about the dangers web bugs can pose. There's no relief in sight, either, until browser companies or plug-in authors devise filters that stop 1x1 images from being loaded. Happily, those already exist for larger images, so it probably won't be long. As usual, the technological solution is ahead of the corporate, or legislative one.