The IT Law Wiki
Don't have an account?
Register
Advertisement
Register
in: Privacy, Advertising, Internet,
and 2 more

Web bug

Edit

Definitions[]

A Web bug (also known as clear GIF, pixel tag or 1-by-1 GIF) refers to

[t]iny images, invisible to a user, placed on web sites in such a way that they allow third parties to track use of web servers and collect information about the user, including IP address, Host name, browser type and version, operating system name and version, and web browser cookie.[1]
objects, usually one-pixel-square graphic images, embedded within the HTML source on a Web site that cause part of the displayed Web page to be retrieved from another Web site, thereby transmitting information about the requester to a third party.[2]

The web bug is generally the same color as the background on which it is displayed, which makes it invisible to the naked eye. The graphic has no purpose other than to collect information about the user viewing the HTML content.

How it works[]

The Web bug sends back to its home server (which can belong to the host site, a network advertiser or some other third party) the IP address of the computer that downloaded the page on which the bug appears; the URL (Uniform Resource Locator) of the page on which the Web bug appears; the URL of the Web bug image; the time the page containing the Web bug was viewed; the type of browser that fetched the Web bug; a previously set cookie value; and the identification number of any cookie on the consumer's computer previously placed by that server.

Web bugs enable third parties to place cookies on a user's browser and track the user's navigation across the web. Advertising networks can use web bugs to aggregate information to create a profile of what sites a person is visiting. The personal profile is identified by the browser cookie of an advertising network, allowing the network to track behavior across sites over time.

"Web bugs are also embedded in e-mail messages by spammers, who use them to validate live addresses.[3]

Detecting a web bug[]

Web bugs can be detected only by looking at the source code of a Web page and searching in the code for 1-by-1 IMG tags that load images from a server different than the rest of the Web page. In addition to disclosing who visits the particular Web page or reads the particular email in which the bug has been placed, in some circumstances Web bugs can also be used to place a cookie on a computer or to synchronize a particular email address with a cookie identification number, making an otherwise anonymous profile personally identifiable.

Blocking a web bug[]

It is difficult to block a web bug. A user can disable third-party [cookie]]s, thereby limiting the types of information they can collect and associate with personally identifiable information. Not all browsers have this functionality. Nor does blocking of third-party Cookies remove the web bug itself, which remains part of the web page. Removal of the cookie prevents the tracker from identifying the individual user. However, the web bug would still have the capability to track navigation data using an IP address as an identifier.

References[]

  1. NIST Special Publication 800-46.
  2. Who Goes There?: Authentication Through the Lens of Privacy, at 133 n.9.
  3. Who Goes There?: Authentication Through the Lens of Privacy, at 133 n.9.

See also[]

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed