Thursday, March 01, 2012

Waxman extends Web privacy probe to PointRoll

Raising the pressure on Gannett's advertising services subsidiary, Congressman Henry Waxman of California is now asking PointRoll about its alleged breach of Safari's browser privacy settings.

The senior Democrat on the Energy and Commerce Committee sent PointRoll CEO Rob Gatto a four-page letter on Tuesday, asking why the company had "used code designed to circumvent Safari's blocking of third-party tracking cookies and placed such cookies on the devices of Safari users.''

The committee has broad legislative oversight for matters including business and consumer protection.

PointRoll and Google are among four companies implicated in the apparent breach by a Feb. 17 Wall Street Journal story. A Gannett spokeswoman told the Journal that PointRoll had used the code as part of a "limited test" that has since ended.

In his Tuesday letter, Waxman said: "Google immediately responded to the revelation, explaining that it used a widely known weakness in Safari."

He continued: "You have not, however, clearly and thoroughly explained why you delivered code to consumers' devices to get around Safari's default blocking of third-party tracking cookies."

Other PointRoll questions
Google met with committee staff members on Tuesday, answering questions that "reconfirmed" their explanation, Waxman says.

Waxman's inquiry isn't limited to the Safari matter. He also asked PointRoll about "your policies regarding sharing of any information collected through any of the online tracking techniques you use."

He and and another Democrat on the committee who also signed the letter, Rep. G.K. Butterfield of North Carolina, gave PointRoll until March 13 to respond.

They are sending similar letters to the other two companies: Vibrant Media and Media Innovation Group.

Earlier: Texan sues PointRoll and Google over Safari allegations.


  1. So many companies breached privacy, including Facebook.

    Been a huge topic for the past few months, resulting in the adoption by the digital industry of a universal Do Not Track Button.

  2. For every privacy breach like this that is discovered and reported there are thousands which continue without public notice. The real story is what is happening to the private data after it is culled. There's money to be made by selling personal information. It is bought, sold, and traded for profit both in the legitimate and not-so-legitimate marketplaces. (Google the term "list broker" to see where the process often comes to light...) When I saw Gannett move to the facebook commentary platform it was my assumption that they were also trading in this market and perhaps tracking and monetizing their commenters' personal info or allowing facebook to do the same. Just an assumption, of course, on my part.

    As me sainted mother used to say: "Never say anything in writing that you wouldn't want to see on the front page of the paper." A wise woman, indeed.

  3. Expect consumer privacy issues to continue for a very long time.

    The industry is self-rugulated and lobbying efforts to keep the web open and away from government regulators are intense.

    Trying to get every single website and tech company to comply is nearly impossible. Jim, your blog has cookies on it and people who click on your ads have just given data to Google. And Google has been guilty of privacy breaches.

    Now that Gannett uses FaceBook for comments, our readers are forced to submit personal info to one of worst offenders of privacy:facebook.

    It's going to be a very long journey to protect consumers and even then, difficult for the commerce department to manage compliance.

  4. 8:57, heard a story on the radio yesterday that the number of people dumping facebook is increasing.

  5. The APIs are the worst. When you give permission to facebook or linkedin or twitter to access your info,,,you have opened yourself up to the world.

    I can't even imagine why people would use FourSquare and other location based apps to give even more access to privacy.

    Social media, because of its nature to be viral, will probably end up doing us all in eventually.

    So the SXSW crowd might be the most evil of all. ha!

  6. Pointroll was never like this before. I have to say that when Chris was here, he ran a tight ship and Keith Gelles and the other leaders were so strong.

    This Safari browser issue is not new to Pointroll, they deliberately have been trying to track people online for the last year. Rob Gatto's whole mission has been to become a data play for the industry. Unfortunately, Pointroll is not designed to keep user data, unless you screw around with the privacy setting like they have deliberately have been doing!

    Is anyone at corporate watching over this company!

  7. As a member of the minority, Waxman doesn't have the pull to put much bite in his bark.

  8. 12:17 We won't know until it's over. In the meantime, Waxman can compel PointRoll to ask questions and, perhaps, to turn over company documents -- including internal e-mails.

    Those documents will be subject to federal open-records laws, which means competitors and the news media will be able to get copies.

    I know this because I've been down this road before with other companies.

  9. 12:17 Privacy issues are on everyone's mind right now, due in large part to Google's change in its policy. Waxman can get bipartisan support for an investigation of PointRoll if he handles it right and doesn't make it a partisan soapbox issue.


  10. This comment has been removed by a blog administrator.

  11. Gannett is very upset about this disaster. It was up to Barbara Wall to ensure that Pointroll (and other digital properties at Gannett) are in compliance with flash cookies and deliberately going against privacy settings

    Pointroll employees are running scared right now as this was a feature that Pointroll's head of sales, Sarah Ripmaster and their CEO Rob Gatto were promoting to their advertisers.

    Clearly they got caught. The problem is that there are many clients (pointroll advertisers) that are concerned that they might get caught up in this Pointroll privacy problem. After all, Pointroll does not "indemnify" their clients from this rogue behavior.

    This could be the end of this business as we know it.

  12. Is Waxman from this planet or another?

  13. 7:28p is correct. Pointroll has bigger issues with advertisers who will not want to work with a company that has privacy issues.

    Rob Gatto is holding a town hall next week as the shit is hitting the fan. Supposedly he is trying to sell the company to DGFast or Adgregate Knowlege. Meanwhile, Gannett has no knowledge that he is trying to conjure up a sweetheart deal to dump the company and then get equity in the new company.

  14. Jim,
    You should stay with this story on Pointroll. It is getting traction among the industry and the media buying segment.

    Gannett is up in arms with this. The immature leaders at Pointroll are scared shitless.

    We have had several calls from WSJ and NY Times that are looking to probe further. Our marketing department keeps referring them to Gannett.

  15. OMG!, Everyone here is now trying to figure out how many clients have been affected by this breach of privacy settings by Pointroll.

    Rob Gatto has brushed it off in his response to our clients as if it was just "testing", but we are now seeing that there were thousands of campaigns and billions of impressions that were breached. No one can figure out how much and how many. Clearly people are nervous here!

    Sarah Ripmaster is making light of this issue and saying that there is no problem. No one trusted her to begin with and why would we trust her now?!?

    Clients are now starting to call and ask questions.

  16. Hey, this is a cultural issue. Pointroll and its overall industry have always danced the line between ethical and unethical behaviour.

    A prior poster mentioned none of this would happen under Chris' watch. Perhaps this would not occur, but what did occur was questionable or unethical.

    Between 2006 and 2009, interaction rates were bolstered. Also during that timeperiod, impression counts were falsified. On Ripmaster's baby, Ford, impression counts were altered significantly in March/April 2007. This occured under Gelles' watch.

    Add to that the failure to license the fonts used in creatives until 2009, this company has always had a loose ethical code.

  17. It's because they hire hacks! The fact that they hire designers with no development experience is the problem of so many issues. They need to fire everyone in Creative, Production and the all mighty CTG and get some real developers in house!

  18. It seems Pointroll's playing loose and fast with the rules has finally caught up with them. For years the only line was the bottom line, no matter how it affected their employees or their clients. Any employee there can tell you it's a madhouse. So many of them want to be free of the place, and with this latest development, they may finally get their chance.


Jim says: "Proceed with caution; this is a free-for-all comment zone. I try to correct or clarify incorrect information. But I can't catch everything. Please keep your posts focused on Gannett and media-related subjects. Note that I occasionally review comments in advance, to reject inappropriate ones. And I ignore hostile posters, and recommend you do, too."

Note: Only a member of this blog may post a comment.