[LINK] paypal even more evil than before

[Craig Sanders]

i went to pay for something with paypal just now and noticed that my browser
was asking me whether to allow cookies from 2o7.net and doubleclick.net.  i
clicked Deny, of course.

further investigation showed that several links within the paypal site didn't
go direct to paypal URLs, they went via doubleclick - including links to
"contact support", "fund paypal with your bank account", "product disclosure
statement - Paypal Australia Pty Ltd", and "16 ways to promote your business".

so, anyone clicking those links is associating their paypal ID (i.e. their
name, address, bank account and/or credit card number) with whatever cookies
doubleclick already has on them.

this is the pernicious evil of web-bugs.



the following is a copy of a complaint i sent via their complaint form
a few minutes ago:

-----
the fact that i have a paypal account and use it to pay for products
purchased on the internet DOES NOT give you the right to spy on me
with web bugs or set up links on your main page via doubleclick.net
redirectors. i don't want scum like that having my personal information,
nor do i want them associating my real name or my purchase history with
my activities on the web.

you even have it rigged so that naive users can't even contact paypal
support without being spied upon by double click - the URL in the link
for contacting support on your main page is

https://paypalssl.doubleclick.net/click%3Bh=v8/VARIOUSCODES%3D%3fhttp://ad.doubleclick.net/clk;MORECODES;h?https://www.paypal.com/au/cgi-bin/webscr?cmd=_contact_us

i had to edit the URL to strip out the doubleclick rubbish before i
could find out how to complain about being spied upon.
-----


(the "VARIOUSCODES" and "MORECODES" above were long sequences of numbers
and letters which i have stripped out in case they identify me in some
way)



craig

-- 
craig sanders <cas at taz.net.au>

BOFH excuse #128:

Power Company having EMP problems with their reactor