WASHINGTON — A leading privacy group has started a campaign urging Internet users to keep their personal information and Web surfing habits away from DoubleClick Inc., the leading Net advertisement placement service.
And, separately, lawyers brought a class action suit seeking damages from the Madison Avenue advertising firm for allegedly obtaining information from Internet surfers illegally.
The moves followed DoubleClick's announcement last month that it planned to begin combining tracking of Web surfers' visits to about 1,500 Internet sites with people's actual identities.
Currently, DoubleClick puts unique identifying traces on the computers of people who visit many Web sites where it places ads and tracks what people are viewing. But the profiles are not linked to people's actual names and addresses.
DoubleClick said that under its new program, not yet in effect, it would still use the information only to tailor advertising and direct mailings to desirable customers. And the company would also continue to exclude sensitive data about health and sexual matters along with "detailed" financial information from its profiles.
But the Center for Democracy and Technology, a nonprofit group based in Washington, said the plan went too far and created a massive surveillance database that could later be accessed by the government, other companies and even parties to civil lawsuits.
Web surfers were urged to "opt out" of the DoubleClick system and send e-mail opposing the new practice to the company and to leading Web sites that carry ads placed by DoubleClick. Those sites include Altavista, the New York Times and Sesame Street. CDT posted information about its campaign at www.cdt.org/action/doubleclick.shtml.
In a separate development, lawyers for Nancy Donaldson, a resident of California, and others filed a suit in the southern district of New York claiming damages of $1,000 for each person who accessed a DoubleClick advertisement since January 1996.
"DoubleClick has invaded plaintiff's and the class' privacy by surreptitiously, and in an unauthorized manner, accessing their personal computer hard disk drives and obtaining electronic information and communications and using that electronic information for DoubleClick's own benefit," the class action said.
Visitors to many Web sites that carry ads placed by DoubleClick may not realize that the firm, not just the Web site they are visiting, can record what pages they visit.
DoubleClick, which has faced substantial criticism from privacy groups since announcing the new service, places ads on about 11,000 Web sites but only tracks movements on about 1,500 of those.
Company officials emphasized that Internet users would be given a chance to prohibit tracking whenever they signed up or gave personal information to a Web site participating in the new program.
"We'd like Web users to be well-informed and to understand exactly what we and other advertising services do," Senior Vice President Jonathan Shapiro said. "The only reason we're doing any of this is to get the right message to the right person at the right time."
Only people who registered and provided personal data to one of the Web sites participating in the new program would be tracked by name, the company said. But once such tracking started, movements would be recorded at all the 1,500 Web sites that carry DoubleClick ads and provide tracking data.
CDT and other privacy groups said the warnings and "opt out" option were confusing and inadequate.
"Consumers are not being given adequate notice about a third company's involvement here," said CDT policy analyst Ari Schwartz. "It's really about consumer awareness and letting the public voice their concerns."
Other groups are planning to file a complaint to the Federal Trade Commission alleging DoubleClick's tracking and identifying service was illegal, said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington.
Rotenberg argued that notice of data collection and "opt out" options have not worked adequately even when notifying Web surfers about the policies of the actual Web site being visited.
"It's even less likely to work when given for a third party," he said. "The customer for the advertiser is the business."