Verisign violates privacy millions of internet users

By EDRi · September 25, 2003

Verisign, the US based registrar of the .com and .net top level domain,
refuses to stop redirecting internet users to its own search engine Site
Finder. Since 15 September everybody who makes a mistake in typing a web
address is re-directed to their website, instead of just getting an error
message. In spite of massive protests from internet users, technicians,
the IAB and ICANN, Verisign doesn’t seem willing to change its policy.

In a posting on the collective weblog CircleID privacy-expert Richard
M.Smith states that Verisign is using the services of Omniture to set a
cookie. Through this, the company is able to watch all future mistakes
people are making in typing a domain name, besides analysing their search
behaviour and gathering sensitive information like the previously visited
web address.

With 4 to 7 million misguided visitors per day, Verisign is violating the
privacy of internet users worldwide on an extremely large scale. This type
of secretive monitoring is prohibited by the European Directive on privacy
in the telecommunications sector (2002/58/EC). Via the Recitals 24 and 25
and Article 5.3 the Directive requires explicit consent of each internet
user for cookies and similar monitoring devices. “So-called spyware, web
bugs, hidden identifiers and other similar devices can enter the user’s
terminal without their knowledge in order to gain access to information,
to store hidden information or to trace the activities of the user and may
seriously intrude upon the privacy of these users. The use of such devices
should be allowed only for legitimate purposes, with the knowledge of the
users concerned.”

Bug Reveals the Snooper in VeriSign’s Site Finder (17.09.2003)

Stop Verisign DNS Abuse – online petition