A month ago, Jason Calacanis went on a rant about why everyone should boycott comScore. He felt they were using sketchy tactics to bully people into their pay-to-play model for measuring web analytics. He also noted that their free competitors like Quantcast, Google, and Compete would soon eat their lunch. Both Quantcast and Google (Analytics) offer direct counting of pageviews (but even these methods can be abused). But you may wonder how exactly Compete gets its numbers? It appears, that some sketchy tactics are (or at least were) employed, as well.
We were recently pointed to this post from last month by Ben Edelman, a Harvard privacy advocate. In it, he details the data the Upromise toolbar collects and sends out. This toolbar is used by college students looking for savings on various items across the web, and can be quite useful. But until a few weeks ago, it appears they were also sending web browsing (and more personal) data to Compete without anyone’s knowledge. Writes Edelman:
As shown in the “host:” header of each of the preceding communications, transmissions flow to the consumerinput.com domain. Whois reports that this domain is registered to Boston, MA traffic-monitoring service Compete, Inc. Compete’s site promises clients access to “detailed behavioral data,” and Compete says more than 2 million U.S. Internet users “have given [Compete] permission to analyze the web pages they visit.”
He continues:
Upromise’s installation sequence does not obtain users’ permission for this detailed and intrusive tracking. Quite the contrary: Numerous Upromise screens discuss privacy, and they all fail to mention the detailed information Upromise actually transmits.
The Upromise toolbar installation page touts the toolbar’s purported benefits at length, but mentions no privacy implications whatsoever.
If a user clicks the prominent button to begin the toolbar installation, the next screen presents a 1,354-word license agreement that fills 22 on-screen pages and offers no mechanism to enlarge, maximize, print, save, or search the lengthy text. But even if a user did read the license, the user would receive no notice of detailed tracking. Meanwhile, the lower on-screen box describes a “Personalized Offers” feature, which is labeled as causing “information about [a user's] online activity [to be] collected and used to provide college savings opportunities” But that screen nowhere admits collecting users’ email addresses or credit card numbers. Nor would a user rightly expect that “information about … online activity” means a full log of every search and every page-view across the entire web.
Shortly after Edelman’s post (and a follow-up PCMag.com post), Upromise changed their privacy policy to alert their users that this data is being sent out. But the company declined to state how long the issue had been going on.
Privacy implications aside, it’s interesting that this is one of the ways Compete was gathering data. And it would be good to know where else they get it from. On their site, they only vaguely note that they have “developed a unique methodology created by experts in the fields of mathematics, statistics and the data sciences to aggregate, transform, enhance and normalize data in order to estimate U.S. Internet traffic.” They also claim to have over two million members — but apparently, at least some of them (such as the Upromise toolbar users), don’t know they’re members.
I’ve sent a message to Compete asking them what other means (other toolbars, etc) they use to gather their data. In light of this Upromise fiasco, it seems wise that they should disclose that kind of information. I’ll update if and when I hear back.
Even though the iPad is still more than a month away from shipping, 
Early this morning, Twitter began 
