Verisign, the US based registrar of the .com and .net top level domain, refuses to stop redirecting internet users to its own search engine Site Finder. Since 15 September everybody who makes a mistake in typing a web address is re-directed to their website, instead of just getting an error message. In spite of massive protests from internet users, technicians, the IAB and ICANN, Verisign doesn't seem willing to change its policy.
In a posting on the collective weblog CircleID privacy-expert Richard M.Smith states that Verisign is using the services of Omniture to set a cookie. Through this, the company is able to watch all future mistakes people are making in typing a domain name, besides analysing their search behaviour and gathering sensitive information like the previously visited web address.
With 4 to 7 million misguided visitors per day, Verisign is violating the privacy of internet users worldwide on an extremely large scale. This type of secretive monitoring is prohibited by the European Directive on privacy in the telecommunications sector (2002/58/EC). Via the Recitals 24 and 25 and Article 5.3 the Directive requires explicit consent of each internet user for cookies and similar monitoring devices. "So-called spyware, web bugs, hidden identifiers and other similar devices can enter the user's terminal without their knowledge in order to gain access to information, to store hidden information or to trace the activities of the user and may seriously intrude upon the privacy of these users. The use of such devices should be allowed only for legitimate purposes, with the knowledge of the users concerned."
Bug Reveals the Snooper in VeriSign's Site Finder (17.09.2003)
http://www.circleid.com/article/260_0_1_0_C/
Stop Verisign DNS Abuse - online petition
http://www.whois.sc/verisign-dns/