T 5.110 Web bugs

The term web bugs refers to images embedded in email or WWW sites loaded from a third party server when opened. These images may be very small, miniature graphics with a size one pixel, for example. The images are embedded in such a way that they cannot be seen in general, but trigger the execution of a script or program when loading the images from the initial server.

If web bugs are embedded in HTML-formatted emails, the sender may see which email was read when, for example. This may be undesirable in the context of mass emails sent without any request, for example.

When using the world wide web, users must generally take into account that connections are not only established to the server whose WWW offer they are currently using, but also to other servers. For example, this is the case if images are referenced from a WWW site that are located on a different server. Although this is a normal process as a matter of principle, information may be transmitted inadvertently to third parties using this mechanism, as demonstrated by the example described below. Confidential data of the user or the server operator may be compromised this way in particular.

Example:

• A university uses a software pack available for free on the Internet in order to offer dynamic content on the WWW server (CGI scripts). Depending on the entries made by the user, the software generates matching response sites on the WWW server and sends these to the user. Along with actual content, the generated HTML sites also contain references to images not located on the university's server, but on the server of the person who programmed the CGI scripts. As a consequence, these images are retrieved from the server of the programmer every time a user accesses the Internet service of the university. This way, the programmer is provided with comprehensive information about the use of the software pack she developed, but also about the use of the Internet service of the university.