I. II.

III. IV. V.

VI.

VII.

VIII. Overview:

Overview of Case Analysis Growth of Company A. Acquisitions B. Abacus Alliance Company Financials Need for Chief Privacy Officer Technology Leadership A. Cookies B. DART C. Vision of iTV Multi-Channel Marketing A. Online Marketing B. E-mail Marketing C. Abacus Direct Mail / Market research Privacy Issue A. Consumers complaints / lawsuits B. Doublclicks reactions Recommendations for a Compromise

DoubleClick is a company that has taken a leadership role in the new digital media world. The company claims that without their products and services the online economy would fail. Leadership often is a result of challenging the status quo, and DoubleClick is no stranger to pushing the envelope when it comes to internet privacy. This company introduced controversial practices which in turn, make the internet a highly effective medium for reaching consumers through target marketing and profiling. DoubleClicks motto is to allow marketers to deliver the right message, to the right person, at the right time. The success of this company can be measured by their ability to follow this motto. However, in this case analysis, we will determine if DoubleClicks technology and marketing strategy helps or hurts consumers ability to use the internet as a medium for commerce and pleasure without giving up rights to privacy and being subject to involuntary consumerism. Many e-business models have failed because they lack the resources needed to effectively reach enough online consumers; DoubleClick offers a service to companies that give them the ability to directly target these once elusive consumers. DoubleClick derives revenue from their ability to record, analyze, and target online advertisements based on user data obtained from cookies. Cookies are a unique tag that DoubleClicks

servers place on users computers. The use of cookies is discussed in more depth as this case analysis develops. Furthermore, DoubleClick also has the ability to coordinate entire marketing campaigns by employing data collected from cookies, online and offline consumer databases and utilizing different forms of online media. These resources collectively make up the largest source of information any company would need to market to consumers online. One way DoubleClick developed such a large pool of technology and information based resources is through acquisitions and partnerships. Growth Strategy: The first major push for DoubleClick to become an online marketing leader was to initiate an aggressive acquisition campaign that would build a technology and information arsenal. This strategy also included forming sensible strategic partnerships with companies to big or to costly to acquire. The long list of acquisitions starts with NetGravity, a leading software provider for online interactive marketing. NetGravity produced software that was used to increase advertising response rates by utilizing customer targeting. In July 1999, DoubleClick purchased this competitor for $530 million in a stock transaction (Cnet news.com). NetGravity contributed toward DoubleClick's approach of online target marketing and strengthened its lead among all other online marketing companies. Their next target was the growing sector of e-mail marketing and opt-in list management. Opt-in Email.com was acquired in December of 1999; they were a leader in e-mail marketing which includes the publishing of opt-in e-mail lists. Opt-in lists are generally described as consumers who agreed to have their e-mail address published for solicitation purposes. The controversy here is that many of these individuals do not know exactly what ads or promotions they are agreeing to receive and they also have no control over which companies buy their addresses. Opt-in email.com specialized in serving online retailers, media firms, and software and hardware companies. FloNetwork maintained an opt-in email address list of 26 million, and was purchased for an undisclosed price of cash and stock in April of 2001. After the purchase, DoubleClick now managed the largest opt-in email list of over 40 million addresses. FloNetwork also contributed expertise in the areas of list building, maintenance, real-time tracking, reporting and analysis of e-mail campaigns.

Another interesting strategy that DoubleClick used to expand its exposure to the online marketing sector was to invest in companies that offered innovative solutions to some of the problems that the sector was facing. Companies trying to market online realized that banner ad click-through rates were relatively low across the board. Valueclick developed a model of performance based banner ads where advertisers only pay for actual click-throughs. Advertisers like this model of pricing because it was cost effective and they only paid for motivated, higher quality consumers. DoubleClick that it was such a good idea they bought a 30% minority equity interest in Valueclick to at least have exposure to this pricing model in case in became the status quo. DoubleClick also owns a majority 60% equity stake in a company called Flashbase. Flashbase is responsible for most of the internets online sweepstakes promotions. These sweepstakes offer prizes to a lucky few but in order to be considered one must fill out the entry form. This form includes key indicative data files: name, age, address, e-mail address, potentially phone numbers. It also offers a general description of ones interests. For example, if someone entered an online sweepstakes to win a designer bridal dress, Flashbase would take the entrants information and create a database of people that were thinking about marriage. This database could be used to effectively deliver pop-ups, banner ads or even e-mails related to weddings to a targeted group of people with shared interests. Offering sweepstakes to develop a database of users, only to eventually target them with ads, fell right in line with DoubleClicks motto of delivering the right message, to the right person, at the right time. To diversify their consumer databases, DoubleClick acquired SmartBase, an offline database that operates a cooperative membership group of catalogers and mail order marketers. Basically, member companies would collaborate and share transactional data of their customers for the purpose of consumer modeling. This was a powerful target mail marketing tool, DoubleClick saw it as an early step to combine information gathered from users online activities and couple it with offline consumer behavior patterns. In a highly controversial move, DoubleClick bought Abacus Direct for $1.7 billion and it drew the attention of Wall Street, consumer rights groups, privacy watchdog groups, and even the Federal Trade Commission. Abacus maintains the largest database of consumer, B2B, publishing, and online transactions which is used for both marketing

modeling and direct target marketing purposes. Their database consists of more than 3.5 billion transactions made by more than 90 million US households. The range of data includes: geographic, demographic, lifestyle, and behavioral data. This information was collected from catalog, retail, B2B, e-commerce, and publishing marketers. Abacus operates by allowing companies to utilize its database for modeling purposes if the company agrees to share accurate transactional data from their own business practices. Currently the DoubleClick Abacus Alliance, as it is now referred, consists of 1200 member companies which all contribute and utilize transactional and demographic information from many oblivious consumers. Surfing the internet was once an anonymous activity performed within the confines of ones own home, or at any public computer. This anonymity made it difficult for marketers to present their products to the right people. DoubleClick developed a somewhat anonymous database of online surfing trends by placing cookies and tracking 53 billion ads per month. Abacus has over 3 billion consumer offline transactions that can be linked to personally identifiable information. With the acquisition of Abacus, once anonymous users, and their hard drive full of cookies, can now potentially be associated with personally identifiable information and past purchases. Joining the online and offline databases will provide the most comprehensive consumer profile that marketers have ever utilized. This greatly improves marketers ability to find the right online consumers which subsequently saves time and resources. There are several reasons why consumer rights groups and privacy protection groups fear the DoubleClick and Abacus entity. The first issue is user consent to be apart of a tracking and profiling database. The default is that one can be tracked and added to a DoubleClick or Abacus database. One must be proactive in order to opt-out of these databases. Opposition groups think the logic here is completely backwards and DoubleClick should only be allowed to track those users that opt-in first. The second issue is that online activity looses its anonymity and can be tied to any number of offline behaviors and demographics. The fear here is that companies will abuse this wealth of information and invade our personal lives in the name of marketing a product. For example, DoubleClick has ambitions of using this information to come up with a new marketing strategy labeled as predictive mail. The general concept with predictive mail

is to combine past transactional data and consumer demographics from Abacus, together with online behaviors and very recent signals of a consumers intent to purchase which are gathered from DoubleClicks resources. All this information can then be compiled to formulate a direct mailing campaign for a product to reach a highly targeted group of consumers. Taking the privacy issue standpoint, the DoubleClick-Abacus merger is seen as a dangerous marriage of consumer profiling information. DoubleClick Financials: No case analysis would be complete without an examination into the financial health and stresses of a company. DoubleClicks financial condition should be prefaced with a brief historical review of the overall economic environment in which DoubleClick grew as a company and as a leader of an emerging market. When DoubleClick was incorporated on January 23, 1996, the potential for e-commerce was seen as speculative. However, throughout the late 90s and early 2000 the sentiment for e-commerce shifted from purely speculative to overly optimistic. Ultimately, with the bursting of the internet bubble many took the view that internet companies may be considered grossly overvalued. During this period of uncertainty, DoubleClick went through difficult financial events especially issues surrounding acquisitions of companies that turned out to be overvalued themselves. Following is a detailed description of the financial health of the company both past and present. DoubleClick has been plagued by severe financial issues since 1999. Their annual reports for 2000, 2001, and 2002 all report operating losses. It appears that these losses arose, in part, from their aggressive acquisition policy. The notes to the consolidated financial statements for these years all report restructuring charges which are be associated with their many acquisitions. These charges are as follows: 2000 Restructuring Charges o $2.4 million charge to operations o Reportedly taken to better align its sales, development, and administrative organization o Involved terminating 180 employees o These costs arose from: Severance Packages

Outplacement Services Continued benefits to terminated personnel

2001 Restructuring Charges o $84.2 million charge to operations o Reportedly taken to increase operational and bring costs in line with revenues o These costs included: $10.4 million in severance payments to 605 terminated employees $51.7 million for accrued future lease costs $19.5 million write-off of fixed assets $2.6 million in other exit costs

2002 Restructuring Charges o $98.4 million charge to operations o Reportedly taken to better align its sales, development, and administrative organization and reduce corporate overhead o These costs included: $5.7 million in severance packages to 250 terminated employees $77.0 million for accrued future lease costs $15.7 million write-off of fixed assets

According to the 2002 Notes to the Consolidated Financial Statements, effective January 1, 2002, DoubleClick changed its estimate of the useful lives of its production equipment and software. Although DoubleClick does not define production equipment in this note, Note 10 in the 2002 Notes to the Consolidated Financial Statements entitled Property and Equipment contains a category entitled Computer Equipment and Purchased Software. Given DoubleClicks industry and these notes, we believe that it is safe to assume that production equipment means computer equipment. DoubleClick extended the estimated useful life of these assets from three years to four years based on an analysis performed by their operations department, which is not an independent entity. Due to the fact that depreciation of computer equipment and software occurs

primarily because of obsolescence and that the analysis on the assets useful lives was conducted in-house, it is difficult to accept DoubleCicks assertion that the useful lives of these assets should be extended. In addition, DoubleClick points out in the same note that 2002s net loss was reduced by approximately $8.3 million because of this change. It appears that DoubleClick is using questionable accounting practices in order to mitigate their operating loss for the year ended December 31, 2002. Need for a Chief Privacy Officer: Acting as a leader of an emerging e-commerce sector required a change in the executive structure of DoubleClick. A relatively new position, the Chief Privacy Officer (CPO) has emerged among privacy conscious organizations. The primary reasons that this position has come about is due to new regulatory requirements, the need to augment consumer and governmental scrutiny, and the realization that privacy will play a role in differentiating them from their competitors. PricewaterhouseCoopers (PWC) conducted a survey of 66 organizations that employ CPOs in order to determine the positioning of CPOs. Although the survey found that the functions of the CPO is still evolving and many other characteristics vary from company to company, the positioning of the CPOs were as follows: Legal Department (47%) Engineering (4%) Ethics Office (4%) Government Affairs (6%) Marketing (6%) Senior Management (6%) E-Business (7%) Other (11%)

PWC also found that 8% of those companies created a separate and independent Privacy Department headed by the CPO. PWCs survey found that regardless of the placement of the CPO within the organization, there are certain characteristics of the placement that are common. The first is that in order for the CPO to be successful, the position must be granted the appropriate

level of authority and oversight. The second is that role of the CPO must me incorporated to allow the CPO to effectively coordinate the development, implementation, and maintenance of the corporate privacy strategy. Finally, the optimal location is where the privacy policy will best be enforced. As indicated by PWCs survey, the vast majority of companies chose to locate the CPO in the Legal Department. While there are certainly many reasons for this, the survey indicated that the primary reasons for this placement are that initiatives under government authority are taken seriously, a significant amount of interpretation is required to understand the implications of a privacy policy on organizational procedures and potential litigation, and the interpretation of laws and regulations require the expertise of legal counsel. For the remainder of the companies, it appears that the placement of the CPO outside the Legal Department is due too the privacy authority residing in the department with the highest risk of breaching the privacy policy. Bennie Smith serves as DoubleClick's Chief Privacy Officer. According to DoubleClick he is responsible for guiding privacy policies and practices across the company's business units and geographies. According to DoubleClicks Executive Bios website, Mr. Smith holds a B.A. Degree in History from Georgetown University. It does not indicate whether Mr. Smith has any legal or IT experience nor does it indicate where the company placed their CPO.

Technological Leadership: Multi-Channel Marketing:

Privacy Issue in Depth: DoubleClick doesnt have any issues with the use of technology, but they are skirting the fringes of the law when it comes to Internet privacy issues. Since there arent many laws in the United States to protect consumers and how their personal information is used once it has been collected, there is a going concern on how this information is used by Privacy Groups and individual who understand what is going on. Although not specifically stated in the US constitution the US Supreme Court has found the concept of "privacy" to be protected by a number of Amendments. Thus,

privacy is known as a "penumbra right." It is the essence of the Bill of Rights and thus a guaranteed right. So many Internet users believe these rights protect them. In addition, most individual believe something done in the privacy of their own home is their personal busy plus that fact that it is done in the privacy of their home leads to a false sense of security and privacy. However, Internet privacy issues arise because companies like DoubleClick and others use cookies, web-bugs, spyware, harvested email addresses from chatrooms, and the sharing of websites user registration data. All this information once collected and correlated in a database helps to create an identifiable consumer profile. The depth of information collected for a user profile maybe such that the user is not personally identifiable, but more that likely the users personal identity is known. This tracking of individuals is done to obtain direct marketing information so a consumer can be targeted for personalized ads when surfing the Internet. However, this personal data is also sold to other marketing companies for use in direct mailings or for telemarketing. The big concern though is that most Internet users dont understand that they are being tracked and a profile built up on them as the surf the Internet looking for information and entertainment. Then the more disturbing concern is that you dont have any legal rights to see this profile thats been compiled on you or the right to correct any errors that might exist. However, once general Internet users are informed about how this profiling and tracking information is used they become very concerned about their privacy. These general Internet users also dont believe a company has the right to sale their personal information for a profit without their permission. Although, most disturbing is the fact that over 64% on Internet users dont do anything to protect themselves once they find out about these practices. The current feel seems to be nothing bad has happened to me yet so why worry. Although most Internet users do believe there should be more laws to protect them and their privacy when on the Internet. An example of what Internet users are looking for in the way of Internet privacy can be found in Europe where there are many laws and regulations protecting privacy. The European Directive on Data Protection 1995, Article 10 states that the collectors of personal data must provide their identity, the purpose for collecting the data, and disclose

any third party recipients. Its also illegal to harvest email addresses form chatrooms or collect information for one purpose and then use it for another purpose. Also unlike the US, websites cant put in their term and conditions a statement that the use of this website constitutes permission to use personal data collected for marketing purposes. In the US though, most Internet users feel that private institutions and large companies wont voluntary protect personal data they collected unless forced to by law. However when asked if they believe that the US government would protect their personal data most individual didnt thing the US government could be trusted either. These facts are quite unsettling for privacy advocates. However, if federal laws requiring full disclosure of how personal user information is collected and used were to be passed better-educated Internet users would then force tighter control over how personal data is collected and used. Until then many privacy advocates have been using existing laws and lawsuits to test companies rights to use personally identifiable information. To that end DoubleClick continues to defend itself while this legal void exists. Past and Present Legal Issues: In the Notes to the 2001 Financial Statements, DoubleClick reported that they were a defendant in twenty lawsuits, mostly class-action lawsuits, concerning Internet user privacy, their data collection and other business practices. More specifically, these lawsuits allege that they unlawfully obtained and used Internet users personal information and that their use of cookies violates various laws. They were also the subject of an inquiry involving the attorneys general of several states relating to their practices in the collection, maintenance, and use of information about and their disclosure of these information practices to Internet users. In addition to legal issues arising from the DoubleClicks core business, the company and some if its officers and directors were named in a suit pursuant to Section 11 of the Securities Act of 1999 and in a claim under Section 10(b) of the Securities Act of 1934. As of December, 31, 2001, DoubleClick recorded a provision of $1.8 million relating to the settlement of the pending privacy lawsuits. In April, 2002, a consolidated amended class action complaint alleging violations of the federal securities laws was filed in the United States District Court for the Southern

District of New York in connection with DoubleClicks follow-up offerings. The company and some of its officers and directors were named in the suit pursuant to Section 11 of the Securities Act of 1933 and Section 10(b) of the Securities Exchange Act of 1934. The basis of this suit was the alleged failure to disclose the underwriters' alleged compensation and manipulative practices. A motion to dismiss the action was filed by DoubleClick in July, 2002 and was subsequently denied in February, 2003, however, in October, 2002, the action against DoubleClicks officers and directors was dismissed with the action against the company remaining. Most recently, on July 10, 2003, a class action lawsuit naming DoubleClick as a defendant was filed in Allegheny County, Pennsylvania. There are five main allegations in this action. The first allegation is deceptive business practices by using advertising banners disguised as computer alerts or system warnings and these practices mislead the members of the class. The second allegation is that DoubleClick fraudulently and intentionally misrepresented material facts regarding these advertising banners and their privacy policy. The third allegation is that DoubleClick created a nuisance, both public and private, by interfering with the class members use and enjoyment of their property by the use of deceptive advertising banners. The fourth allegation is that the creation of the aforementioned nuisance was intentional and unreasonable. Finally, the fifth allegation is that DoubleClick intentionally and wrongfully invaded the class members right of privacy and right of association and non-association. Protecting your own Privacy: In the mean time Internet users are left to fend for themselves when it comes to protecting their privacy. There are several companies that make software to eliminate tracking cookies and spyware from peoples computer. The 2 most popular freeware programs are Ad-aware and Spybot-S&D which can be downloaded for the CNET website. These free tools let a user scan their computer for unwanted tracking agents and then allows a user to eliminate them. However, any user of these tools must constantly update their data files with the latest privacy threats. Also, these tools provide an after the fact protection scheme since until a threat becomes well known it wont be part of database of know items to scan for and eliminated. So you first have to be tracked before

you can eliminate the tracking agent threat. Not the best scheme for protecting ones privacy, but tracking agents are similar to viruses in that it has to be known before you can guard against it. To that end some of these companies that offer the freeware tools also sell products to prevent known tracking agent from getting onto your computer. The ides is to install active software filters to prevent tracking agents from getting onto your computer in the first place. A good concept, but once again flawed by the fact that the tracing agents have to be discovered first before you can be protected yourself from them. Another alternative is to use firewalls to prevent access to unwanted websites. Firewalls can be setup to block unwanted outside accesses from getting into your system. Firewalls can also prevent programs on your system from accessing blocked sites so they dont send or receive unwanted information. However, firewalls require a very sophisticated user and someone who understands how the Internet data flow works in great detail. Recommended Courses of Action: These ongoing litigations if successful though present a major item of concern for companies like DoubleClick. If any of these lawsuits find the current Internet tracking practices illegal or laws are eventually passed prevent tacking, and then DoubleClicks business model could be rendered invalid. This is an item of great concern for DoubleClick as Internet users become more aware of how the data flow between their computer and Internet markets is actually working.

References: Internet Privacy Law http://www.netatty.com/privacy/privacy.html

Howstuffworks: How Internet Cookies Work http://computer.howstuffworks.com/cookie.htm DoubleClick: Electronic Commercial Communications permission is the key

http://www2.doubleclick.com/emea/downloads/permission-eng.pdf

Bugnosis Web Bug Detector http://www.bugnosis.org/

Internet Privacy Resources http://www.privacyrights.org/netprivacy.htm

Georgetown Internet Privacy Policy Study http://www.msb.edu/faculty/culnanm/gippshome.html

Americans & Online Privacy: The System is Broken A Report from the Annenburg Public Policy Center of the University of Pennsylvania By Joseph Turow, Ph.D. http://www.appcpenn.org/04_info_society/2003_online_privacy_version_09.pdf

PricewaterhouseCoopers Article http://www.pwcglobal.com/Extweb/industry.nsf/docid/676BA6D02F9AA27285256B660 0617BF7

Doubleclick 2002 Annual Report http://media.corporate-ir.net/media_files/NSD/DCLK/reports/DCLK02AR.pdf

Doubleclick 2001 Annual Report http://media.corporate-ir.net/media_files/NSD/DCLK/reports/0110k.pdf

Network Advertising Initiative http://www.networkadvertising.org/default.asp

Lawsuit http://www.ferencelaw.com/doubleclick/