Too small for readers to see, the bugs also can be more invasive--for example, capturing a visitor's Internet Protocol address or installing pernicious files, security experts say.
The Privacy Foundation's software, called Bugnosis, detects the tracking tags on a Web site and casts a blinking bug on the page to notify visitors. It also lets consumers set the browser to utter an "uh-oh" sound when a bug is found. For the proactive, the software lets people easily send an e-mail to companies using the tags.
"Our goal with the software is to reveal how Web bugs are tracking all of us on the Internet and to get companies to 'fess up' about why they are using them," Richard Smith, the Privacy Foundation's chief technology officer, wrote in his privacy tip sheet.
"Any company that uses Web bugs on their site should say so clearly in their privacy policies and explain the following: why they are being used, what data is sent by a bug, who gets the data, and what they are doing with it," he added.
The Denver-based foundation is working on a new version to detect the tags in e-mail in Outlook and Outlook Express.
Other technology companies have created software to help consumers block the tiny tags from their PCs. Idcide, WebWasher, Adsubtract and Intelytics offer products that can either prevent Web sites from placing cookies on their computers or block Web bugs altogether.
In addition, Internet tracking and security company Security Space in a monthly report identifies companies that benefit from the use of Web bugs, including online advertising networks DoubleClick and Linkexchange.com, as well as Yahoo and America Online.
CNET Networks, the publisher of News.com, also makes use of Web bugs, a practice disclosed in the company's privacy policy. According to the policy, CNET does not "aggregate or track personally identifiable information when using clear GIFs, only usage patterns."
