The Wall Street Journal kicked off a series on online privacy this weekend with outstanding coverage of how the ad industry tracks your activity online.

It tested the top 50 websites to see how much they track you. Read it and weep—or shiver, anyway:

As a group, the top 50 sites placed 3,180 tracking files in total on the Journal’s test computer. Nearly a third of these were innocuous, deployed to remember the password to a favorite site or tally most-popular articles.

But over two-thirds—2,224—were installed by 131 companies, many of which are in the business of tracking Web users to create rich databases of consumer profiles that can be sold.

The top venue for such technology, the Journal found, was IAC/InterActive Corp.’s Dictionary.com. A visit to the online dictionary site resulted in 234 files or programs being downloaded onto the Journal’s test computer, 223 of which were from companies that track Web users.

Two hundred and twenty-three! (The WSJ, by the way, is admirably forthright about its own website’s habits, disclosing it in the sixth paragraph smack dab on the front page).

Cookies, of course, have been around nearly since the dawn of the Web. They help sites remember you so you don’t have to log in every time you visit. But how many people not in the biz really understand the extent to which things have spiraled out of control like this? Very, very few.

What do they know about you? Well, thanks to the WSJ for linking out to a site called BlueKai, which I’d never heard of, but which sure has heard of me, we can take a look.

It’s creepy, indeed. Like a benign stalker. BlueKai even knows where I’ve been offline in the last several months, thanks to its airline trackers. It knows I’ve flown to and from Seattle, Tulsa, Washington D.C. on a Thursday, a Friday, and a Saturday. It knows that I booked at least one of those flights less than seven days in advance. It knows by my IP address that I’ve been in Oklahoma City and Texas, though it’s wrong that I’ve been in Austin-Round Rock (at least not since 2003!). It knows I’m 33 years old. And it says my “bizographics” are C-Suite, executives, and high net worth. Wrong on all three! Somewhat amusingly, Lotame, a company profiled in the Journal piece, segments me as an “Armchair Diplomat,” whatever that is.

Click here to see what BlueKai knows about you.

It’s also very interesting where some ad networks draw the line on what they’ll track and target. Here’s the Journal again:

Healthline says it doesn’t let advertisers track users around the Internet who have viewed sensitive topics such as HIV/AIDS, sexually transmitted diseases, eating disorders and impotence. The company does let advertisers track people with bipolar disorder, overactive bladder and anxiety, according to its marketing materials.

And here’s what else they’re putting on your machine:

Beacons, also known as “Web bugs” and “pixels,” are small pieces of software that run on a Web page. They can track what a user is doing on the page, including what is being typed or where the mouse is moving.

Which allows stuff like Google targeting ads based on where you put your mouse. Okay. But where does all this stuff stop?

The story, by Julia Angwin, caused Jeff Jarvis to fry his motherboard this weekend. Contrary to what Jarvis says, this is indeed excellent journalism. It brings an issue that some us have just a vague awareness of (and many don’t know about at all) and forces it into the public eye—in terms that everyone can understand. Here’s Jarvis:

There is absolutely nothing new — thus nothing newsworthy — in what the Journal promises threatens to be a series.

That’s reminiscent of nothing more than the dismissive response to the Wikileaks Agfhanistan story and to the Washington Post’s recent Top Secret America series.

As Jon Stewart said, as only he can, responding to the droning heads dismissing the Afghanistan story:

Yeah, see, I’m not reacting to the newness of it. I’m reacting to the fucked-up-edness of it.
The Daily Show With Jon StewartMon - Thurs 11p / 10c
Best Leak Ever
www.thedailyshow.com
Daily Show Full EpisodesPolitical HumorTea Party

This WSJ privacy series, of course, is not anywhere in the ballpark of those stories, importance-wise. Not much is.

But don’t let folks like Jarvis con you into thinking it’s a non-story or even that it’s overhyped (or that it’s part of a possible Murdochian conspiracy against the free Web, as he says while denying he’s saying that). If you wouldn’t write a book about the awesome benefits of talking about your penis on Twitter, you’ll probably agree that this stuff really does matter.

Sometimes the best stories are sitting there in plain sight, as Harvard’s Doc Searls says:

It’s pretty freaking amazing — and amazingly freaky, when you dig down to the business assumptions behind it…

Most people don’t know how much they’re being followed, and I think what the Journal’s doing here really does mark a turning point.

As Searls notes, there’s a whole slew of sidebars accompanying the main WSJ piece, which was itself sort of split between A1 and the Weekend Journal cover. Today’s installment shows Microsoft crippling a planned privacy feature in its latest version of Internet Explorer.

The reason? Ad money.

If you'd like to get email from CJR writers and editors, add your email address to our newsletter roll and we'll be in touch.

Ryan Chittum is a former Wall Street Journal reporter, and deputy editor of The Audit, CJR's business section. If you see notable business journalism, give him a heads-up at rc2538@columbia.edu. Follow him on Twitter at @ryanchittum.