I don't think that this will come as much of a surprise, but websites capture the details of your visit.
We here at TDWTF use Google Analytics to see who visits our site, but don't panic - it's not in some creepy, quasi-legal, three (or four) letter government agency way - really we just want to have an idea of who our readers are. Interpreting the collected browser and GeoIP data can take some time, so thank goodness installing the hook to collect site stats is a breeze. Just copy/paste some JavaScript that Google tells you to add into the page you want to monitor, and you're good to go.
I admit, I've never looked into the code under the covers - I just know that it works as I expect it to. However, the (anonymous) reader who sent in the below was right to be suspicious of and dig into the analytics code that he had been asked to add to his company's site by an exec.
The way the code (found: http://formalyzer.com/formalyze_call.js) works is that it latches on to any forms on the page, and then grabs the users' personal details (name, email, phone, etc.) and forwards it on so that they can track you, and let any other sites that use it to know exactly who is visiting the tracked site...assuming that you didn't say that you're "Generic Joe" who lives on "123 Main Street".
If that wasn't enough to make you retch, the code itself is infinitely worse. The tragic logic loops through all form elements on the page, and then tries to identify each field by its name, like so:
(llelementphone=='phone') || (llelementphone=='Phone') || (llelementphone=='phone') || (llelementphone=='PHONE') || (llelementphone=='sPhone') || (llelementphone=='strPhone') || (llelementphone=='Telephone') || (llelementphone=='telephone') || (llelementphone=='tel') || (llelementphone=='si_contact_ex_field6') || (llelementphone=='phonenumber') || (llelementphone=='phone_number') || (llelementphone=='PhoneNumber_num_25_1') || (llelementphone=='Telefone') || (llelementphone=='Contact Phone') || (llelementphone=='edit-profile-phone') || (llelementphone=='contactTelephone') || (llelementphone=='f4') || (llelementphone=='Contact-Phone') || (llelementphone=='formItem_239') || (llelementphone=='phone_r') || (llelementphone=='PhoneNo') || (llelementphone=='LeadGen_ContactForm_98494_m0:Phone') || (llelementphone=='telefono') || (llelementphone=='ntelephone') || (llelementphone=='wtelephone') || (llelementphone=='watelephone') || (llelementphone=='phone_work') || (llelementphone=='telephone-number') || (llelementphone=='ctl00$HeaderText$ctl00$PhoneText') || (llelementphone=='ctl00$ctl00$cphMain$cphInsideMain$widget1$ctl00$viewBiz$ctl00$phone$textbox') || (llelementphone=='ctl00$ctl00$ContentPlaceHolderBase$ContentPlaceHolderSideMenu$TextBoxPhone') || (llelementphone=='ctl00$SPWebPartManager1$g_c8bd31c3_e338_41df_bdbe_021242ca01c8$ctl01$ctl06$txtTextbox') || (llelementphone=='curftelephone') || (llelementphone=='form[Telephone]')
...and...
if ( llformcompany == '' && ((llelementcompany=='company') || (llelementcompany=='Organization') || (llelementcompany=='organization') || (llelementcompany=='si_contact_ex_field3_3') || (llelementcompany=='companyname') || (llelementcompany=='jform[contact_company]') || (llelementcompany=='sCompany') || (llelementcompany=='companyid') || (llelementcompany=='inpCompany') || (llelementcompany=='companyName') || (llelementcompany=='profile_company') || (llelementcompany=='txt_company') || (llelementcompany=='company_name') || (llelementcompany=='LeadGen_ContactForm_98494_m0:Company') || (llelementcompany=='Company_Name') || (llelementcompany=='Company Name') || (llelementcompany=='companyName') || (llelementcompany=='companyName') || (llelementcompany=='account_name') || (llelementcompany=='submitted[row_2][company]') || (llelementcompany=='AccountId') || (llelementcompany=='ac_companyName') || (llelementcompany=='edit-profile-company') || (llelementcompany=='info(companyName)') || (llelementcompany=='contact$tbCompany') || (llelementcompany=='companyName_1') || (llelementcompany=='org' && llfrimid != '12462') || (llelementcompany=='Business') || (llelementcompany=='boxMedSchool') || (llelementcompany=='txtBusiness') || (llelementcompany=='Company') || (llelementcompany=='ctl00$CPH_body$txtCompanyname') || (llelementcompany=='companyTextBox') || (llelementcompany=='ncompany') || (llelementcompany=='wcompany') || (llelementcompany=='wacompany') || (llelementcompany=='field9740824') || (llelementcompany=='contact[Company]') || (llelementcompany=='curfcompany') || (llelementcompany=='DATA[COMPANY]') || (llelementcompany=='your-organization') || (llelementcompany=='Fld3_label') || (llelementcompany=='ctl00$ctl00$mainCopy$CPHCenter$ctl00$QuickRegControl_2$TBCompany') || (llelementcompany=='input_3' && llfrmid==21452) || (llelementcompany=='input_3' && llfrmid==22578) || (llelementcompany=='item_meta[87]' && llfrmid==11823) || (llelementcompany=='EditableTextField3' && llfrmid==13948) || (llelementcompany=='EditableTextField99' && llfrmid==13948) || (llelementcompany=='EditableTextField102' && llfrmid==13948) || (llelementcompany=='EditableTextField117' && llfrmid==13948) || (llelementcompany=='input_7' && llfrmid==22954) || (llelementcompany=='cf2_field_5' && llfrmid==23878) || (llelementcompany=='input_3' && llfrmid==24017) || (llelementcompany=='input_4' && llfrmid==18793) || (llelementcompany=='input_7' && llfrmid==17254) || (llelementcompany=='input_5' && llfrmid==22093) || (llelementcompany=='input_4' && llfrmid==23756) || (llelementcompany=='input_3' && llfrmid==23633) || (llelementcompany=='input_2' && llfrmid==22114) || (llelementcompany=='input_4' && llfrmid==24782) || (llelementcompany=='input_2' && llfrmid==24911) || (llelementcompany=='input_3' && llfrmid==24811) || (llelementcompany=='input_3' && llfrmid==19230) || (llelementcompany=='text-828' && llfrmid==14451) || (llelementcompany=='field_2' && llfrmid==24654)
With that many choices (and look at the code yourself to see the rest - it's a hoot), the only possibility is that to be able to accurately capture every data point possible for every client, they need to append the field names for every client to the general codebase. Talk about reactive coding.
Thankfully, the good news was that the submitter was able to talk some sense into the exec who thankfully stated, "No, we're not putting that on the site."