Feeds

Security download must clearly disclose adware

Advertising.com settles FTC complaint

  • alert
  • submit to reddit

5 things you didn’t know about cloud backup

Advertising.com has settled charges made by the Federal Trade Commission (FTC) that it failed adequately to disclose the bundling of adware with a free security download. The adware was mentioned, but only in a user licence that was easy to ignore.

The settlement with Advertising.com, which is now part of America Online Inc., does not require the payment of damages, only a promise that future downloads will clearly and prominently disclose any inclusion of adware.

The FTC began a crackdown on spyware and adware last spring.

Spyware is the term for software that is used to collect information about an individual or organisation without their knowledge. Often malicious in nature, it can be deposited as an e-mail attachment or as a website download and used to harvest passwords or other confidential data. Adware tends to be less malicious, generating adverts matched to browsing habits; but it can still be an invasion of privacy and a great annoyance for users.

The FTC began investigating Advertising.com after concerns were raised about its marketing in 2003 of free security software called SpyBlast.

The regulator charged that the company and its co-founder, John Ferber, distributed online ads warning that because a viewer's computer was broadcasting an internet IP address, it was at risk from hackers.

Consumers who clicked on an ad were shown an ActiveX “security warning” installation box, with a hyperlink describing SpyBlast as “Personal Computer Security and Protection Software from unauthorised users” and telling them, “once you agree to the License Terms and Privacy policy – click YES to continue.”

The link did not indicate the nature and significance of the terms of the licensing agreement – namely that adware would be installed on their computers. Consumers were not required to read the agreement before installing the software.

If consumers had read the agreement, they might have seen a statement explaining that by accepting the software, they agreed to receive marketing messages, including pop-up ads, based on their internet browsing habits, according to the FTC.

The FTC said the adware bundled with SpyBlast collected information about consumers, including the URLs of pages they visited, and used this information to send targeted advertisements.

The complaint charged that in representing SpyBlast as an internet security program, the respondents did not adequately disclose that SpyBlast included adware that caused consumers to receive pop-up ads.

It considered that the presence of the bundled adware would be material to consumers deciding whether to install SpyBlast and, therefore, that the failure to disclose it adequately was deceptive.

Under the terms of the settlement between the FTC and Advertising.com, the internet company is now prohibited from making any representations about SpyBlast or any other program promoted as security or privacy software, unless any accompanying adware is clearly and conspicuously disclosed to consumers.

The settlement also requires that the company comply with standard record keeping and other provisions to allow the Commission to monitor compliance with the order.

An AOL spokesman told Reuters that Advertising.com had abandoned its adware business before AOL acquired the company in 2004. "Advertising.com does not now and will not in the future distribute adware products,” he said.

See: Details of the complaint and settlement

© Pinsent Masons 2000 - 2005

Related stories

Related stories

Industry coalition takes stab at defining spyware
Zombie bots fuel spyware boom
MS downgrades Claria adware detection
Pop-up smut tops spyware chart
WhenU wins pop-up adware case
Anti-spyware market to rocket
Adware firm 180solutions in image makeover

Secure remote control for conventional and virtual desktops

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
JLaw, Kate Upton exposed in celeb nude pics hack
100 women victimised as Apple iCloud accounts reportedly popped
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
Oz fed police in PDF redaction SNAFU
Give us your metadata, we'll publish your data
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.