Feeds

Security download must clearly disclose adware

Advertising.com settles FTC complaint

  • alert
  • submit to reddit

Security for virtualized datacentres

Advertising.com has settled charges made by the Federal Trade Commission (FTC) that it failed adequately to disclose the bundling of adware with a free security download. The adware was mentioned, but only in a user licence that was easy to ignore.

The settlement with Advertising.com, which is now part of America Online Inc., does not require the payment of damages, only a promise that future downloads will clearly and prominently disclose any inclusion of adware.

The FTC began a crackdown on spyware and adware last spring.

Spyware is the term for software that is used to collect information about an individual or organisation without their knowledge. Often malicious in nature, it can be deposited as an e-mail attachment or as a website download and used to harvest passwords or other confidential data. Adware tends to be less malicious, generating adverts matched to browsing habits; but it can still be an invasion of privacy and a great annoyance for users.

The FTC began investigating Advertising.com after concerns were raised about its marketing in 2003 of free security software called SpyBlast.

The regulator charged that the company and its co-founder, John Ferber, distributed online ads warning that because a viewer's computer was broadcasting an internet IP address, it was at risk from hackers.

Consumers who clicked on an ad were shown an ActiveX “security warning” installation box, with a hyperlink describing SpyBlast as “Personal Computer Security and Protection Software from unauthorised users” and telling them, “once you agree to the License Terms and Privacy policy – click YES to continue.”

The link did not indicate the nature and significance of the terms of the licensing agreement – namely that adware would be installed on their computers. Consumers were not required to read the agreement before installing the software.

If consumers had read the agreement, they might have seen a statement explaining that by accepting the software, they agreed to receive marketing messages, including pop-up ads, based on their internet browsing habits, according to the FTC.

The FTC said the adware bundled with SpyBlast collected information about consumers, including the URLs of pages they visited, and used this information to send targeted advertisements.

The complaint charged that in representing SpyBlast as an internet security program, the respondents did not adequately disclose that SpyBlast included adware that caused consumers to receive pop-up ads.

It considered that the presence of the bundled adware would be material to consumers deciding whether to install SpyBlast and, therefore, that the failure to disclose it adequately was deceptive.

Under the terms of the settlement between the FTC and Advertising.com, the internet company is now prohibited from making any representations about SpyBlast or any other program promoted as security or privacy software, unless any accompanying adware is clearly and conspicuously disclosed to consumers.

The settlement also requires that the company comply with standard record keeping and other provisions to allow the Commission to monitor compliance with the order.

An AOL spokesman told Reuters that Advertising.com had abandoned its adware business before AOL acquired the company in 2004. "Advertising.com does not now and will not in the future distribute adware products,” he said.

See: Details of the complaint and settlement

© Pinsent Masons 2000 - 2005

Related stories

Related stories

Industry coalition takes stab at defining spyware
Zombie bots fuel spyware boom
MS downgrades Claria adware detection
Pop-up smut tops spyware chart
WhenU wins pop-up adware case
Anti-spyware market to rocket
Adware firm 180solutions in image makeover

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
Admins! Never mind POODLE, there're NEW OpenSSL bugs to splat
Four new patches for open-source crypto libraries
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.