Feeds

Security download must clearly disclose adware

Advertising.com settles FTC complaint

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Advertising.com has settled charges made by the Federal Trade Commission (FTC) that it failed adequately to disclose the bundling of adware with a free security download. The adware was mentioned, but only in a user licence that was easy to ignore.

The settlement with Advertising.com, which is now part of America Online Inc., does not require the payment of damages, only a promise that future downloads will clearly and prominently disclose any inclusion of adware.

The FTC began a crackdown on spyware and adware last spring.

Spyware is the term for software that is used to collect information about an individual or organisation without their knowledge. Often malicious in nature, it can be deposited as an e-mail attachment or as a website download and used to harvest passwords or other confidential data. Adware tends to be less malicious, generating adverts matched to browsing habits; but it can still be an invasion of privacy and a great annoyance for users.

The FTC began investigating Advertising.com after concerns were raised about its marketing in 2003 of free security software called SpyBlast.

The regulator charged that the company and its co-founder, John Ferber, distributed online ads warning that because a viewer's computer was broadcasting an internet IP address, it was at risk from hackers.

Consumers who clicked on an ad were shown an ActiveX “security warning” installation box, with a hyperlink describing SpyBlast as “Personal Computer Security and Protection Software from unauthorised users” and telling them, “once you agree to the License Terms and Privacy policy – click YES to continue.”

The link did not indicate the nature and significance of the terms of the licensing agreement – namely that adware would be installed on their computers. Consumers were not required to read the agreement before installing the software.

If consumers had read the agreement, they might have seen a statement explaining that by accepting the software, they agreed to receive marketing messages, including pop-up ads, based on their internet browsing habits, according to the FTC.

The FTC said the adware bundled with SpyBlast collected information about consumers, including the URLs of pages they visited, and used this information to send targeted advertisements.

The complaint charged that in representing SpyBlast as an internet security program, the respondents did not adequately disclose that SpyBlast included adware that caused consumers to receive pop-up ads.

It considered that the presence of the bundled adware would be material to consumers deciding whether to install SpyBlast and, therefore, that the failure to disclose it adequately was deceptive.

Under the terms of the settlement between the FTC and Advertising.com, the internet company is now prohibited from making any representations about SpyBlast or any other program promoted as security or privacy software, unless any accompanying adware is clearly and conspicuously disclosed to consumers.

The settlement also requires that the company comply with standard record keeping and other provisions to allow the Commission to monitor compliance with the order.

An AOL spokesman told Reuters that Advertising.com had abandoned its adware business before AOL acquired the company in 2004. "Advertising.com does not now and will not in the future distribute adware products,” he said.

See: Details of the complaint and settlement

© Pinsent Masons 2000 - 2005

Related stories

Related stories

Industry coalition takes stab at defining spyware
Zombie bots fuel spyware boom
MS downgrades Claria adware detection
Pop-up smut tops spyware chart
WhenU wins pop-up adware case
Anti-spyware market to rocket
Adware firm 180solutions in image makeover

Secure remote control for conventional and virtual desktops

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.