Advertising.com., Inc., now a subsidiary of America Online, Inc., has agreed to settle FTC charges that it violated federal law by offering free security software, but failing to disclose adequately that adware was bundled with that software. The settlement will require that the company clearly and prominently disclose adware bundled with software advertised to enhance security or privacy.
“This company offered SpyBlast, a free security program to protect against hackers,” said Lydia Parnes, Director of the FTC’s Bureau of Consumer Protection. “But consumers who downloaded SpyBlast also downloaded a form of software that followed their electronic comings and goings and force-fed them pop-up ads.”
The FTC complaint charged that Advertising.com, Inc., and its co-founder, John Ferber, distributed ads stating that because a consumer’s computer was broadcasting an Internet IP address, it was at risk from hackers. Consumers who clicked on one of the ads were shown an Active X “security warning” installation box, with a hyperlink describing SpyBlast as “Personal Computer Security and Protection Software from unauthorized users” and telling them, “once you agree to the License Terms and Privacy policy - click YES to continue.” The hyperlink did not indicate the nature and significance of the terms of the licensing agreement – namely that adware would be installed on their computers. Consumers were not required to read the agreement before installing the software. If consumers had read the agreement, they might have seen a statement saying that by accepting the software, they agreed to receive marketing messages, including pop-up ads, based on their Internet browsing habits.
According to the complaint, the SpyBlast software was bundled with a software program that collected information about consumers, including the URLs of pages they visited, that was used to send them advertisements.
The complaint charges that in representing that SpyBlast is an Internet security program, the respondents did not adequately disclose that SpyBlast included adware that caused consumers
to receive pop-up ads. It alleges that the presence of the bundled adware would be material to consumers deciding whether to install SpyBlast, and, therefore, that the failure to disclose it adequately was deceptive.
The proposed consent order prohibits the respondents from making any representations about the performance, benefits, efficacy, or features of SpyBlast or any of their other programs promoted as security or privacy software, unless they clearly and conspicuously disclose that consumers who install the program will receive advertisements, if that is the case. The settlement also requires that the respondents comply with standard record-keeping and other provisions to allow the Commission to monitor compliance with the order. The proposed consent order does not cover America Online, Inc., the parent company of respondent Advertising.com, Inc.
The accompanying analysis to aid public comment notes that this complaint, “applies general Commission law on deception. The application of this law in an online context was illustrated in a 2000 FTC staff guidance document, Dot Com Disclosures: Information About Online Advertising, which is available at: www.ftc.gov/bcp/edu/pubs/business/ecommerce/bus41.pdf."
The analysis also states: “The proposed order is designed specifically to address the facts of the case at hand. However, the limitation in the proposed order to respondents' software programs whose principal function is to enhance security or privacy should not be read more broadly to suggest that the requirement for clear and prominent disclosure is necessarily limited to those situations. Moreover, the problem here was not the security software that Advertising.com disseminated with its adware. Instead, it was the respondents’ practice of downloading software onto users’ computers, without adequate notice and consent, that generated repeated pop-up ads as the computer users surfed the Web.”
The Commission vote to accept the proposed consent agreement was 4-0. The FTC will publish an announcement regarding the agreement in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through August 31, after which the Commission will decide whether to make it final. Comments should be addressed to the FTC, Office of the Secretary, Room H-159, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC is requesting that any comment filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.
Copies of the complaint and consent agreement are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to thousands of civil and criminal law enforcement agencies in the U.S. and abroad.
(FTC File No. 042-3196)
Contact Information
Office of Public Affairs
202-326-2181
202-326-2128 or 202-326-2699