FTC Settlement Halts Online Advertiser Charged With ‘History Sniffing' Consumers

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

Under a proposed administrative consent order, accepted by the Federal Trade Commission Dec. 5, an online advertising company agreed to stop covertly gathering data from millions of consumers about their internet searches using a process called “history sniffing” (In re Epic Marketplace Inc., FTC, File No. 112 3182, 12/5/12).

The FTC alleged in a draft complaint that Epic Marketplace Inc. (Epic) and Epic Media Group LLC (EMG) collected information about consumers' online searches by using technology that allows them to “sniff” or access a browser to see what sites consumers have visited in the past.

Among the searches uncovered through the technique were searches about “sensitive medical and financial issues ranging from fertility and incontinence to debt relief and personal bankruptcy,” the FTC alleged.

In a Dec. 5 statement, FTC Chairman Jon Leibowitz remarked that internet users “shouldn't have to worry about whether someone is going to go sniffing through the sensitive, personal details of their browsing history without their knowledge.” He added that the respondents' “unscrupulous behavior undermines consumers' confidence, and we won't tolerate it.”

The proposed consent order would bar Epic from continuing to use history sniffing technology and from making future misrepresentations. The proposed settlement also would require the company to destroy information that it gathered in an allegedly unlawful manner.

Challenged Conduct.

The draft complaint contended that the respondents' conduct violated Section 5 of the FTC Act.

When consumers visited one of the some 24,000 websites within the respondents' network, they received a cookie, which stored information about their online practices--including sites they visited and the ads they viewed.

“Cookies are small text files that are commonly used to store information about a consumer's online activities, including information such as the content of advertisements that a consumer views or the pages a consumer visits within a particular website,” the draft complaint explained. They enabled the respondents to send consumers behavioral advertising targeted ads.

The FTC staff claimed that the respondents' privacy policy represented that it would collect information only about consumers' visits to sites within its network. Yet, they allegedly used history-sniffing to collect information “about sites outside its network that consumers had visited, including sites relating to personal health conditions and finances.”

The FTC said it will publish a description of the consent agreement package shortly in the Federal Register. The FTC also released an analysis of the proposed settlement. Public comments on the proposed agreement are due by Jan. 7, 2013.

Katherine White, Kristen Anderson, and Jonathan Zimmerman of the FTC Bureau of Consumer Protection, in Washington, represented the commission. Charulata B. Pagar of the VLP Law Group LLP, in Washington, represented the respondents.

The proposed administrative consent order is available at http://www.ftc.gov/os/caselist/1123182/121205epicorder.pdf.

The draft complaint is available at http://www.ftc.gov/os/caselist/1123182/121205epiccmpt.pdf.

The analysis of the proposed settlement is available at http://www.ftc.gov/os/caselist/1123182/121205epicanalysis.pdf.

Request Bloomberg Law: Privacy & Data Security