GS Logo
The Green Sheet, Inc

Please Log in

A Thing
Article published in Issue Number: 070302

Got adware? Beware the FTC's teeth

By David H. Press, Integrity Bankcard Consultants Inc.

For ISOs and merchant level salespeople (MLSs), selecting merchants to serve has always involved a risk/reward calculation. In the old days, problematic accounts were limited to purveyors of such things as water filters and credit protection.

But e-commerce has inspired new types of merchants who could wipe out your business.

Recently, for example, a large adware distributor and four of its principals agreed to settle Federal Trade Commission charges that the company used unfair and deceptive methods to download adware (software containing advertising) onto consumers' computers and then obstruct them from removing it.

According to the FTC, settlement of this case has brought the vendor's unauthorized software downloads to a halt and stopped the company from sending pop-up ads to computers affected by prior unlawful downloads.

The allegations

The FTC's complaint alleged the following:

  • The vendor installed its adware on consumers' computers directly and through a large network of affiliates and subaffiliates.

  • The vendor and its affiliates frequently offered consumers free content and software, such as screensavers, games and utilities, without disclosing adequately that downloading them would result in installation of adware.

  • Some of the vendor's affiliates exploited security vulnerabilities in Web browsers to install adware.

  • The vendor deliberately made it difficult to identify and locate adware for removal. Specifically, it failed to label its pop-up ads to identify their source. And it stored adware files in rarely accessed locations on consumers' hard drives, failed to list the adware in the Windows Add/Remove utility, or named the adware files to resemble core system software or applications.

  • The vendor made it difficult to remove its adware. For example, it installed technology on consumers' computers to secretly reinstall the adware when consumers attempted to remove it or when the adware was deleted by consumers' anti-spyware programs.

Additionally, to use an uninstall tool the vendor provided via the Web required consumers to follow a 10-step procedure. It involved download of additional software and deactivation of all third-party firewalls, thus exposing consumers' computers to security risks.

The FTC alleged the company was deceptive for failing to disclose adequately that downloading the free content and software would result in installation of adware. It also alleged that using security exploits to download adware was an unfair practice.

In addition, the FTC charged that the vendor's failure to provide consumers with a reasonable and effective means to identify, locate and remove adware from their computers was unfair, in violation of the FTC Act.

The outcome

The FTC settlement bars the vendor from delivering ads to legacy users. These are consumers with computers on which the vendor installed adware before Oct. 1, 2005.

The settlement permits the vendor to send legacy users up to three opt-in notices that advise them of the FTC settlement, provide simple instructions on how to uninstall the vendor's adware program and offer them the option to expressly consent to resuming receipt of the ads.

The FTC settlement also bars the vendor _ directly or through others _ from exploiting security vulnerabilities to download any software program or application. It requires the vendor to provide clear and prominent disclosures and obtain consumers' express consent before downloading software onto their computers.

The settlement further requires that the vendor clearly identify all of its ads. It must also establish and maintain effective, user-friendly mechanisms through which consumers can register complaints and easily identify, locate and remove the adware.

In addition, the vendor must monitor its partners to ensure that its affiliates and their subaffiliates comply with the FTC order. Finally, the vendor will give up $1.5 million in ill-gotten gains to the FTC to settle the charges. The settlement contains standard record keeping provisions to allow the FTC to monitor compliance. For full details, visit http://ftc.gov/opa/2007/02/directrevenue.htm.

Serving online merchants can lead to high volume and high profits. But don't get greedy. Watch your merchants closely, and think. The Internet is full of unbelievable offers that could lead to the destruction of ISOs. Don't let yours be one of them.

David H. Press is Principal and President of Integrity Bankcard Consultants Inc. Call him at 630-637-4010, e-mail dhpress@ibc411.com or visit www.ibc411.com.

Article published in issue number 070302

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Back Next Index © 2007, The Green Sheet, Inc.