06 Dec 2012

Ad Network Spying on Users Faces FTC Disciplining

Using history sniffing technology to secretly spy on users, the New York-based Epic Marketplace ad network settled on a complaint by the Federal Trade Commission.

Inserting cookies into users’ computers each time they visited a network of over 45,000 websites, the ad network monitored browsing habits even outside the network. Profiling users enabled Epic Marketplace to better target and optimize their ads.

"Epic included the history-sniffing code within advertisements it served to visitors on at least 24,000 web pages within the Epic Marketplace Network including, but not limited to, CNN.com, PapaJohns.com, RedCross.[org], and Orbitz.com," says the FTC complaint. "The code allowed Epic to determine whether a consumer had visited any of over 54,000 domains. Among the domains that Epic 'sniffed' were pages relating to fertility issues, impotence, menopause, incontinence, disability insurance, credit repair, debt relief, and personal bankruptcy."

The FTC stated that, even if users deleted their cookies, the ad network could still track them through history sniffing.  Only by deleting both their browsing history and cookies could users have stopped the tracking and profiling.

"History sniffing circumvents the most common and widely known method consumers use to prevent online tracking: deleting cookies," states the FTC complaint. "Deleting cookies does not prevent a website from querying a consumer's browsing history. Consumers could only protect against history sniffing by deleting their browsing history and using private browsing mode, or, with regard to Epic's history sniffing, opting out of receiving targeted advertisements from Epic."

The settlement prevents Epic from using tracking or sniffing technology and at the same time dispose of all collected data.