657 captures

27 Mar 2004 - 18 Feb 2026

Mar	APR	May
	24
2022	2023	2024

success

fail

About this capture

COLLECTED BY

Organization: Internet Archive

These crawls are part of an effort to archive pages as they are created and archive the pages that they refer to. That way, as the pages that are referenced are changed or taken from the web, a link to the version that was live when the page was written will be preserved.

Then the Internet Archive hopes that references to these archived pages will be put in place of a link that would be otherwise be broken, or a companion link to allow people to see what was originally intended by a page's authors.

The goal is to fix all broken links on the web. Crawls of supported "No More 404" sites.

Collection: Wordpress Blogs and the Pages They Link To

This is a collection of pages and embedded objects from WordPress blogs and the external pages they link to. Captures of these pages are made on a continuous basis seeded from a feed of new or changed pages hosted by Wordpress.com or by Wordpress pages hosted by sites running a properly configured Jetpack wordpress plugin.

TIMESTAMPS

Spyware, Adware, and Malware: Research, Testing, Legislation, and Suits
Benjamin Edelman

[ Introduction - Research - Legislation - Pending Suits ]

Introduction

A number of firms currently design and offer so-called "spyware" software -- programs that monitor user activities, and transmit user information to remote servers and/or show targeted advertisements. As distinguished from the design model anticipated by whatis.com's definition of adware ("any software application in which advertising banners are displayed while the program is running"), these spyware programs run continuously and show advertisements specifically responding to the web sites that users visit. Companies making programs in this latter category include Gator (recently renamed Claria), WhenU, and 180Solutions. Other spyware programs include keystroke recorders, screen capture programs, and numerous additional software systems that surreptitiously monitor and/or transmit users' activities. As programs and practices shift and terms evolve, some practices are more naturally termed "adware" or "malware" -- especially if their tracking is secondary to an advertising purpose.

These programs have prompted a number of legal challenges, as described in the pending suits section, below. They have also attracted attention from legislators, who have proposed laws to rein in the problem

I have followed these developments generally, I have written about the programs and their effects, and I have been retained as an expert in certain of these suits. This page indexes my research and my work in selected cases.

Research as to Spyware Operation, Advertisements and Targeting

Gator / Claria GAIN

• Documentation of Gator Advertisements and Targeting (May 2003)
  • Research showing which advertisements Gator shows when users visit various domain names. Includes advertisement thumbnails and analysis of targeting conditions.
• WashingtonPost.Newsweek Interactive Company, LLC, et al. v. the Gator Corporation - Edelman Expert Declarations (June 2002 - February 2003)
• Teleflora, Inc. v. Claria. - Edelman Expert Declaration (May 2004)
• Dell's Spyware Puzzle (June 2004)
  • Research showing Dell UK advertising on the Claria network, puzzling because Dell has previously criticized unwanted software on users' PCs.
• Gator's EULA Gone Bad. (November 2004)
  • Analysis of substance and presentation of Claria's license agreement. The 5,900+ word, 63-page license is presented in a small scroll box with section headings merged into body text. Users who manage to read the license find surprising terms: Users must not run third-party tools (like Ad-Aware or Spybot) to remove Gator, and users must not investigate what personal information Gator tracks and sends.
• Claria's License Agreement is Fifty Six Pages Long (June 2004)
  • Complete set of screenshots showing the Claria installation process and license agreement, when Claria is bundled with Kazaa. The 5,541-word Claria license requires fifty six on-screen pages, e.g. fifty six presses of the page-down key, discouraging users from meaningfully reviewing the license.
• Claria's Practices Don't Meet Its Lawyers' Claims (January 2005)
• Comparison of Unwanted Software Installed by P2P Programs (March 2005)
• Claria's Misleading Installation Methods - Ezone.com (April 2005)
• Claria Shows Ads Through Exploit-Delivered Popups. (October 2005)
• What Claria Doesn't Disclose (Any More). (November 2005)

WhenU Save / SaveNow

• Google Still Charging Advertisers for Conversion-Inflation Traffic from WhenU Spyware (January 2010)
• How Google and Its Partners Inflate Measured Conversion Rates and Increase Advertisers' Costs (May 2009)
• WhenU Violates Own Privacy Policy (May 2004)
  • Research showing that WhenU transmits to its serves some of the specific URLs users visit, precisely contrary to WhenU's promises in WhenU's license agreements and in some WhenU software installers.
• Advertisers Using WhenU (June 2004)
  • Research reporting all current WhenU graphical advertisers. Major advertisers include Priceline, J.P. Morgan Chase, Verizon, Merck, and T-Mobile.
• WhenU Security Hole Allows Execution of Arbitrary Software (June 2004)
  • Research finding a flaw in the auto-update system used by certain WhenU software recently available on WhenU's ordinary public web site. Flaw allowed attackers to install any software on PCs of users with the affected WhenU software.
• WhenU Spams Google, Breaks Google "No Cloaking" Rules (May 2004)
  • Research showing web sites created by WhenU in violation of search engine rules, boosting rankings of content favorable to WhenU while pushing critics lower in rankings. Google and Yahoo! responded by removing www.whenu.com and other affected sites from their indexes.
• WhenU Copies 26+ News Articles from 20+ Publishers (May 2004)
  • Research showing that WhenU has copied at least 26 articles from at least 20 different publishers to its main www.whenu.com web server, as well as to at least eleven other official WhenU servers. The articles are provided in full, but without the advertisements that surround article text on the publishers' web sites, without any mention of authorization from the publishers, and without their ordinary copyright notices.
• WhenU's License Agreement is Forty Five Pages Long (April 2004)
  • Complete set of screenshots showing the WhenU installation process and license agreement, when WhenU is bundled with BearShare. Due to placement of the WhenU license is an exceptionally small on-screen window, viewing the entire license requires 45 presses of the page-down key, discouraging users from meaningfully reviewing the license.
• Documentation of WhenU Advertisements and Targeting (forthcoming)
  • Research showing which advertisements WhenU shows when users visit various domain names. Includes advertisement thumbnails and analysis of targeting conditions.
• Quicken Loans and Wells Fargo v. Whenu.com Inc. - Edelman Expert Declarations (July - September 2003)

180Solutions / n-CASE / Zango / SeekMo / Blinkx

• The Effect of 180solutions on Affiliate Commissions and Merchants (July 2004)
  • Research showing how 180 software intentionally causes merchants to pay affiliate commissions to 180, even when affiliate commissions are properly payable to other affiliates, or are properly withheld by merchants under the terms and conditions of their affiliate programs.
• 180solutions Installation Methods and License Agreement (July 2004)
  • Research itemizing 180's major installation methods, including drive-by downloads, distribution partners, and installation through security holes. Discussion also tracks failure to show a license agreement and failure to provide an uninstaller.
• Who Profits from Security Holes? (November 2004)
  • Video example of software installation through security holes, installing software from 180solutions and 15+ other companies.
• 180 Talks a Big Talk, but Doesn't Deliver (January 2005)
  • Evaluates 180solutions current installation methods and other practices in light of endorsement by an anti-spyware consortium.
• 3D Desktop's Misleading Installation Methods (April 2005)
• 180solutions's Misleading Installation Methods - Ezone.com (April 2005)
• The PacerD Installation Bundle (April 2005)
• The 180 Turnaround That Wasn't (May 2005)
• Installation of 180solutions Software through Security Holes - Videos (ongoing) (public examples: 1, 2, 3, 4)
• Scanning for Solutions (December 2005)
• 180solutions's Misleading Installation Methods - Dollidol.com (January 2006)
• Nonconsensual 180 Installations Continue, Despite 180's "S3" Screen (February 2006)
• Advertisers Funding 180solutions (March 2006)
• Bad Practices Continue at Zango, Notwithstanding Proposed FTC Settlement and Zango's Claims (November 2006)
• Zango Practices Violating Zango's Recent Settlement with the FTC (July 2007)
• Debunking Zango's "Content Economy" (May 2008)
• Twenty Oft-Found Commission Junction and LinkShare Affiliate Violations (December 2012)
• The Darker Side of Blinkx (January 2014)
• Blinkx Adware Revisited: Installation and Operation (April 2014)

Direct Revenue / ABetterInternet / Best Offers Network

• Documentation of Direct Revenue Advertisements, Advertisers, and Targeting (forthcoming)
• Direct Revenue Deletes Competitors from Users Disks (December 2004)
  • Packet log excerpts showing the means by which Direct Revenue removes certain competitors' programs from users' hard disks.
• Comparison of Unwanted Software Installed by P2P Programs (March 2005)
• The PacerD Installation Bundle (April 2005)
• Advertisers Funding Direct Revenue. (March 2006)
• People of the State of New York v. Direct Revenue, LLC. (April 2006)
• Installation of Direct Revenue Software through Security Holes - videos (2004-2005) (available on request)

Spyware Generally

• Methods and Effects of Spyware (PDF) - Response to FTC Call for Comments on Spyware (March 2004)
  • I explain how spyware works, including presenting specific personal information transmitted by both Gator and WhenU. (The WhenU transmissions are particularly notable because these transmissions seem to violate WhenU's own privacy policy.) Other sections of the document discuss installation methods of spyware (with special consideration of the technical methods used in drive-by downloads), frequency of advertisement display, and performance and security effects of spyware.
• A Close Reading of Utah's Spyware Control Act - FAQ-style analysis of the bill, a prominent letter of opposition, and related media coverage. (March 2004) See also WhenU.com, Inc., v. The State of Utah, WhenU's challenge to the Spyware Control Act.
• Grokster and Claria Take Licenses to New Lows (October 2004)
  • Shows installation of software even when users press "Cancel" to decline installation. Notes that license agreements stretch to the tens of thousands of words, and to hundreds of on-screen pages.
• Who Profits from Security Holes? (November 2004)
  • Video example of software installation through security holes, installing software from 180solutions and 15+ other companies.
• Video: Ebates Installed through Security Holes (December 2004)
  • Video showing software from Ebates installed through security holes, contrary to affiliate networks' policies.
• Media Files that Spread Spyware (January 2005)
  • Listing of programs installed after a misleading pop-up displayed by a Windows Media file.
• Investors Supporting Spyware (January 2005)
  • Listing of major investment firms helping support the operation of large US-based spyware companies.
• How VeriSign Could Stop Drive-By Downloads (February 2005)
  • VeriSign's existing software systems let it revoke digital certificates so as to block certain misleading installation attempts. I give examples of the problem and suggest how VeriSign could take action.
• How Google's Blogspot Helps Spread Unwanted Software (February 2005)
  • Certain pages at Google's Blogspot service show misleading popups, falsely claiming to be required updates. If a user presses "Yes" once, extra toolbars, popup ads, and privacy-invading software arrive on the user's PC. Google could stop this problem with a simple policy change already implemented elsewhere on the Blogspot site.
• Comparison of Unwanted Software Installed by P2P Programs (March 2005)
  • I compare five major P2P programs and the additional applications they install. Article includes detailed screen-shots and analysis of the programs' licenses and installation procedures.
• Advertisers Supporting eXact Advertising (March 2005)
  • Listing of companies advertising with or otherwise supporting eXact Advertising.
• Threats Against Spyware Detectors, Removers, and Critics (March 2005)
  • Listing of companies threatening, suing, or making "requests" of those who detect, remove, or write about their programs.
• Spyware Installation Methods - index
• 3D Desktop's Misleading Installation Methods (April 2005)
• The PacerD Installation Bundle (April 2005)
• Ask Jeeves Toolbar Installs via Banner Ads at Kids Sites (May 2005)
• Ask Jeeves Toolbar Installed through Security Holes (May 2005)
• Hotbar Installs via Banner Ads at Kids Sites (May 2005)
• Intermediaries' Role in the Spyware Mess (May 2005)
• Netscape 8's "Trust Rating" System. (May 2005)
• More on Google's Role: Syndicated Ads Shown Through Ill-Gotten Third-Party Toolbars. (June 2005)
• What Passes for "Consent" at 180solutions. (June 2005)
• Debunking ShopAtHomeSelect. (August 2005)
• How Yahoo Funds Spyware. (August 2005)
• How Expedia Funds Spyware. (September 2005)
• How Affiliate Programs Fund Spyware. (September 2005)
• Video: New.net Installed through Security Holes. (October 2005)
• Deciding Who To Trust. (December 2005)
• Affiliate Hall of Shame. (January 2006)
• Pushing Spyware through Search. (January 2006)
• Critiquing ITSA's Pro-Adware Policy. (March 2006)
• The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited. (April 2006)
• The Safety of Internet Search Engines (May 2006) and The Safety of Internet Search Engines - Revisited (December 2006)
• Banner Farms in the Crosshairs. (June 2006)
• Spyware Showing Unrequested Sexually-Explicit Images. (June 2006)
• How Vonage Funds Spyware. (July 2006)
• Certifications and Site Trustworthiness and Adverse Selection in Online "Trust" Authorities. (September 2006)
• Current Practices of IAC/Ask Toolbars. (October 2006)
• Intermix Revisited. (November 2006)
• Advertising Through Spyware -- After Promising To Stop. (March 2007)
• How Spyware-Driven Forced Visits Inflate Web Site Traffic Counts. (May 2007)
• Spyware Still Cheating Merchants and Legitimate Affiliates. (May 2007)
• ComScore Doesn't Always Get Consent. (June 2007)
• A Closer Look at Coupons.com (August 2007) and Coupons.com and TRUSTe: Lots of Talk, Too Little Action (March 2008).
• The Sears "Community" Installation of ComScore. (January 2008)
• Critiquing C-NetMedia's Anti-Spyware Offerings and Advertising Practices. (February 2008)
• Optimal Deterrence when Judgment-Proof Agents Are Paid In Arrears - With an Application to Online Advertising Fraud and Delaying Payment to Deter Online Advertising Fraud. (February - March 2008)
• Spyware and Adware. Written testimony submitted to the US Senate Committee on Commerce, Science, and Transportation Hearing on Impact and Policy Implications of Spyware on Consumers and Businesses. (June 2008)
• Auditing Spyware Advertising Fraud: Wasted Spending at VistaPrint. (September 2008)
• Hydra Media's Pop-Up Problem -- Ten Examples. (October 2008)
• Google Click Fraud Inflates Conversion Rates and Tricks Advertisers into Overpaying. (January 2010)
• Upromise Savings -- At What Cost? (January 2010)
• Google Toolbar Tracks Browsing Even After Users Choose "Disable", Google's Privacy Breach: Lessons for Companies, and Protecting Privacy by Design. (January-February 2010)
• A Closer Look at IronSource Installation Tactics. (February 2015)

Legislation Regulating Spyware

• Proposed US federal legislation
  • Spy Act ("Securely Protect Yourself Against Cyber Tresspact Act") - Rep. Mary Bono - H.R. 964 (formerly H.R.2929; formerly H.R.29)
    • Status: Passed House, May 23, 2005. Reintroduced, February 8, 2007.
    • Prohibits certain specific practices except with user authorization. Requires notice, consent, and uninstall capability for certain information collection and advertising programs. Leaves many key details to the Federal Trade Commission. Grants enforcement power only to the FTC. Preempts existing state laws about spyware.
    • My full analysis and critique. See also my earlier initial analysis and critique.
  • Internet Spyware (I-SPY) Prevention Act - Rep. Bob Goodlatte - H.R. 744 (formerly H.R.4661)
    • Status: Passed House, May 23, 2005.
    • Creates criminal penalties for accessing a protected computer without authorization, or exceeding authorization, by causing software to be copied onto a computer and 1) using that code for another Federal criminal offense, 2) intentionally obtaining or transmitting personal information with intent to defraud, injure, or cause damage, or 3) intentionally impairing computer security.
    • My initial analysis and critique.
  • Software Principles Yielding Better Levels of Consumer Knowledge - Sen. Conrad Burns and Sen. Ron Wyden - S.687 (formerly S.2145)
    • Status: Passed committee, November 2005.
    • Prohibits causing the installation of software without providing an opportunity to grant or withhold consent. Prohibits misleading inducements to install. Requires that programs include reasonable uninstallation procedures. Prohibits "surreptitious" information collection (in a manner not disclosed and authorized at the time of transmission). Requires labeling of adware advertisements. Safe harbor for anti-spyware services. Enforcement by FTC and by state attorney geenrals. Prempts existing state laws about spyware.
  • Computer Software Privacy and Control Act - Rep. Jay Inslee - H.R.4255
    • Status: Introduced, April 2004.
    • Prohibits transmission of software that collects and transmits personal information about computer owner or operator, monitors and transmits web pages accessed, or modifies default computer settings as to home page or search, unless notice is provided and consent is obtained in advance. Advertising software permitted only with consent and uninstall. Violations enforced by FTC under FTC Act, via criminal penalties, and by states. Preempts existing state laws about spyware.
  • Enhanced Consumer Protection Against Spyware Act - Sen. George Allen
    • Status: Introduced, May 2005.
    • Allocates $10 million towards FTC action against spyware. Increases FTC authority to fine, including disgorgement of profits. Expands FTC authority to include foreign deceptive practices that cause foreseeable injury within the US. Preempts all state and local laws as to software installation.
  • Counter Spy Act - Sen. Mark Pryor
  • Status: Introduced, June 2007.
  • See my testimony with analysis and recommendations.
• Proposed US state spyware legislation
  • See also the National Conference of State Legislatures' 2004 and 2005 Legislation Relating to Internet Spyware or Adware.
• Other legislation
  • Australia: Spyware Control Bill - Requires notice and consent prior to installation of certain software.
    • Status: Introduced, May 2005.
• Netherlands: Plans for an anti-spyware bill.

Pending Suits Against Designers of Spyware

Claria

Claria's activities have prompted a number of legal challenges. This section attempts to chronicle key suits to the best of my ability. Please send suggestions for additions or updates.

• Facing complaints from the Internet Advertising Bureau as to Gator's activities, then including banner ads that tended to cover web sites' own banner ads, Gator in 2001 sued the IAB and subsequently settled. Gator has subsequently sued Virtumundo, L.L. Bean, and PriceGrabber (citation).
• In 2002, Gator was sued by a group of media companies including the New York Times and Washington Post in the US District Court for the Eastern District of Virginia. A preliminary injunction was issued, enjoining Gator's targeting of plaintiffs' web sites. The case settled before trial, and the terms of the settlement are confidential. I served as a technical expert for the plaintiffs. See my declarations and selected other case documents.
• In 2002, Weight Watchers sued competitor DiscreetDrugs.com, which had reportedly used Gator to cause its advertisements to appear when users requested the Weight Watchers web site. Also in 2002, Weight Watchers sued competitor DietWatch.com, which had also reportedly used Gator to cause its advertisements to cover the Weight Watchers site. A premanent injunction was issued by the US District Court, Southern District of Nwe York, enjoining certain DietWatch activities and granting $25,000 of damages.
• Gator was subsequently sued by Extended Stay America (District of South Carolina), Hertz (opinion as to Gator's requested stay of proceedings) (New Jersey District Court), Lending Tree (Western District of North Carolina), Metrodate (representing a class of targeted web sites), Overstock.com, Quicken Loans, Six Continents Hotels (Northern District of Georgia), TigerDirect (Southern District of Florida), UPS (Northern District of Georgia), and Wells Fargo, among others. A footnote in the Hertz opinion provides citations to the majority of these cases.
• In 2003, Gator moved for consolidation of these cases as well as Gator's declaratory judgment actions against L.L. Bean, Virtumundo, Extended Stay America, PriceGrabber.com, and Tiger Direct. Gator asked that these cases be consolidated in the US District Court for the Northern District of California. (See Schedule of Matters for Judicial Panel on Multidistrict Litigation, PDF page 7.) Instead, these cases were consolidated to the Northern District of Georgia, as detailed in the Multidistrict Litigation Transfer Order (PDF).
• In 2004, the German division of Hertz obtained a preliminary injunction prohibiting Claria from using pop-up ads to cover Hertz's site. See news coverage.
• In 2004, Teleflora sued Claria. I serve as an expert for Teleflora, and I filed an initial declaration in this matter.
• In 2004, L.L. Bean sued Nordstrom's, JC Penney, Atkins, and Gevalia, each of which used Claria to display pop-up ads that cover L.L. Bean's site. See press release, news coverage. Claria countersued L.L.Bean. Gevalia and Atkins settled with L.L. Bean. L.L. Bean complaints: Nordstrom's, JC Penney, Atkins, Gevalia.
• According to Claria's SEC S-1 filing of April 8, 2004, Claria has settled suits brought by Extended Stay America, PriceGrabber.com, LendingTree, and UPS.
• In June 2004, the Georgia Court hearing Gator's multidistrict litigation ordered that the Metrodate case (a class action of targeted web sites) be remanded to state court.
• In July 2004, Claria was sued by Interlinx, LLC, as to Claria's targeting of budgetlife.com. The case was filed in the US District Court for the Eastern District of Michigan.
• In August 2004, the clerk of the court hearing Gator's multidistrict litigation reported that the MDL proceedings were closed because all the MDL cases had been settled (reportedly save for Teleflora and Interlinx).

In 2003, Claria sued PC Pitstop for malicious disparagement and trade libel, arising out of PC Pitstop's statements to users about Gator's software and why they might want to remove it from their PCs. See discussion in Threats Against Spyware Detectors, Removers, and Critics.

WhenU

WhenU has been sued by 1-800 Contacts, Overstock.com, Quicken Loans, U-Haul, Weight Watchers, and Wells Fargo. See summary judgment order (PDF) in U-Haul case (dismissing claims against WhenU) and preliminary injunction order (PDF) in 1-800 Contacts case (granting preliminary injunction enjoining WhenU from delivering certain pop-up advertisements).

1-800 Contacts has also sued (and obtained a preliminary injunction enjoining) Vision Direct, a competitor which used WhenU to cause its advertisements to appear when users requested the 1-800 Contacts web site.

In 2004, WhenU sued the state of Utah seeking that Utah's Spyware Control Act be declared void and invalid.

I served as a technical expert in the Quicken Loans and Wells Fargo matter; I filed two declarations in this matter and provided oral testimony. I served as a technical expert in the Utah matter; I filed a declaration in this matter and provided oral testimony.

180solutions

In September 2005, a consumer class action was filed in Illinois on behalf of all US residents who have had 180solutions software installed on their computers. See Simios v. 180solutions complaint (PDF) and coverage (including 180's claim that the case has "no merit"). This suit was voluntarily dismissed in September 2006.

In October 2005, a further class action was filed in California by Consumer Advocates Rights Enforcement Society. See complaint (PDF).

DMNews reports that Weight Watchers sued 180solutions and eDiets as to eDiets covering Weight Watchers' site using 180solutions software. Case status unknown.

In 2004, 180solutions sued two distributors of its software for installing its software without users' consent, which 180 claims was contrary to the distributors' contract with 180. News coverage. Settlement coverage. In 2005, 180 sued seven additional distriubtors, alleging further nonconsensual installations, but 180 subsequently dropped those suits when defendants failed to reply to 180's complaint.

In November 2005, 180solutions sued Zone Labs for trade libel, tortious interference with business expectancies, unfair and deceptive practices, and unjust enrichment, arising out of Zone Labs's detection of 180's software. See discussion in Threats Against Spyware Detectors, Removers, and Critics. In February 2006, 180 dropped its suit. Zone Labs reports having made no change to its reported classification of 180's software.

Direct Revenue

In March 2005, a consumer class action was filed in Illinois on behalf of all Illinois residents who have had Direct Revenue software installed on their computers. See Sotelo v. Direct Revenue complaint (PDF) and discussion. Decision (PDF) rejecting DR's motion to dismiss, discussion of key points. Settlement (PDF) and notice to class members (PDF).

In October 2005, a further class action was filed in California by Consumer Advocates Rights Enforcement Society. See complaint (PDF). In August 2006, this case was settled.

In April 2006, the New York Attorney General sued Direct Revenue for surreptitiously installing spyware onto users' computers and for making its sotware extremely difficult to remove. The suit includes claims under New York's General Business Law (prohibiting false advertising and deceptive business practices), New York's Penal Law (prohibiting computer tampering), and New York's common law prohibitions against trespass. Case documents at NYAG's site; additional documents and analysis as well as document highlights.

In December 2004, Avenue Media sued Direct Revenue as to "systematic[] delet[ion]" of Avenue's software from users' hard disks. Discussion and case documents. The parties have reportedly reached a settlement, with no money changing hands.

eXact Advertising

In September 2005, a consumer class action was filed in New York on behalf of all US residents who have had eXact Advertising software installed on their computers. See complaint (PDF) and discussion.

In October 2005, a further class action was filed in California by Consumer Advocates Rights Enforcement Society. See complaint (PDF).

Intermix

In April 2005, the New York Attorney General sued Intermix for false advertising, deceptive business practices, and common law trespass. Press release and case documents. In June 2005, the case settled, with Intermix agreeing to pay $7.5 million and to permanently discontinue distribution of its advertising software.

In 2005, a consumer class action was filed in California on behalf of California residents who have had Intermix software installed on their computers. See Kerrins v. Intermix Media. In January 2006, Intermix's motion to dismiss was rejected (PDF) in part, allowing the case to proceed.

In November 2006, the City Attorney of Los Angeles reached a settlement with Intermix as to Intermix's allegedly-illegal business practices. Settlement announcement (PDF). Partial summary of my work in the case.

Ebates

In May 2006, a consumer class action was filed in Illinois on behalf of consumers who have had Ebates software installed on their computers without their consent. Complaint (PDF).

Suits Against Makers of Bogus Anti-Spyware Software

In October 2004, the FTC sued Seismic Entertainment and Sanford Wallace for making unauthorized changes to users' web browsers and performing unauthorized installations of advertising software. In May 2006, Wallace was ordered to forfeit $4 million of ill-gotten gains.

In June 2005, the FTC sued Spykiller for deceptive statements in its marketing of anti-spyware and in its purported detections, including deceptively claimed to have found spyware or to have performed a scan, when it had not done so. A January 2006 settlement entailed payments of more than $900,000, as well as forfeiture of several luxury vehicles, as well as certain injunctive remedies as to accuracy of disclosures.

In March 2005, the FTC sued MaxTheater for deceptive statements about their software and about users' purported need for such software. The December 2005 settlement entailed a payment of $76,000, as well as injunctive remedies (including a prohibition against defendants selling or marketing any anti-spyware software.

In January 2006, the State of Washington sued Secure Computer for violations of the federal CAN-SPAM Act, as well as for violations of the Washington Commercial Electronic Mail Act, Computer Spyware Act, and Unfair Business Practices - Consumer Protection Act. Complaint (PDF) alleges that defendant developed, promoted, and sold anti-spyware products that were marketed improperly, including via improper emails (with false headers, deceptive subject lines, and missing opt-out mechanisms) and via false claims of security problems. In December 2006, the State of Washington announced a settlement including $725,000 of attorneys' fees and costs, $200,000 of civil penalties, and a $75,000 pool for refunds to affected Washington consumers. The settlement also prohibits misrepresenting, directly or by implication, the urgency or need for security software or other programs. Additional terms prohibit deceptive email subject lines, require honoring opt-hours, prohibit claims of "discounts" that are actually ordinary prices, and prohibit simulating system alerts.

In April 2006, the State of Washington sued SoftwareOnline.com for unfair business practices arising out of marketing of Software Online's security software. Complaint (PDF) alleges misrepresenting the extent to which software is necessary for security or privacy, misrepresenting functions on advertisements (e.g. fake user interface ads, where an "x" opened a new ad rather than closing a window), misrepresenting uninstall, and misleading negative-option billing (automatic renewals and future charges). The State of Washington simultaneously announced a stipulated judgment and order (PDF) requiring payment of $40,000 of costs and fees, $400,000 of civil penalties (with $250,000 suspended on condition of compliance with other provisions of settlement). Judgment includes findings of fact as to Software Online's deceptive practices, as well as conclusions of law as to Software Online's liability. Settlement prohibits misrepresentation, directly or by implication, of the urgency or need for security products; utilizing fake user interface elements; showing pop-up or pop-under ads through a trial version; and various other deceptive practices.

In October 2006, the State of Washington sued High Falls Media and ROC Telecommunications for their "Spyware Slayer" software that improperly induces users to install by making false claims that users are, purportedly, already infected. Complaint. Consent decree reflects a $25,000 penalty and $30,000 of costs and fees, as well as restitution to affected consumers, along with restrictions on future advertising practices. Future violations will entail civil penalties of $25,000 per violation.

In November 2006, the State of Washington sued James Lane for his Quickshield software which induced consumers to install by making false statements of security vulnerabilities. Complaint. Consent decree reflects a civil penalty of $5,000, $6,444 of costs, restitution to affected consumers, and restrictions on future advertising practices.

In February 2007, the State of Washington sued Securelink Networks, NJC Softwares, and FixWinReg for misrepresenting the necessity of software for security purposes (in violation of the Washington Computer Spyware Act and Consumer Protection Act). Other claims include misrepresenting that messages are internal operating system security alerts, misrepresenting that the product has deleted critical registry errors, preventing users from declining installations, and modifying computer settings in violation of the Washington Computer Spyware Act. Complaint.

In March 2008, the State of Washington sued Messenger Solutions, LLC for sending user NET SEND popups that 1) claim that a consumer's computer is vulnerable to security attacks, and 2) direct consumers to their web site to buy software to block those very popups. Complaint. In May 2008, the State of Washington won summary judgments requiring the defendants to each pay $400,000 of civil penalties and $141,000 in attorneys' fees and costs.

In September 2008, the State of Washington and Microsoft Corp. sued James McCreary, Branch Software, and Alpha Red as to Registry Cleaner XP, which they claim sent incessant pop-ups that resembled system warnings. Complaint claimed that defendants misrepresented the purported presence of "critical errors" and falsely implied having conducted a scan when no such test had been performed.

Others

In May 2004, Overstock.com sued SmartBargains, Inc. for using pop-up ads to target its web site. Press release.

In October 2005, the FTC sued Odysseus Marketing and Walter Rines for operating the "Clientman" program and causing its installation through a variety of unfair and deceptive practices without requisite consumer disclosures. The FTC's complaint specifically considers and rejects Clientman's license agreement as improperly labeled and otherwise unable to provide consumers with the required notice.

In November 2005, the FTC sued Enternet Media for infecting users with spyware using the lure of free lyric files, browser upgrades, and ring tones. The FTC froze Enternet's assets, and the settlement obliged Enternet to pay more than $2 million.

In November 2006, the FTC sued Media Motor for installing without consent and under deceptive circumstances.

In November 2006, the State of Washington sued Digital Enterprises d/b/a/ Movieland.com, as to software variously named MediaPipe, FileGrabber, and Media Assistant, which also installed other programs, showed pop-ups, etc. Alleges that Movieland took control of users' computers in violation of the Washington Spyware Act, that Movieland misrepresented uninstallation options, that Movieland's practices were unconscionable, that Movieland used threats, harassment, and intimidation in its billing practices, and the Movieland's misrepresentations and failures to disclose violated the Washington Consumer Protection Act. Complaint.

 

Related Suits

See Threats Against Spyware Detectors, Removers, and Critics.

This page is a work in progress. Suggestions are welcomed and appreciated.

Last Updated: February 18, 2015 - Sign up for notification of major updates and related work.