Epic Marketplace Inc., a large advertising network with a presence on 45,000 Web sites, has settled "history sniffing" charges brought by the Federal Trade Commission.
The charges claim the network secretly and illegally determined whether millions of consumers had visited any of more than 54,000 domains, including pages relating to private medical and financial issues ranging from debt relief and personal bankruptcy to fertility.
Consumers who visited any of the network’s sites received a cookie, which stored information about their online practices including sites they visited and the ads they viewed. The cookies allowed Epic to serve consumers ads targeted to their interests, a practice known as online behavioral advertising.
Epic Marketplace and Epic Media Group LLC agreed to no longer practice history sniffing and to delete and destroy all data collected using the technology.
The settlement further bars misrepresentations about the extent to which the companies maintain the privacy or confidentiality of data from or about a particular consumer, computer or device, including how that data is collected, used, disclosed or shared.
It bars misrepresentations about the extent to which software code on a Web page determines whether a user has previously visited a Web site. Violations of the consent order may be subject to civil penalties of up to $16,000 per violation.
But, according to the FTC, Epic was collecting data about sites outside its network that consumers had visited, including those relating to personal health conditions and finances.
“Consumers searching the Internet shouldn’t have to worry about whether someone is going to go sniffing through the sensitive, personal details of their browsing history without their knowledge,” said FTC Chairman Jon Leibowitz. “This type of unscrupulous behavior undermines consumers’ confidence, and we won’t tolerate it.”