The FTC slammed nuisance advertiser ValueClick with a record-breaking $2.9 million fine for littering the internet with deceptive ads for free iPods, PS3s, and plasma TVs. Instead of providing freebies, ValueClick tricked people into signing up for useless services and then failed to safeguard their personal information.
The FTC alleged that consumers lured to ValueClick’s Web sites by these promises were led through a maze of expensive and burdensome third-party offers – including car loans and satellite television subscriptions – which they were required to “participate in” at their own expense, in order to receive the promised “free” merchandise. The FTC charged that ValueClick’s use of deceptively labeled e-mail offering free gifts and its failure to disclose that consumers must expend substantial sums of money to obtain the promised “free” merchandise violates the CAN-SPAM Act and the FTC Act.
The FTC also charged that ValueClick, Hi-Speed Media, and E-Babylon, misrepresented that they secured customers’ sensitive financial information consistent with industry standards. The FTC alleged the companies published online privacy policies claiming they encrypted customer information, but either failed to encrypt the information at all or used a non-standard and insecure form of encryption. The agency also charged that several of the companies’ e-commerce Web sites were vulnerable to SQL injection, a commonly known form of hacker attack, contrary to claims that the companies implemented reasonable security measures.