The Federal Trade Commission settled with video ad network ScanScout for deceptive use of "Flash cookies," which cannot easily be blocked or deleted by web users. ScanScout was acquired last year by Tremor Video, and the investigation was conducted before and after that deal closed, the FTC said.
The FTC has been investigating ad technology companies that make false claims to users in their terms of service. In ScanScout's case, the FTC took issue with the claim from its terms of service that users could opt out of targeted ads by changing the settings in their browsers to prevent the receipt of cookies.
But according to a statement by the FTC announcing the settlement, changing browser settings didn't remove or block the Flash cookies used by ScanScout, and "the claims by ScanScout were deceptive and violated the FTC Act."
The financial terms of the settlement were not disclosed, but the FTC said ScanScout is barred from "misrepresenting the extent to which consumers' data is collected, used, shared or disclosed." According to a source with knowledge of the penalty, it did not include a fine.
The FTC's most notable recent action addressing online privacy was this past March, when it settled with Google for having violated privacy promises in its terms of service when introducing its failed social-networking play Buzz. The agency contended that Google led users to believe they could easily opt out of the service. As is the case with the ScanScout settlement, the Google suit was pinned on the fact that the terms of service were deceptive, and not because the practices revealed were inherently invasive.
Jeffrey Chester, director of consumer watchdog Center for Digital Democracy, said the settlement demonstrates that the FTC is aware of its enforcement role, though the agency has commended the Digital Advertising Alliance for self-regulatory efforts.
"It's a loud and clear message today that , yes, we want to work with you, but we're still the digital cop on the beat," he said of the FTC.
The FTC also today announced a settlement with the social-networking site Skid-e-Kids, which describes itself as the "Facebook and MySpace for kids." According to the settlement, the site collected personal information from roughly 5,600 children without obtaining parental consent, in violation of the Children's Online Privacy Protection Act.
It requires the site's operator to destroy the information it collected in violation of COPPA.
It also imposes a $100,000 civil penalty, but all but $1,000 of it will be suspended if the operator gives truthful information about his finances and complies with oversight provisions, which call for him to hire an online privacy professional or join an FTC-approved "safe harbor program" for a period of time to oversee any sites he runs that are covered by COPPA.