ValueClick to pay $2.9 million to settle spam complaint

by Grant Gross

March 17, 2008 —

Online advertiser ValueClick
has agreed to pay a record $2.9 million to settle a U.S. Federal Trade Commission
complaint that it sent deceptive advertising claims in spam e-mail and failed
to secure consumers' sensitive financial information.

ValueClick subsidiary Hi-Speed Media used deceptive e-mails, banner ads and
pop-ups to drive Internet users to its Web sites, the FTC said Monday. The e-mails
and ads promised that consumers were eligible for free gifts, including laptops,
iPods and gift cards. The ads included promises such as "Free PS3 for survey,"
and "CONGRATULATIONS! Select your FREE Plasma TV," the FTC said.

Consumers who went to ValueClick's Web sites because of these promises were
led through a "maze of expensive and burdensome" third-party offers,
including car loans and satellite television subscriptions, which they were
required to "participate in" at their own expense in order to receive
the promised merchandise, the FTC alleged.

ValueClick's use of deceptively labeled e-mail messages offering free gifts
and its failure to disclose that consumers must spend substantial sums of money
to obtain the promised merchandise violated the Can-Spam Act and the FTC Act,
the FTC said.

The settlement with ValueClick and subsidiaries Hi-Speed Media and E-Babylon
was filed with the U.S. District Court for the Central District of California
last Thursday. In addition to the $2.9 million fine, the largest ever for violations
of the 2003 antispam law the Can-Spam Act, the settlement requires ValueClick
to clearly disclose the costs and obligations consumers must incur to receive
the products it touts as free. It also bars deceptive claims about the security
of the consumer information collected at the company's Web sites.

ValueClick announced last month it had agreed to a settlement with the FTC.
It recorded a $2.9 million charge on its financial results in the fourth quarter
of 2007 in anticipation of the settlement, the company said in a February news
release.

"We have worked with the FTC and have reached an agreement on the standards
and practices that will govern our lead generation business going forward,"
David Yovanno, chief operating officer of ValueClick's U.S. media, said in a
statement. "We believe this settlement will also help set the guidelines
for the lead generation industry as a whole, and we will continue to participate
in the Interactive Advertising Bureau to help establish best practices to that
end."

In addition to the spam-related complaints, the FTC charged that ValueClick,
Hi-Speed Media and E-Babylon misrepresented that they secured customers' sensitive
financial information consistent with industry standards. The companies claimed
in online privacy policies that they encrypted customer information, but either
failed to encrypt the information or used a nonstandard and insecure form of
encryption, the FTC said. Several of the companies' Web sites were vulnerable
to SQL injection, a commonly known form of hacker attack, contrary to claims
that the companies implemented reasonable security measures, the FTC said.

The settlement bars ValueClick, Hi-Speed Media and E-Babylon from making misrepresentations
about the use of encryption or other electronic measures to protect consumers'
information. The order also requires the companies to establish and maintain
a comprehensive security program, and obtain independent third-party assessments
of their security for 20 years.

This is the FTC's third case targeting the use of deceptive promises of free
merchandise by Internet-based lead generation operations, and the commission's
18th case challenging data security practices by a company handling sensitive
consumer information.

IDG News Service