Gratis sued by New York state

The civil lawsuit alleges Washington, D.C.,-based Gratis Internet, a company that provides customer acquisition for major advertisers, sold personal information obtained from millions of customers despite a promise of confidentiality.

"In each of these deals, Gratis wrongfully shared between one and seven million confidential user records," according to a statement released today by Spitzer's office. "This is believed to be the largest deliberate breach of privacy policy ever discovered by U.S. law enforcement."

The company has denied any wrongdoing.

One of the firms that purchased personal information from Gratis was Manhattan-based Datran Media, a leading email marketer. Earlier this month, Datran agreed to pay New York $1.1 million for improperly using the personal information of six million customers.

Spitzer's office opened an investigation last year into companies that compile and sell marketing lists, according to the statement. The investigation's focus "quickly turned to Gratis," which owns and operates several websites that offer customers free products after they trial other free products.

Gratis, however, promised customers it would "never lend, sell or give out for any reason" user information, according to the statement.

The company – which said it has accrued a nearly 2,350-percent growth in the past three years – promotes the protection of customer information.

"Gratis Internet is unable to comment on any ongoing legal investigation," a company spokesman said in a March 15 email to SC Magazine, following the settlement by Datran. "However, we can assure our users that we take privacy matters extremely seriously and have always maintained control of our users' personal information."