Analytics company settles illegal data collection charges

By on
Analytics company settles illegal data collection charges

Submits to audits for 20 years.

The Federal Trade Commission has settled a case against web analytics firm Compete over allegations that the latter collected personal data from millions of users without disclosing the extent of information being harvested.

Such business practices were "unfair or deceptive and violated the law", the US consumer watchdog charged.

The FTC (pdf) had alleged that Compete illegally collected consumer data via a toolbar and a "consumer input panel" that enticed users to provided opinions on companies' products and services in return for rewards.

While Compete told consumers that the data collection was limited and anonymous, the FTC alleged that the company gathered extensive information about people's online activites, and transmitted everything in clear text to its servers.

Furthermore, Compete was also alleged to have captured personal information entered on SSL-secured web pages, such as credit card and social security numbers, user names, passwords and search terms, and did not adequately filter out data that identified users.

The data capture took place in the background with no way for consumers to discover how much was gathered, the FTC alleged.

Special software and technical expertise was required for finding out the extent of the data harvesting, the watchdog claimed.

Compete also licensed its software to third parties such as Upromise, which settled similar privacy violation charges with the FTC earlier this year.

Compete admits its privacy filters prior to February 2010 "may not have sufficiently prevented the transmission to Compete of certain personally identifiable and sensitive information communicated on secure web pages" but said the collection thereof was inadvertent and that the software has been improved since.

The inadvertently collected personal data has also been removed from Compete's databases, the company said.

From now on, Compete and clients licensing its software must fully disclose the data collected as part of the settlement with FTC.

The company must also seek consumers' express consent before collecting their data, cease misrepresenting its privacy and data security practises.

To ensure compliance with the FTC settlement, Compete has agreed implement a comprehensive information security programme and will undergo two-yearly independent audits for the next 20 years.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
compete ftc privacy regulation security tracking
In Partnership With

Most Read Articles

Telstra, Optus and Vodafone temporarily block websites after Christchurch attack

Telstra, Optus and Vodafone temporarily block websites after Christchurch attack
Millennials might swipe, can't screw: Bunnings boss nails omnichannel

Millennials might swipe, can't screw: Bunnings boss nails omnichannel
Telstra and Optus secure round four mobile blackspot sites

Telstra and Optus secure round four mobile blackspot sites
Govt to spend $220m on mobile, co-fund NBN area switches

Govt to spend $220m on mobile, co-fund NBN area switches
You must be a registered member of iTnews to post a comment.
| Register

Whitepapers from our sponsors

How Macquarie University has prepared for fire and flood
How Macquarie University has prepared for fire and flood
Guide to Fully-Composable Software-Defined Private Cloud
Guide to Fully-Composable Software-Defined Private Cloud
Is slow data silently killing your business? Here's why you should care.
Is slow data silently killing your business? Here's why you should care.
Cloud, AI, infosec: Is your IT strategy keeping up?
Cloud, AI, infosec: Is your IT strategy keeping up?
Australian business moves to a new cloud era
Australian business moves to a new cloud era

Events

Log In

Username / Email:
Password:
  |  Forgot your password?