Epic Marketplace, a New York-based marketing company, has just settled charges with the Federal Trade Commission (FTC) for illegally taking advantage of a browser exploit which allows an attacker to gain access to a user's browsing history. Epic was using this information, perhaps obviously, to aid in serving targeted advertisements to users. Among the categories of interests they were assigning to their users were "incontinence" and "pregnancy-fertility getting pregnant". Their penalty amounts to little more than a slap on the wrist, however - they have agreed to destroy the data that they have collected from this practice, promised not to engage in the practice anymore, and are barred from making misrepresentations about the data it collects from users. In essence, this means that they will simply have to follow the law in the future.
This incident serves as an example of the ease with which online marketers can access sensitive information about consumers and use it for profit. One could argue that this practice was no more a breach of privacy than Google taking advantage of their knowledge of users' search history to serve targeted advertisements. The difference there is that Google makes it clear that a user's search history is being used for this purpose (and even gives users a way to prevent it), while Epic resorted to covert tactics to spy on internet users without their knowledge or consent. This was not the first time that a marketer has been accused of using unsavory techniques to gather data about users - and it certainly will not be the last. It does underscore, however, the importance of a legal framework to protect the privacy internet users from prying eyes.
Ars Technica
No comments:
Post a Comment