ValueClick Settlement Largest Under Can-Spam

Online advertiser ValueClick Inc. will pay a record $2.9 million to settle Federal Trade Commission charges that its advertising claims and e-mails were deceptive and violated federal law, the largest penalty ever awarded to resolve Can-Spam violations, according to the FTC.

For its part, ValueClick announced this settlement last month (Direct Newsline, Feb. 19).

The FTC also charged that ValueClick and its subsidiaries, Hi-Speed Media and E-Babylon failed to secure consumers’ sensitive financial information, despite their claims to do so.

The settlement, filed by the U.S. Department of Justice on behalf of the FTC, requires the Westlake Village, CA firm to clearly and conspicuously disclose the costs and obligations consumers must incur to receive the products it touts as “free” and bars future violations of the Can-Spam Act. The settlement also bars deceptive claims about the security of the consumer information collected at its e-commerce Web sites, according to the FTC
The settlement bars future violations of the Act. It requires ValueClick and Hi-Speed to clearly and conspicuously disclose in their ads and on their promotional Web pages that consumers have to spend money or incur other obligations to qualify for “free” merchandise. The settlement also requires them to provide a list of the obligations – such as applying for credit cards, purchasing products, or obtaining a car loan – that consumers must incur to qualify for a free product, according to the FTC.

The FTC further alleged that Hi-Speed used deceptive e-mails, banner ads, and pop-ups to drive consumers to its Web sites. The e-mails and online ads claimed that consumers were eligible for “free” gifts, including laptops, IPods, and high-value gift cards and included come-ons such as “Free PS3 for survey,” and “Congratulations! Select Your Free Plasma TV.” The FTC alleged that consumers lured to ValueClick’s Web sites by these promises were led through a maze of expensive and burdensome third-party offers – including car loans and satellite television subscriptions – which they were required to “participate in” at their own expense, in order to receive the promised “free” merchandise. The Commission charged that ValueClick’s use of deceptively labeled e-mail offering free gifts and its failure to disclose that consumers must expend substantial sums of money to obtain the promised “free” merchandise violates the Can-Spam Act and the FTC Act.

The FTC also charged that ValueClick, Hi-Speed and E-Babylon, misrepresented that they secured customers’ sensitive financial information consistent with industry standards. The FTC alleged the companies published online privacy policies claiming they encrypted customer information, but either failed to encrypt the information at all or used a non-standard and insecure form of encryption. The agency also charged that several of the companies’ commercial Web sites were vulnerable to SQL injection, a commonly known form of hacker attack, contrary to claims that the companies implemented reasonable security measures.

The settlement also bars ValueClick, Hi-Speed and E-Babylon from making misrepresentations about the use of encryption or other electronic measures to protect consumers’ information, and about the extent to which they protect personal information. The order also requires the companies to establish and maintain a comprehensive security program, and obtain independent third-party assessments of their programs for 20 years.

This case is in file in U.S. District Court in Los Angeles.