Online ad firm agrees to stop 'history sniffing' in Web browsers

Online ad firm agrees to stop ‘history sniffing’ in Web browsers

By Christine Mai-Duc

Dec. 5, 2012 12 AM PT

A digital advertising company agreed Wednesday to end its practice of “history sniffing,” the practice of secretly tracking Internet users’ activity through their Web browsers.

Epic Marketplace Inc. and a subsidiary were able to place a code in user’s Web browsers allowing them to instantly see whether the unwitting users had visited any of the more than 50,000 websites that they were monitoring, including pages related to impotence, fertility issues and personal bankruptcy.

The information was then used to tailor ads to the users, according to the Federal Trade Commission complaint.

“Consumers searching the Internet shouldn’t have to worry about whether someone is going to go sniffing through the sensitive, personal details of their browsing history without their knowledge,” FTC Chairman Jon Leibowitz said in a statement. “This type of unscrupulous behavior undermines consumers’ confidence, and we won’t tolerate it.”

The commission said this is the first case that specifically targeted the practice of history sniffing.

“We really wanted to make a statement with this case,” said Mark Eichorn, assistant director of the FTC’s Division of Privacy and Identity Protection.

Eichorn said the practice is especially invasive because it can’t be avoided by a commonly known first-line defense: deleting cookies. “People, I think, really didn’t know that this was going on and didn’t have any reason to know.”

The FTC faulted the company for not fully disclosing the practice in its privacy policy, saying that Epic said it was collecting data only on sites inside its network. In reality, the company was able to see browsing activity outside the ad network by reading whether links to specific websites were blue or purple.

As part of the agreement, Epic is banned from history sniffing and must destroy all data it has gleaned from it.

Epic could not be reached for comment.

History sniffing, as odious as it may sound, is not illegal, and the FTC’s agreement with Epic does not stop other companies from doing the same. The FTC said it mainly affected Internet users who had not updated their browsers; new versions of the most common Web browsers have fixed the issue.

Electronic privacy advocates say history sniffing is indicative of many deceptive practices that online advertisers use with impunity in the digital era.

“The bigger issue here is that data-collection practices by online advertising companies are largely unregulated,” said Rainey Reitman of the Electronic Frontier Foundation, an organization that advocates for online privacy. “If you want to surf the Web these days and not have a corporate shadow following you around, you’ve got to be extremely technically savvy.”

ALSO:

Brown signs online privacy laws

‘Do Not Track’ Internet privacy bill introduced in House

FTC calls for laws to protect online privacy