Lawsuit Claims Microsoft, McDonald’s, Mazda & CBS Used Ads as Cover for Data Mining

A federal lawsuit claims Microsoft, McDonald’s, Mazda & CBS violated privacy laws, committed "Computer Fraud and Abuse" and used web ads as a "cover" for data mining.

Microsoft, along with McDonald's, Mazda and CBS have been named in a class action suit filed in Federal Court for working in concert with behavioral advertising specialist Interclick. The companies allegedly used their ads as a "cover for data-mining, to identify the websites people visit, invading people's privacy, misappropriating their personal information and interfering with the operations of their computers."

Courthouse News Service reported, "Interclick augmented its profile database with individual-level information it acquired from defendants in the process of optimizing and measuring the success of advertising campaigns. For example, defendants and Interclick cooperated to identify [which] consumers are 'hand raisers' who clicked on an advertisement to visit the advertiser's website, register to enter the advertisers' sweepstakes or play online games, or make purchases. Interclick's profiles are stored and analyzed in a data warehouse designed to allow Interclick to mine and correlate the large volumes of highly granular consumers data it acquires."

According to the complaint, Microsoft committed violations of computer privacy laws during a 7-month ad campaign for its Windows Smartphone. McDonald's allegedly committed its offenses during its online World Cup-theme game in the summer of 2010. The complaint accuses CBS of doing it in an online ad campaign for its "online fantasy sports platform" before the 2010 Major League Baseball season began. Mazda is claimed to have run the privacy violating ads for its summer sales and 2010 models. "All of them worked with Interclick, which is not listed as a defendant."

The suit claims these companies "used browser history sniffing to identify defendants' competitors with whom consumers communicated" and that "all the consumer information Interclick acquired while executing an ad campaign for any one defendant was merged into Interclick's consumer profile database and subsequently used for behavioral targeting on behalf of all defendants."

Data mining and history sniffing are not anything new, but what caught my attention was Microsoft being named in the lawsuit. Since I write about privacy, security and Microsoft, I've watched Microsoft in the battle for supremacy on online privacy. This Spring, Microsoft claimed Google Chrome doesn't respect your privacy. A month ago, senior director of Microsoft Online Services, Tom Rizzo, said Google was "failing" at enterprise. But Rizzo didn't stop there, boasting several times on Microsoft's superiority in cloud services and in regard to privacy.

Rizzo told Sharon Gaudin, "Well, folks like Google, since they're trying to sell you ads, will scan your data and they keep your data. We don't scan your data. We don't keep your data. If you want your data back, we'll give it back to you and we'll delete it out of our data centers. If you look at it in terms of a comparison, we understand business. They come from a consumer advertising standpoint. They need data so they know what ads to service you that you'll click on."

Today, after I read about this case, I sent the link to Microsoft and highlighted the Courthouse News quote of, "Bose seeks statutory and class damages for computer fraud and abuse, violations of the Electronic Communications Privacy Act, violations of state business law, trespass to personal property, breach of implied contract, and tortious interference with contract. The class also wants all its personal data collected in this way deleted, wants the defendants enjoined from doing it again, disgorgement of ill-gotten gains, and notice and a choice about whether they want their data mined."

I asked what comment did Microsoft have about this? I also reminded them that most of the quotes that are sent my way, or links, are to the privacy policy or assuring me that privacy is very important to MS. At deadline time, Microsoft replied with "unable to accommodate your request" for a comment. No big surprise...it is a lawsuit. Besides, it sometimes seems like most of the quotes are pure Microsoft PR spin at any rate...

Hat tip: PogoWasRight

Like this? Check out these other posts:

• All of today's Microsoft news and blogs
• Microsoft Proposes Each PC Needs A Health Certificate or No Net Access Allowed
• Microsoft Considering Encryption For Bing
• Microsoft's Davis on Privacy: Your Digital Life Data is Bankable Currency
• Exploiting DPI Surveillance for Advertising Will Track If You Surf For Work or Fun
• Microsoft, Google Spread Malware Hidden in Holiday Ads
• Microsoft Spying on Users For Free
• Microsoft's Live@edu email not encrypted on cloud servers
• Disconnect: Take Control of the Data You Share With Digg, Twitter, Google
• Kinect Long Term Privacy Issues Daunting?

Follow me on Twitter @PrivacyFanatic

• Microsoft
• Security
• Compliance
• behavioral advertising
• behavioral tracking
• browser history sniffing
• CBS
• computer privacy laws
• data mining
• Interclick
• lawsuit
• Mazda
• McDonald's
• Microsoft
• privacy
• Tom Rizzo