Sears gets wrist slap over spyware activities

Sears today agreed to settle Federal Trade Commission charges that it failed to disclose the depth of  consumers' personal information it collected via a downloadable software application.

The settlement calls for Sears to stop collecting data from the consumers who downloaded the software and to destroy all data it had previously collected. If Sears advertises or disseminates any tracking software in the future, it must clearly and prominently disclose the types of data the software will monitor, record, or transmit, the FTC stated. Sears must also disclose whether any of the data will be used by a third party, the FTC said.

According to the FTC's complaint, Sears invited certain consumers visiting the sears.com and kmart.com Web sites to become members of the "My SHC Community." Sears solicited these consumers to "participate in exciting, engaging, and on-going interactions - always on your terms and always by your choice." Sears paid consumers $10 to participate.

As part of this process, Sears asked consumers to download "research" software that it said would confidentially track their "online browsing." Only in a lengthy user license agreement, available to consumers at the end of a multi-step registration process, did Sears disclose the full extent of the information the software tracked, according to the agency.

Sears represented to consumers that the software would track their "online browsing." The FTC charges that the software would also monitor consumers' online secure sessions - including sessions on third parties' Web sites - and collect information transmitted in those sessions, such as the contents of shopping carts, online bank statements, drug prescription records, video rental records, library borrowing histories, and the sender, recipient, subject, and size for web-based e-mails. The software would also track some computer activities that were not related to the Internet.

The settlement seems tame considering the FTC has targeted spyware usage in the past.  Last year it advocated  for strong civil penalties for consumers hit buy such a scourge.

"Legislation authorizing the Commission to seek civil penalties in spyware cases could add a potent remedy to those otherwise available to the Commission," the FTC stated. Civil penalties would be enacted when other enforcement options - seeking consumer redress or making the operators give up their ill-gotten gains - are not appropriate or sufficient remedies to deter spyware distributors.

Spyware and other malware that is downloaded without authorization can cause a range of problems for computer users, from nuisance adware that delivers pop-up ads, to software that causes sluggish computer performance, to keystroke loggers that capture sensitive information, the FTC said.

Layer 8 in a box

Check out these other hot stories:

Cirque du Soleil founder set to blast into space

US shells out $10M for unmanned aircraft that can perch like a bird

Inside the Top 10 hot aerospace technologies

CIA wants more foreign language skills in a big way

MySpace confession nets one dim bank robber

X PRIZE lunar spacecraft competition flies into economic realities

Six high-tech "less-lethal" weapons that could ruin your day

Ballmer gets his new car delivered by Ford CEO

Robotic garage pulls a HAL, traps dog, man in car

The 10-year satellite forecast: Fewer, but bigger things flying over your head

Inside the world of bad-ass military research projects

FTC targets massive car warranty robocall scheme

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)