Sears forced to destroy spyware-gathered information

Settlement seems lame considering the FTC has targeted spyware for harsh treatment in past.

As part of its final settlement with the Federal Trade Commission, Sears must destroy any consumer information it collected through a downloadable software application the FTC deemed spyware.  

In addition the consent order settling the charges states if Sears advertises or disseminates any tracking software in the future, it must clearly and prominently disclose the types of data the software will monitor, record, or transmit. This disclosure must be made prior to installation and separate from any user license agreement. Sears also must disclose whether any data will be used by a third party.

According to the FTC's complaint, Sears invited certain consumers visiting the sears.com and kmart.com Web sites to become members of the "My SHC Community." Sears solicited these consumers to "participate in exciting, engaging, and on-going interactions - always on your terms and always by your choice." Sears paid consumers $10 to participate.

As part of this process, Sears asked consumers to download "research" software that it said would confidentially track their "online browsing." Only in a lengthy user license agreement, available to consumers at the end of a multi-step registration process, did Sears disclose the full extent of the information the software tracked, according to the agency.

Sears represented to consumers that the software would track their "online browsing." The FTC charges that the software would also monitor consumers' online secure sessions - including sessions on third parties' Web sites - and collect information transmitted in those sessions, such as the contents of shopping carts, online bank statements, drug prescription records, video rental records, library borrowing histories, and the sender, recipient, subject, and size for web-based e-mails. The software would also track some computer activities that were not related to the Internet.

The settlement still seems lame considering the FTC has targeted spyware usage in the past.  Last year it advocated  for strong civil penalties for consumers hit buy such a scourge.

 "Legislation authorizing the Commission to seek civil penalties in spyware cases could add a potent remedy to those otherwise available to the Commission," the FTC stated. Civil penalties would be enacted when other enforcement options - seeking consumer redress or making the operators give up their ill-gotten gains - are not appropriate or sufficient remedies to deter spyware distributors.

Spyware and other malware that is downloaded without authorization can cause a range of problems for computer users, from nuisance adware that delivers pop-up ads, to software that causes sluggish computer performance, to keystroke loggers that capture sensitive information, the FTC said.

Layer 8 in a box

Check out these other hot stories:

Military looking for ways to spin seawater into fuel

NASA's future manned spaceflight forecast: Bleak

Military spends $10M to build Web sites aimed at squelching anti-US messages

NASA teams to build pod-like, high-speed everyday transport system

Mach 6 test aircraft set for trials

Has US been unfairly torched over the electronic waste disposal issue?

Deep-space clouds smell like mothballs?

Zapping things from the sky: Boeing laser blasts ground target

BBN lands $42M to develop DARPA's advanced network prioritization, security technology

FTC rules outlawing those damned annoying robocalls hit Sept. 1

Researchers target system to surgically jam specific digital signals

High-tech blimps earning their wings

States, school districts, trying to get ahead of sexting craziness

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2009 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)