Will Give Up $1.5 Million in Ill-Gotten Gains for Unfair and Deceptive Adware Downloads
DirectRevenue LLC, a large adware distributor, and four of its principals have agreed to settle Federal Trade Commission charges that they used unfair and deceptive methods to download adware onto consumers’ computers and then obstruct them from removing it, in violation of federal law. The settlement bars future downloads of DirectRevenue’s adware without consumers’ express consent and requires DirectRevenue to provide a reasonable and effective way for consumers to locate and remove the adware from their computers. The settlement also require DirectRevenue to give up $1.5 million in ill-gotten gains.
“DirectRevenue’s adware infected computers worldwide,” said FTC Chairman Deborah Platt Majoras. “The FTC settlement brings unauthorized software downloads to a halt and stops DirectRevenue from sending pop-up ads to computers affected by prior unlawful downloads.”
According to the FTC complaint detailing the charges, DirectRevenue has installed its adware on consumers’ computers directly and through a large network of affiliates and sub-affiliates. The adware, including programs named The Best Offers, A Better Internet – ABI Network – Ceres, and Aurora, monitors consumers’ Internet use in order to display targeted pop-up ads. The FTC alleges that DirectRevenue and its affiliates frequently offered consumers free content and software, such as screensavers, games, and utilities, without disclosing adequately that downloading them would result in installation of the adware. In other instances, according to the FTC, some of DirectRevenue’s affiliates exploited security vulnerabilities in Web browsers to install the adware.
In addition, the FTC charged that DirectRevenue deliberately made it difficult to identify, locate, and remove the adware once it was installed. For example, DirectRevenue failed to label its pop-up ads to identify their source, stored the adware files in rarely accessed locations on consumers’ hard drives, failed to list the adware in the Windows Add/Remove utility or named the adware files to resemble core systems software or applications, and installed technology on consumers’ computers to secretly reinstall the adware when consumers attempted to remove it or when the adware was deleted by consumers’ anti-spyware programs. In addition, when
DirectRevenue provided an uninstall tool at separate Web sites, it required consumers to follow a ten-step procedure involving the download of additional software and deactivation of all third-party firewalls, thus exposing consumers’ computers to security risks.
The FTC charged that DirectRevenue’s failure to disclose adequately that downloading the free content and software would result in installation of the adware was deceptive, and that its use of security exploits to download the adware was an unfair practice. The FTC also charged that DirectRevenue’s failure to provide consumers with a reasonable and effective means to identify, locate, and remove the adware from their computers was unfair, in violation of the FTC Act.
The FTC settlement bars DirectRevenue from delivering ads to any consumer’s computer through adware that was installed on the computer before October 1, 2005 – “legacy users.” The settlement permits DirectRevenue to send legacy users up to three “opt-in”notices offering them the option of providing express consent to resume receiving the ads and advising them of the FTC settlement. The notices also must provide simple instructions on how consumers can uninstall DirectRevenue’s adware program.
The FTC settlement also bars DirectRevenue, directly or through others, from exploiting security vulnerabilities to download any software program or application, and requires that DirectRevenue provide clear and prominent disclosures and obtain consumers’ express consent before downloading software onto consumers’ computers. The settlement further requires that DirectRevenue clearly identify all of its ads, and establish and maintain effective, user-friendly mechanisms through which consumers can register complaints and uninstall the adware. It also requires that DirectRevenue monitor its affiliates to ensure that affiliates and their sub-affiliates comply with the FTC order. Finally, DirectRevenue will give up $1.5 million in ill-gotten gains to the FTC to settle the charges. The settlement contains standard record keeping provisions to allow the FTC to monitor compliance.
The Commission complaint named DirectRevenue LLC, Direct Revenue Holdings LLC, Joshua Abram, Daniel Kaufman, Alan Murray, and Rodney Hook. They are based in New York, New York.
The Commission vote to accept the proposed consent agreement was 4-1, with Commissioner Jon Leibowitz issuing a separate statement. In his dissenting statement, Commissioner Leibowitz said, “In this consent agreement, Commission staff obtained strong injunctive relief that will put an end to practices that allowed DirectRevenue to foist unwanted software on untold millions of consumers. But the $1.5 million in monetary relief that the Commission obtained as part of the consent agreement is a disappointment because it apparently leaves DirectRevenue’s owners lining their pockets with more than $20 million from a business model based on deceit.”
The FTC will publish an announcement regarding the agreement in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through March 21, 2007, after which the Commission will decide whether to make it final. Comments should be addressed to the FTC, Office of the Secretary, Room H-135, 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC is requesting that any comment
filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions.
Copies of the complaint and consent are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to more than 1,600 civil and criminal law enforcement agencies in the U.S. and abroad.
Claudia Bourne Farrell,
Office of Public Affairs
Mamie Kresses or Stacey Ferguson
Bureau of Consumer Protection
202-326-2070 or 202-326-2361
(FTC File Matter 052 3131)