The Federal Trade Commission (FTC) has entered an agreement to resolve an enforcement action against a company that serves as a channel for advertisers and media buyers to target online consumers. In the Matter of Chitika, Inc., No. 1023087 (FTC Consent Order, March 14, 2011). The agreement requires that the company not misrepresent “the extent to which consumers may exercise control over the collection, use, disclosure, or sharing of data collected from or about them, their computers or devices, or their online activities.”
Apparently, when consumers asked not to receive targeted ads, the opt-out expired after 10 days, and they would have had to repeatedly renew the request despite the company’s promise that the opt-out would expire after 10 years. According to the company, a faulty computer mechanism that existed from May 2008 through February 2010 was responsible for the problem. The company has also promised to (i) place a clear notice on the homepage of its Website stating “We collect information about your activities on certain websites to send you targeted advertisements. To opt out of Chitika’s targeted ads, click here”; (ii) provide an opt-out mechanism that remains in effect for at least five years; (iii) not use in any way consumer information obtained before March 1, 2010; and (iv) permanently destroy information stored in Chitika users’ cookies and all IP addresses and unique identifiers in log files and backup tapes. See Law360, March 15, 2011.