The Federal Trade Commission (FTC) announced a proposed settlement of allegations that online advertising company Epic Marketplace, Inc. and its affiliate Epic Media Group (Epic) engaged in deceptive practices by failing to accurately describe their online advertising data practices. Specifically, the FTC alleged that Epic failed to disclose that it ran software script which determined whether consumers had visited web sites outside of Epic’s affiliated advertiser network, and falsely represented that it only collected browser information from web sites within Epic’s network. The settlement is the FTC’s first action against browser history sniffing, and demonstrates the Commission’s continued expansion of jurisdiction through enforcement actions. The proposed settlement must be approved by a majority of the Commissioners before it becomes effective.
The FTC’s proposed consent order with Epic includes numerous provisions that are remedial on their face, such as a ban on further browser history sniffing, a ban on the use of data already collected, and an order to destroy all previously collected data. In fact, press reports suggest that Epic Marketplace discontinued the browser history sniffing practice in 2011, and that the company may no longer be in business. If, as appears to be the case, the practice has ceased, the proposed consent order is relevant primarily as another in the long line of FTC jurisdictional precedents established through enforcement actions.
Finally, as described by the FTC, Epic’s browser history sniffing practice did not comport with “best practices” of online advertising self-regulatory groups such as the Network Advertiser Initiative and Digital Advertising Alliance. This action thus underscores the importance of careful implementation of these online advertising self-regulatory principles and practices.