Online-ad exchange to pay $1M in settlement

The PulsePoint website . It says it stopped the practice when it became aware of the problem.
The PulsePoint website . It says it stopped the practice when it became aware of the problem.
Posted: July 27, 2013

PulsePoint, the operator of a large online-ad exchange, has agreed to pay $1 million to settle allegations by the New Jersey Attorney General's Office that it tricked consumers by circumventing the privacy settings on Apple's Safari Web browser, the state Division of Consumer Affairs said Thursday.

The state said the New York company's software ignored Safari settings designed to enable computer users to block online companies from placing small data packages, known as cookies, on people's computers. It said PulsePoint's system "made it appear to Safari that the users clicked on ads when they had not actually done so."

Acting Attorney General John J. Hoffman said the settlement "puts online advertisers on notice that they must respect consumers' privacy settings, or end up paying far more in penalties than any violations would generate in ad revenue."

Hoffman said the unauthorized cookies allowed the company to target as many as 215 million ads at New Jersey consumers from June 2009 to February 2012.

State officials said PulsePoint was formed in September 2011 via the merger of ContextWeb Inc. and Datran Media Corp. and operates an ad exchange through which it sells advertising on other companies' websites.

The state said ContextWeb and PulsePoint circumvented users' settings on Safari browsers by using JavaScript code to make it appear that users had clicked on ads when they had not. "As a result, the browser treated the ads as if they were websites the user visited - and accepted cookies from those ads," the state said.

PulsePoint acknowledged engaging in the practice until February 2012, the state said, and had it stopped only after the practice was exposed that month in a Wall Street Journal investigation.

In an e-mailed statement, a PulsePoint spokeswoman said ContextWeb's cookie "was primarily limited to technical purposes such as fraud detection, debugging, and advertisement frequency capping, and was not for behavioral tracking purposes."

She said PulsePoint executives "had no knowledge of this until the February 2012 article, and upon its discovery immediately took action to end the practice."

"PulsePoint takes user privacy very seriously, through investments in technology, training, adherence to industry best practices, and participation in leading industry organizations such as the Network Advertising Initiative and Digital Advertising Alliance."

Under the settlement, PulsePoint will pay a civil penalty of $566,200, plus $33,800 to cover costs of the investigation. State officials said $150,000 will go to improving the attorney general's privacy-protection programs.

The other $250,000 will be paid to the Division of Consumer Affairs through "in-kind advertising services" from PulsePoint for ads furthering the division's mission to protect the public from fraud.


Contact Jeff Gelles at 215-854-2776, jgelles@phillynews.com, or @jeffgelles on Twitter.

comments powered by Disqus
|
|
|
|
|