p2pnet news | Advertising:- Looking at the happy, smiling faces of the father and his child in the picture on the right, you’d think it was all peaches and cream.

It’s a clip from the Sears Holdings Corporation site.

But it’s a war with us on one side, and the corporate community on the other. And it’s cold and bitter.

‘We WILL make you watch our advertisements,’ say the companies. ‘We WILL make you buy our stuff!’

It’s reached a point where they literally try to track us around the Net so they can see exactly where we go, and when, what we do when we get there, how long we stay, what we buy, how much we pay.

That’s because there’s so much dross. And it all looks the same.

Manufacturers and the people they hire to sell their product desperately need personal and private material on us ‘consumers,’ as we’re contemptuously known, so they can develop marketing campaigns to whet our jaded appetites as they try to make their product look more appleaing than everyone else’s.

Publicly keelhauled

This is nothing new, of course. Retailers often ask for our phone number and other details and every time we fill in a form, we’re giving away information about ourselves which can, and probably will, end up in someone’s marketing database, somewhere.

Sony was possibly the first company to be publicly keelhauled after it was caught red-handed planting dangerous (to computer systems) spyware on music CDs. The spyware was then weaseled into customers’ computers without their knowledge or permission, and Sony is still paying the price.

Nothing loathe, Facebook tried it on with Beacon, a project disguised as a ’service’ but which in fact was designed to track users everywhere they went, to the benefit of advertisers.

It was a scandal and the huge public outcry which followed forced Facebook to backtrack.

But no worries. Instead of dropping it like a hot brick, gullible users are not only still flocking to it, they’re praising it enthusiastically.

Google has much the same idea, calling it a ‘a centralized profile system ‘ and now, “Benjamin Googins (a senior researcher in the Anti-Spyware unit at Computer Associates) critiqued a ComScore installation performed by Sears’ ‘Sears Holdings Community’ (’My SHC Community’ or ‘SHC’),” says Harvard Business School assistant professor Ben Edelman on his webpage.

“After reviewing the installation sequence, Ben concluded that the installation offered ‘very little mention of software or tracking’ and otherwise fell short of CA and industry standards. I agree.”

‘The SHC/ComScore violation could hardly be simpler’

Edelman says recent FTC (Federal Trade Commission) settlements with Direct Revenue and Zango explain the disclosure and consent required before companies try to install tracking spyware on users’ computers.

To install such software on users’ PCs, vendors must obtain ‘express consent’ – defined to require ‘clear[] and prominent[] disclos[ure of] the material terms of such software … including the nature and purpose of the program and the effects it will have … prior to the display of, and separate from, any final End User License Agreement.’ “Clear[] and prominent[]” installations are defined to be those that are ‘unavoidable’, among other requirements.

But the Sears SHC installation of ComScore falls far short, states Edelman, going on, “The SHC/ComScore violation could hardly be simpler. The FTC requires that software makers and distributors provide clear, prominent, unavoidable notice of the key terms.

“SHC’s installation of ComScore did nothing of the kind.”

But that’s not all, says Edelman.

“Beyond the problems set out above, the SHC installation also falls short in other important respects.”

Sears’ initial email promises, “during the registration process, you’ll learn more about this application software.” But no such information is provided in the visible, on-screen installation sequence, he says on his site, going on:

Based on this false promise and users’ general experience, users may reasonably expect that the download link in step 4 will offer additional information about the software at issue, along with an opportunity to cancel installation if desired. In fact no such information is ever provided, nor do users have any such opportunity to cancel.

Choosing little-known product names that prevent users from learning more. The initial SHC email refers to the ComScore software as “VoiceFive.” The license agreement refers to the ComScore software as “our application” and “this application.” The ActiveX prompt gives no product name, and it reports company name “TMRG, Inc.” These conflicting names prevent users from figuring out what software they are asked to accept. Furthermore, none of these names gives users any easy way to determine what the software is or what it does. In contrast, if SHC used the company name “ComScore” or the product name “RelevantKnowledge,” users could run a search at any search engine. These confusing name-changes fit the trend among spyware vendors: Consider Direct Revenue’s dozens of names (AmazingMerchants, BestDeals, Coolshopping, IPInsight, Blackone Data, Tps108, VX2, etc.).

Edleman continues:

To my surprise, Sears defends the practices described above. In a reply to CA’s Ben Googins, Sears SHC VP Rob Harles claims that SHC “goes to great lengths to describe the tracking aspect.” In particular, Harles says “[c]lear notice appears in the invitation”, “on the first signup page”, and “in the privacy policy and user licensing agreement.”

I emphatically disagree. The email invitation provides vague notice midway through a lengthy paragraph that, according to its topic sentence, is otherwise about another topic. The first signup page makes no mention at all of any downloadable software. The privacy policy and license agreement describe the application only in the tenth page of text — where few users are likely to find the disclosures.

Harles further claims that the installer provides “a progress bar that they [users] can abort.” Again, I disagree. The video and screenshots are unambiguous: The SHC installer shows no progress bar and offers no abort button.

He adds:

In June 2007, I showed other examples of ComScore software installing without consent — including multiple installations through security exploits. TRUSTe responded by removing ComScore’s RelevantKnowledge from TRUSTe’s Trusted Download Program for three months. Now that more than five months have elapsed, I expect that ComScore is seeking readmission. But the installation shown above stands in stark contrast to TRUSTe Trusted Download rules. See especially the requirement that primary notice be “clear, prominent and unavoidable” (Schedule A, sections 3.(a).(iii) and 1.(hh)).

Why so many problems for ComScore? The basic challenge is that users don’t want ComScore software. ComScore offers users nothing sufficiently valuable to compensate them for the serious privacy invasion ComScore’s software entails. There’s no good reason why users should share information about their browsing, purchasing, and other online activities. So time and time again, ComScore and its partners resort to trickery (or worse) to get their software onto users’ PCs.

Stay tuned.

Jon Newton – p2pnet

Slashdot it!

Also see:
Z100 – Miley Cyrus Hits Back at Rumors, January 3, 2008
leaked online – Miley Cyrus ‘candid’ pic ’scandal’, January 2, 2008

---

Use free p2pnet newsfeeds for your site. It’s really easy!

Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php

---

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.

This entry was posted on Thursday, January 3rd, 2008 at 7:45 am and is filed under Advertising. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 5378 times