Boston web analytics firm settles with FTC

Share this article:

Web analytics company Compete has settled Federal Trade Commission charges over its data-collection practices.

The FTC launched a complaint against the Boston-based firm alleging it went beyond just tracking the “browsing behavior” of millions of consumers to sell the information to clients wanting a web-traffic boost. The company also gathered sensitive data, such as Social Security numbers, credit card information, login credentials and search terms.

“Starting in January 2006, Compete collected data about consumers through two products,” the FTC complaint said. “The first was the 'Compete Toolbar,' which consumers installed to get ‘instant access' to information about websites as they surfed the internet, such as the popularity of the websites they visited. The second product was the 'Consumer Input Panel', which allowed consumers to win rewards while expressing their opinions to companies about products and services.”

The software was also licensed to third-party companies, though all data was eventually sent to Compete, the complaint said.

In addition to now being forced to obtain consent from consumers whose information is collected, Compete is also required to either delete data it already has on consumers or make it anonymous. As part of the settlement, announced Monday by the FTC, the company must also give consumers directions on how to uninstall the software.

As of last October, the FTC estimated that Compete collected data from more than four million consumers.

On Compete's website, a section on privacy protection says personally identifiable information (PII) of users is "processed and removed" before it is transmitted to the company.

"When Compete receives data from licensors and partners, Compete scrubs the clickstream [browsing information] with its own quality assurance procedures to eliminate PII (personally identifiable information)," the site says. 
Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.