• by Wendy Davis  @wendyndavis, August 4, 2011

Epic Marketplace has quietly stopped using controversial "history-sniffing" techniques that enabled it to learn which sites Web users previously visited. The company's history-sniffing practices were exposed last month by researchers at Stanford. At the time, Epic defended its use of the technology -- which it called "segment verification" -- saying that the purpose is "to measure the accuracy of the data that a company purchases from data vendors."

Today, however, the company announced on its blog that it had discontinued its segment verification program as part of its rollout of a new ad-serving platform. "The new platform was architected and built with an enhanced suite of consumer privacy protections," Epic said in its blog post.

Stanford's Jonathan Mayer, who wrote the original report about Epic, confirms that a test he ran last week indicated that the company was no longer using history-sniffing techniques.

Epic CEO Don Mathis said through a spokesperson that the controversial technology "was a component of a legacy ad server, which was run by a company we acquired in 2010."

He added: "It had no utility to us in terms of driving any campaign results, therefore, it was decommissioned along with the rest of that legacy ad server. This decision, and the transition to the new platform, has been in the works for the better part of a year."

History-sniffing exploits the fact that some browsers change the color of links that people have visited. Ad networks (and other Web companies) can use that fact to figure out which sites users have previously been to.

After Mayer's report came out last month, the self-regulatory group Network Advertising Initiative said it was investigating the allegations. Epic is a member of the NAI.

In addition, some privacy experts criticized Epic's use of the technology. Jules Polonetsky, director and co-chair of the industry-funded think tank Future of Privacy Forum, called the technique "highly inappropriate" and said it was likely to draw Federal Trade Commission scrutiny.

Several months ago, the Center for Democracy & Technology warned that companies using history-sniffing were at risk for an FTC enforcement action. "Taking advantage of a security hole by embedding hidden urls in a Web site to snoop through a visitor's history file has all the markings of a Section 5 claim," the CDT's Justin Brookman wrote.

Separately, allegations about history-sniffing have landed ad network Interclick and four other companies -- McDonald's, CBS, Mazda and Microsoft -- in federal court in New York where they are facing a potential class-action privacy lawsuit.