PointRoll To Delete Cookies To Settle 'Safari Hack' Lawsuit

PointRoll has promised to shed cookies it collected from Safari users in order to settle allegations that it circumvented their privacy settings, according to court papers filed on Monday.

The company also agreed to a host of other privacy-related conditions. Among others, PointRoll will issue a public mea culpa stating that its Safari data-collection was “not consistent with best industry practices.”

If accepted by U.S. District Court Judge Sue Robinson in Delaware, the settlement will resolve allegations that PointRoll violated computer fraud and wiretap laws by placing cookies on the computers of Safari users.

The litigation dates to a 2012 report by Stanford law graduate and computer scientist Jonathan Mayer, who said the companies were circumventing Safari's no-tracking settings. Doing so allowed the companies to serve ads to Web users, based on their activity across sites. None of the companies facing suit are accused of linking cookie-based data to users' names or other personally identifiable information.

PointRoll said in July that it had reached a settlement, but the agreement wasn't filed with the court until Monday. The settlement agreement specifies that PointRoll used the cookies “for advertising effectiveness purposes that did not include profiling specific users or behavioral advertising.” According to the settlement, PointRoll only garnered around $25,000 from the campaign for which it developed the hack.

The agreement also requires PointRoll to allow advertisers to place the AdChoices icon in ads; that icon aims to notify Web users about online behavioral advertising and allow them to opt out. The company also has agreed to keep a “remove all cookies” link on its home page.

PointRoll agreed to pay the consumers' attorneys $115,000, but isn't paying anything to consumers, except for the four who were named in the complaint, who will receive $500 each. Those four consumers and their lawyers agreed to publicly praise PointRoll for its “new privacy practices and commitments.”

Google, Vibrant Media and WPP's Media Innovation Group also face litigation for allegedly circumventing Safari settings. Those three companies are still fighting the lawsuit. They recently filed papers arguing that the case against them should be dismissed, on the grounds that consumers weren't injured. Those motions are still pending.

Google recently paid $22.5 million to settle Federal Trade Commission charges about the alleged circumvention. The agency charged Google -- but not the other companies -- with misleading consumers by instructing them that using Safari would block tracking cookies. That statement, in Google's privacy policy, enabled the FTC to accuse the company of violating a 2011 consent decree that bans the company from misrepresenting its privacy practices.

Google has always said that it didn't intend to track users. Instead, the company said it bypassed Safari's settings in order to allow people to like ads with the +1 button. But once the workaround was in place, Google's DoubleClick was able to track people in order to target ads to them, based on their Web-surfing history.

 

Recommend (2) Print RSS