The settlement calls on Sears Holdings Management Corporation(which owns Sears and K-Mart) to destroy all data collected in the past and also to "clearly and prominently" notify Web users about tracking applications in the future.
The FTC also made public its complaint against Sears today. The agency alleges that from April 2007 through January 2008, Sears distributed tracking software created by a third party as part of a market research program. The FTC doesn't name the third party, but Harvard Business School professor Ben Edelman reported last year that the company was working with comScore.
The FTC asserts that Sears sent pop-up ads to 15 of every 100 visitors, inviting them to submit an email address. People who did so received email to the "My SHC Community." Those messages invited users to download software that would track "online browsing." People also were promised $10 if they kept the software for at least one month.
The licensing agreement disclosed that the software would track all Web activity. But the FTC said the initial email, which talked about tracking "online browsing," didn't sufficiently convey that the program would "monitor nearly all of the Internet behavior that occurs on consumers' computers." Sears didn't admit wrongdoing in the proposed consent decree.
What's striking here is that the allegations don't seem quite as bad as in some of the more notorious adware/spyware complaints. Consider, there was no allegation that Sears hijacked browsers or used affiliates to do drive-by installations. Instead, the complaint seems to be based solely on alleged deficiencies in the notices sent to consumers. Also, consumers received at least $10 for allowing the software -- which is more than can be said in many situations.
Yet, the FTC went ahead with the case. If nothing else, that seems to signal that the agency is serious about cracking down on companies that track people online for marketing purposes but don't clearly disclose what they're doing.