• by Ross Fadner , November 9, 2004

As part of an ongoing effort to polish its image with consumers, ad serving company WhenU is expected to announce today that it has discontinued using Active-X look-alike pop-ups, a controversial marketing technique deployed by many adware and spyware companies.

WhenU CEO Bill Day said the change reflects a shift in strategy. "Legitimate advertising software needs to dissociate completely from any practices related to spyware," he said. As a marketing tactic, some adware and spyware companies serve users ads--usually pop-ups--that look like the Windows program message "ActiveX," a real program that alerts users to potential Internet security problems. The ads disguised as "ActiveX" usually warn consumers that the computer may be infected with spyware, then ask them to take further action by clicking through.

Day said that adware companies believed they could begin installing their software on users' computers immediately after users clicked on the ads, on the theory that the ads contained sufficient disclosures.

Day acknowledged that while the one-step download is attractive from a marketing perspective, it was "not always clear" to consumers that the pop-ups were paid ads, despite the "advertisement" label that appears on the dialog box.

Microsoft took steps to solve the ActiveX look-alike problem on its own last month, with the Oct. 12 release of a security patch that prevents third parties from serving an ActiveX control box.

For that reason, some say that WhenU's move is less significant than if it happened earlier. "It's a step in the right direction, but it's less important now than a month ago," said Ari Schwartz, associate director of the watchdog organization The Center for Democracy and Technology. Day said the company's decision to pull the ActiveX ads was not based on consumer backlash or legal advice; rather, he said it was based on the company's recent efforts to separate itself from the rest of the adware and spyware field. Since Day, the former CEO of About.com, was appointed as WhenU's CEO in September, there has been a flurry of related activity from the adware provider. Several weeks ago, a team of potential WhenU investors commissioned former Microsoft Chief Privacy Officer Richard Purcell to audit WhenU's technology, in order to prove that WhenU's software does not send personally identifiable user information to its servers. "Consistent with company statements, [WhenU software] focuses on showing consumers relevant ads without compromising their privacy," Purcell had said in a statement.

Aluria, an America Online partner and anti-spyware firm, recently granted WhenU its Spyware SAFE Certification. The certification logo now appears both on WhenU's Web site and software. The company has also been a heavy proponent of federal anti-spyware legislation; it launched an anti-spyware information site for consumers earlier this year. In the next several weeks, WhenU also plans to offer consumers free spyware scanning software in exchange for receiving WhenU advertising.

"I think it makes sense for them to police the industry and make public that what they're doing is in line with the law," said privacy expert Alan Chapell of Chapell & Associates. He added that while WhenU and Claria--the major players in the adware space--are handling their privacy concerns, "the real question is whether [software-based marketing] is a viable business model." The larger adware companies seem to be making money, Chapell said, "but they have lots of consumer churn--whether or not this is a viable long-term business model isn't being addressed here."

Wendy Davis contributed to this article.