• Categories

  • Archives

    « Home

    New Jersey Makes Moves on Protecting Individual Privacy

    Two recent stories show that New Jersey is making moves on protecting individual privacy rights. First, New Jersey Acting Attorney General John J. Hoffman announced that his office, the Division of Law and the Division of Consumer Affairs had reached a settlement with Dataium concerning allegations that the Tennessee-based data analytics firm had “engaged in unlawful ‘history sniffing’ by using software code to track Web sites visited by consumers without their knowledge or consent.” New Jersey had accused the company of using “JavaScript code to track Web sites visited by consumers without their knowledge” and selling “the personal identifying information of consumers to a third-party data company known as Acxiom without notice to those consumers.” Hoffman’s office also said:

    Under terms of the settlement, Dataium has agreed to a $400,000 payment to the State, with $99,000 to be paid over the next two years, and the $301,000 balance suspended. The suspended amount will be due immediately if Dataium fails to honor all terms of the settlement.  The suspended payment obligation will be vacated after five years if Dataium continues to comply with all settlement terms, and does not violate the New Jersey Consumer Fraud Act.

    In addition to the settlement’s monetary terms, Dataium is required under the agreement to create a privacy program designed to protect consumers, and to post a page or pages within its Web site informing the public about what type of consumer information it collects, and what it does with that information. […]

    History sniffing is a technique whereby a JavaScript code is created that scans a Web site visitor’s browsing history from the Web browser. Since Web browsers display Web site links in a different color after a user visits that Web site, a “sniffer” is able to determine the Web sites visited by a user based on the color of the link. The Federal Trade Commission has found that the practice of history sniffing circumvents user choice by preventing the most common and widely known method for blocking online tracking – deleting cookies.

    The State’s investigation of Dataium determined the company engaged in history sniffing for a two-year period, from November 2010 through November 2012.  Specifically, Dataium is alleged to have tracked more than 181,000 user visits to various car dealership Web sites, popular search engines and news articles and, in the process, collected the browsing history of individual browser users without their knowledge or consent. The company denies the allegation.

    Also recently, Hoffman announced that his office, the Division of Law and the Division of Consumer Affairs had reached a settlement with Dokogeo Inc. concerning allegations that the California-based app developer “violated the federal Children’s Online Privacy Act (COPPA) and the New Jersey Consumer Fraud Act by collecting personal information about children who used its animation-based “Dokobots” mobile app.” Hoffman’s office said:

    Under terms of the settlement, Dokogeo must clearly and conspicuously disclose – in its apps and on the homepage of its Web sites – the types of personal information it collects, the manner in which it uses such information, and whether it discloses information to third parties. The company also is required to refrain from collecting the personal information of children age 13 and under until it makes the required disclosures, and otherwise complies with COPPA. Dokogeo already has removed all photographs and files containing children’s images from its Dokobots Web site, and has removed geolocation information of children since July 1, 2013.

    Dokogeo also agrees to a suspended payout of $25,000. The payout will be due immediately if the company fails to comply with other restraints and conditions included in the settlement agreement. Dokogeo’s $25,000 payout obligation will be vacated after 10 years if it meets all settlement terms, and avoids violating consumer fraud and child online privacy laws. […]

    The settlement with Dokogeo is New Jersey’s second settlement with an app developer accused by the State of violating the COPPA. In July 2012 the State announced a settlement with 24x7digital LLC, a leading developer of children’s apps, which agreed to stop collecting and transmitting the personal data of children without notifying parents and obtaining parental consent. Los Angeles-based 24x7digital also agreed to ensure the destruction of all data that had previously been collected and transmitted to third parties.

    Leave a Reply