State Joins Multistate Settlement with PointRoll to
Resolve Internet Privacy Allegations
Attorney General George Jepsen and state Department of Consumer Protection Commissioner William M. Rubenstein today announced that Connecticut has joined a $750,000 multistate settlement with digital advertising company PointRoll, Inc. that resolves an investigation into whether the company violated consumers' privacy by unlawfully circumventing the privacy settings in Apple Inc.'s Safari Web browser.
PointRoll is a digital advertising and technical services firm owned by parent company Gannett Corp. Connecticut, along with five other states, alleged that between December 13, 2011, and February 15, 2012, PointRoll circumvented privacy settings controlled by consumers that would have otherwise blocked cookies from third parties or advertisers and allowed cookies to be placed in Safari Web browsers. Cookies are the small files set in Internet users' Web browsers that allow for advertisers to gather information about consumer, such as their Web surfing habits. Connecticut's overall share of the settlement totals $110,000.
"Consumers should have the right to freely surf the Web without concern that advertisers are utilizing various efforts to bypass privacy settings in order to extract information," said Attorney General Jepsen. “We take allegations of bypassing consumers' privacy settings seriously and remain vigilant of conduct that attempts to circumvent such settings without a user's knowledge or consent."
“Brazenly disregarding consumer preferences is an unwise business practice that borders on unethical conduct,” Consumer Protection Commissioner William M. Rubenstein said. “We applaud New Jersey’s leadership in the investigation and negotiation with PointRoll and we will continue to uphold Connecticut consumers’ right to choose.”
Under the settlement terms, PointRoll is prohibited from engaging in practices to override cookie blocking settings configured by consumers in order to gather information about consumers in the future.
PointRoll must also implement a privacy program within six months that will include employee training on the importance of user privacy and how to maintain it. Lastly, PointRoll must ensure that their servers are configured properly as to instruct Safari Web browsers to expire any cookie placed by PointRoll using its browser circumvention technique, if those systems encounter such cookies, for a period of two years.
New Jersey led the Executive Committee that investigated PointRoll and negotiated the multi-state settlement. In addition to New Jersey and Connecticut, other states participating in the settlement include Florida, Illinois, Maryland and New York.
Assistant Attorneys General Lorrie Adeyemi and Michele Lucan, members of the Attorney General’s Privacy Task Force, and Assistant Attorney General Matthew Fitzsimmons, head of the Task Force, assisted the Attorney General with this matter.
Office of the Attorney General:
Department of Consumer Protection:
Facebook: Attorney General George Jepsen