Wanted: Adware Disclosure Standards

The last couple of weeks have seen the mainstream media wake up to the potential of advertising on desktop software. At least, they’ve woken up to the fact that well-known advertisers see the potential.

In a piece called “Pesky Pop-Up Ads Go Mainstream, As ‘Adware’ Gains Acceptance,” The Wall Street Journal’s Michael Totty calls adware “the new spam.” Business Week, meanwhile, tells consumers “Guess What — You Asked For Those Pop-Up Ads.” The articles name advertisers such as Verizon, Sprint, Motorola, and ING Direct Securities.

Big advertisers can’t like being lumped in with “spyware.” They also can’t like being sued for allegedly advertising through such services — as recently happened to JC Penney, Nordstrom, Gevalia Kaffee, and Atkins Nutritionals.

Here’s where I stand: So-called adware tools (and by that I mean ad-supported software) seem to produce fantastic results for some advertisers. That’s great for the industry. Still, the “spyware” taint remains. Industry leaders must provide guidance by establishing a set of rules by which reputable companies comply. Advertisers must refuse to do business with those who don’t.

In thinking about the issue this week, I spoke with a couple of folks who couldn’t be further apart in the debate: Scott Eagle of Claria and Ben Edelman, the crusading Harvard Ph.D. student who’s been an expert witness in cases against adware players. (I tried to get WhenU’s Avi Naider on the line, but his people didn’t respond to email requests.)

The biggest problem hindering development in this arena is the lack of standards surrounding notice and consent. Companies distributing adware must be completely aboveboard with consumers. Yes, that means in some ways they’re held to a higher standard than Web publishers. I liken it to double opt-in email. Sure, you lose a few subscribers between the opt-in and confirmation of that opt-in, but the ones you do get really want the communication. They’re more valuable to advertisers.

Edelman’s been thinking about notice and consent, too, as have legislators who are considering this issue. “The two tests that really jumped out at me are the questions of whether the disclosure was presented at a reasonable time, and in a reasonable manner,” says Edelman.

The moment when the software is downloaded seems the most reasonable time to give notice and obtain consent. There’s a fine balance to be struck here. You need to be complete, but you also need to be clear and concise.

Eagle described to me a back and forth with his legal department that sounded like no fun at all. The result is users are now presented with nearly 7,000 privacy policy and license agreement words before downloading Claria software. For anyone who troubles to read them, the disclosures seem pretty clear. They’d fit my definition of a good practice, especially when paired by a Web page like DivX’s, which explains the relationship between the two software products.

Still, Eagle isn’t thrilled with the lengthy legal disclosures. “The more disclosure you mandate, you can frighten a consumer into making a bad decision,” he notes. “Imagine if when you had to do double opt-in, you had to read this 82-page document.”

Here’s what I know won’t work — it happened to me on a recent weekend. I was scrambling to find the lyrics for a song from the “Shrek” soundtrack for my young neices. Googled it and clicked on a link, only to be bombarded by at least five of those gray ActiveX boxes asking whether I’d like to download this or that. Those aren’t ads — at least, not as a consumer understands them. And, of course, consumer understanding is the usual standard for regulators like the Federal Trade Commission (FTC).

Rushed as I was, I hit “yes” instead of “no” on one of those boxes, and a barrage of pop-up ads ensued. Real software requires you to submit to a licensing agreement, often lets you control where it’s installed, and usually involves several affirmative clicks before anything actually is installed. Thankfully, I’m up on anti-spyware software so I was able to clear things out with no bad consequences (yet).

This kind of ActiveX distribution is used by even the most reputable adware players. Claria does it. But Eagle says the software never installs with fewer than four disclosure screens, and, in some implementations, installation requires no less than nine screens. At least one adware player, 180 Solutions, appears to be much more lax. Its software ended up on my hard drive after just one (accidental) click, a spyware scan revealed. If 180 Solutions really wants to go legit — and a recent visit to our offices would seem to suggest it does — it should stop such practices immediately. I’d go so far as to say ActiveX distribution should be outlawed entirely, as it doesn’t meet the consumer understanding test.

The FTC, in its April workshop on spyware, asked industry leaders such as Microsoft, America Online, and EarthLink to produce a set of best practices for adware use, including disclosure statements. Others have told me the industry groups are quietly discussing guidelines behind closed doors. The time to tackle the adware credibility problem is now. Disclosure is the place to start.

Nominations are open for the 2004 ClickZ Marketing Excellence Awards.

Related reading