OpenX Ad Exchange Settles With FTC Over Alleged COPPA and Other Violations

Snehal Desai, Liisa Thomas
Sheppard Mullin Richter & Hampton LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Sheppard Mullin Richter & Hampton LLP

OpenX Technologies recently agreed to pay $2 million to settle FTC allegations that the advertising platform violated the FTC Act and the Children’s Online Privacy Protection Act. OpenX runs a programmatic ad exchange, running a bidding platform that auctions online ad space. The company contracts with publishers who have open ad space as well as ad networks with inventories of ads they are seeking to publish online.

According to the FTC, while OpenX indicated in its privacy policy that users could opt out of having location information collected or used by “using the location service controls in your mobile device’s setting” in fact, it continued to collect and use location information from those who had followed the opt-out process. The FTC argued this was deceptive in violation of Section 5 of the FTC Act.

In addition, according to the FTC, OpenX posted ads on sites that its human quality team identified as child-directed. The FTC complaint indicated that millions (if not billions) of ad requests were received from these sites and aps, and these bid requests contained personal information of children. Ads were then placed on those sites. The FTC found that because of the placement of programmatic ads on these child sites, OpenX needed to have complied with COPPA’s parental notice and consent requirements, since the serving of these ads involved the collection of personal information from children. The FTC found incorrect the standard language OpenX had in its privacy policy. Namely, stating that the company did not “engage in activities that require parental notice or consent” under COPPA.

In addition to the monetary penalty, OpenX has agreed to delete all data that it collected in violation of the COPPA Rule. OpenX has also agreed to implement a comprehensive privacy program to ensure COPPA compliance.

Putting it into Practice: This case serves as a reminder that the FTC will look closely at companies’ underlying technologies and practices when determining privacy compliance, including whether companies are adhering to their stated privacy notice. (In other words, not doing anything the FTC might consider a deceptive practice.) This case is also a reminder that the FTC takes the perspective that the serving of targeted advertising in many circumstances involves the collection of personal information.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sheppard Mullin Richter & Hampton LLP | Attorney Advertising

Written by:

Sheppard Mullin Richter & Hampton LLP
Sheppard Mullin Richter & Hampton LLP
Contact
more
less

Sheppard Mullin Richter & Hampton LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide