An advertising network that served banners on cnn.com, orbitz.com, and 45,000 other sites has settled federal charges that it illegally exploited a decade-old browser flaw that leaks the history of websites users visit.

Epic Marketplace used data mined from the history sniffing exploit to assign interests to visitors so the ad network could deliver targeted ads, according to a complaint filed by the Federal Trade Commission. Interest categories included “pregnancy-fertility getting pregnant,” “incontinence,” “memory improvement,” and “arthritis.” The FTC brought the case against New York City-based Epic Marketplace after the practice was revealed by Stanford University researcher Jonathan Mayer in July 2011.

Epic Marketplace settled the charges by agreeing to destroy the data it gathered and to curb the practice in the future, according to a release issued on Wednesday. The settlement also bars the company from making misrepresentations about the data it collects about people browsing the Web.

Read 2 remaining paragraphs | Comments

via Ars Technica » Technology Lab http://feeds.arstechnica.com/~r/arstechnica/technology-lab/~3/bPqyjlpj2vc/

Advertisements