Announced today -- adware company DirectRevenue has settled the lawsuit brought last April as a class action in the state of Illinois. DirectRevenue has been under fire for its installation through exploits, making its software next to impossible to remove by usual methods, bundling adware/spyware, using deceptive business practices. Terms of this settlement include:
- DirectRevenue will destroy any personally identifiable information about computer users including Social Security Numbers, bank account information, email addresses, etc. and must no longer collect such information.
- DirectRevenue will force users to affirmatively accept installation of their software and disclose information about the functionality of the software separate from the EULA.
- DirectRevenue is prohibited from installing software by Active X, security exploits or any other method that does not require users' affirmative consent.
- DirectRevenue will not distribute software at sights targeted to children.
This settlement is unusual in that no cash settlement is included for class members, but it allows for individuals to file claims against DirectRevenue for damages. I agree with Jeff Molander's comment that the weak point in this agreement is affiliate control and management.
The company agrees to hold its affiliates responsible for terms agreed to as part of this settlement but makes no warranties beyond its commitment to "closely police its distributors." It promises to "take appropriate action based on the circumstances of the violation, potentially including termination of the distributor." The use of sub-affiliates is also not prohibited.
Legal action against DirectRevenue is still pending in California.
Update March 14: I received an email from David J. Fish, the attorney from of The Collins Law Firm (that filed the suit) to clarify the portion of the settlement related to DirectRevenue's control over distributors.
One of the main reasons that we agreed to the settlement relates to the ability of our law firm, the Class of Illinois residents, and a Federal court to hold DirectRevenue accountable for any misconduct that may have been aided by one of its distributors. We have structured the settlement agreement to accomplish this very important goal.1. DirectRevenue Responsibility for Distributor Misconduct. DirectRevenue cannot responsibly claim under the settlement agreement that 'you can't hold us liable for what our distributors do--they are independent contractors.' If the anti-spyware community sees unlawful distributions of DirectRevenue's software by anyone, we have the right to invoke the immediate power of a Federal judge against DirectRevenue. We feel the most effective way to control distributions is--not by chasing the countless distributors who are located around the world--but to control the company that pays for the distributions. The bottom line is that if there is a violation the terms of the settlement, we don't care whether DirectRevenue is going to try to 'pass the buck.' We will seek to have DirectRevenue held accountable.2. The Power of a Court Order. If DirectRevenue (or its distributors) violate the settlement agreement, we have the right to ask a Federal judge to hold DirectRevenue in contempt of court for violating a court order. This is why we insisted on DirectRevenue agreeing to "injunctive relief". The terms of the settlement are not only in a contract---but DirectRevenue has agreed to be bound to the changes by a Federal Court Order of the United States District Court for the Northern District of Illinois. The violation of a Court Order is a very serious matter as it can lead to a company being held in contempt of court. In addition, unlike a typical lawsuit that can take years to resolve, we can immediately seek the attention of Federal judge who oversaw the Sotelo v. DirectRevenue case and the negotiation of the settlement.