eBay is dropping ValueClick's Commission Junction as the manager of the affiliate programs for eBay's auctions and Half.com sites. Monday's announcement came as the Federal Trade Commission announced ValueClick would pay a record $2.9m to settle charges it engaged deceptive advertising and failed to secure sensitive customer data.
About 100,000 eBay and Half.com affiliates will be required to migrate away from ValueClick's Commission Junction by May 1. ValueClick has managed the affiliate programs since 2001. For now, eBay will continue to use Commission Junction to manage programs for properties including StubHub, ProStores, eBay Stores and Tradera AB, but it left the door open to drop ValueClick on those sites as well.
Starting next month, eBay will launch an in-house program dubbed the eBay Partner Network. The online auction house made no reference to the FTC action in a press release announcing the change. Instead, it said the new program would "allow eBay to more closely align the program with the needs of of its publishers and the eBay community, and will eventually engage all of eBay's assets to create one of the most robust affiliate networks in existence."
In agreeing to pay the $2.9m, ValueClick admitted no wrongdoing. The payout, the largest settlement ever in a case based on the 2003 anti-junk mail law known as the CAN-SPAM Act, follows allegations that ValueClick's Hi-Speed Media subsidiary used deceptive emails, banner ads and pop-up windows to drive traffic to its websites. The ads claimed that end users were eligible for free gifts such as laptops and iPods when in fact the items were only available to people who accepted a host of expensive offers from third-party partners.
The federal watchdog agency also alleged that ValueClick falsely claimed it safeguarded customers' sensitive financial records using industry-standard encryption. In fact, the FTC alleged, ValueClick either failed to encrypt the data at all or used insecure forms of the technology. Additionally, the FTC said several ValueClick websites were vulnerable to SQL injection attacks, which cause the sites to turn on their visitors by installing malware of vulnerable end-user machines.
ValueClick is required to conspicuously disclose that consumers are required to incur financial or other obligations to qualify for merchandise. The company is also required to establish a comprehensive security program for securing sensitive customer information. The program will have to be monitored by a third-party assessor for 20 years. ®