New York’s attorney general sued an Internet company Thursday over the selling of e-mail addresses, in what authorities say may be the biggest deliberate breach of Internet privacy ever.
Attorney General Eliot Spitzer accused Gratis Internet of selling personal information obtained from millions of consumers despite a promise of confidentiality.
The consumers thought they were simply registering to see a Web site offering free iPod music players or DVD movies and video games, Spitzer spokesman Brad Maione said. On sign-up pages, Gratis promised it “does not ... sell/rent e-mails.”
Instead of confidentiality, Spitzer said, Gratis sold access to their e-mail information to three independent e-mail marketers, and hundreds of millions of e-mail solicitations followed.
Company rejects allegations
A company spokesman, George Thompson, said the allegations “are completely untrue.”
He said Gratis hired Datran Media of New York City, a leading e-mail marketer, to manage “the logistics of marketing products and services via e-mail to Gratis’ own user base.” Datran and two other hired companies “at no time ever engaged in a sale or purchase of data,” Thompson said in a statement.
Gratis, based in Washington, D.C., always controlled and owned the users’ information and never profited from any sale of data, he said.
In a related lawsuit March 12, Spitzer accused Datran Media of using unauthorized personal data “mined” by other firms from about 6 million e-mail addresses nationwide. Datran agreed to reform its practices under a $1.1 million settlement.
“Unless checked now, companies that collect and sell information on consumers will continue to find ways to erode the basic standards that protect privacy in the Internet age,” Spitzer said.
Spitzer’s “data mining” investigation began last year amid reports of companies compiling and selling marketing lists.
Free merchandise offered
Gratis owns and operates Web sites that offer free merchandise for registering their e-mail addresses. The state fraud lawsuit accuses its owners, Peter Martin and Robert Jewell, of privacy violations in 2004 and 2005.
He said the company’s promises to consumers included: “We will never give out, sell or lend your name or information to anyone,” and “We will never lend, sell or give out for any reason your e-mail address or personal information.”