DOD nixes vendor of online monitoring software over privacy concerns
EchoMetrix suspended from selling products via military's shopping portal
Computerworld - EchoMetrix Inc., a vendor of parental control software that is already under fire for alleged violations of an online children's privacy law, has been suspended from selling its products on a U.S. Department of Defense shopping portal because of privacy concerns.
The action was taken in late October, barely three weeks after EchoMetrix began listing its Internet monitoring products for sale through the U.S. Army and Air Force Exchange Service's (AAFES) Exchange Online Mall. However, news of the suspension surfaced only this week after the Electronic Privacy Information Center (EPIC) obtained documents relating to the incident via a Freedom of Information Act request it had filed with the Defense Department.
The documents show that the AAFES removed EchoMetrix's My Military Sentry Parental Controls product from its Web site because of concerns EPIC raised that customer information was being surreptitiously collected and sold to third parties by EchoMetrix.
An AAFES spokeswoman confirmed the suspension today and said that it had resulted from the privacy concerns raised by EPIC.
"To the best of our knowledge, no military personnel signed up for the service during the approximately three weeks it was available," the spokeswoman said. She added that Exchange Online Mall personnel are monitoring the situation and "will make a decision on how to proceed after further review."
Syosset, N.Y.-based EchoMetrix sells a range of parental control software designed to monitor children's activity on the Internet and to alert parents when a child encounters questionable material. The My Military Sentry product that was pulled from the AAFES Web site is identical to a civilian version of the product called Sentry.
The company, in an e-mailed statement, firmly maintained that it does not collect any information that violates children's privacy laws.
In September, EPIC, a Washington-based privacy advocacy group, filed a complaint against EchoMetrix with the Federal Trade Commission. EPIC claimed that EchoMetrix was violating the provisions of the Children's Online Privacy Protection Act (COPPA) by collecting personally identifiable information about children and their browsing habits and online chats.
EPIC claimed that EchoMetrix used the information to deliver targeted advertising to children and also sold that information to third-party marketers. In its complaint, EPIC pointed to a separate service offered by EchoMetrix called Pulse, which analyzes data gathered from multiple sources including instant messages, blogs and chat rooms. The information is sold as market research intelligence to marketing companies, the EPIC complaint said.
"Pulse boasts of offering unfiltered online conversations and of having access to the teenage market in real-time by capturing instant message conversations, chat room conversations, and blog posts," EPIC claimed.
EchoMetrix's marketing promotes "illegal surveillance" of children, EPIC said in its FTC complaint. EPIC further stated that EchoMetrix's privacy policies were not clearly spelled out and offered no easy way for customers to opt out of such tracking.
In an e-mailed statement, EchoMetrix denied the allegations. "EchoMetrix does not collect personally identifiable information or expose the source of any digital content," the statement said. "The company has never and will never collect, distribute or sell personal information as defined by COPPA."
Kimberly Nguyen, a lawyer for EPIC, said the group's main concern is with the collection of personal data on children. "According to COPPA, companies can't collect personal data from children" without parental consent, which is precisely what EchoMetrix is doing, Nguyen claimed. "They are violating federal statutes" by their actions, as well as violating FTC rules governing the disclosure of privacy policies, Nguyen said.
The FTC has not responded to EPIC's complaint against EchoMetrix.
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!