The lawsuit against New York-based Direct Revenue seeks a court order enjoining the firm from secretly installing spyware or sending ads through already-installed spyware. The suit also asks the court to force the company to provide an accounting of its revenues and to impose monetary penalties.
'Surreptitiously installed spyware and adware harm consumers and businesses, and my office will continue to prosecute these practices aggressively,' Spitzer said in a statement. 'These applications are deceptive and unfair to consumers, bad for businesses that rely on efficient networks to do their jobs, and bad for online retailers that need consumers to trust and enjoy their online experience. We will continue to side with consumers in their fight for control of their desktops.'
In a statement on its Web site, Direct Revenue rebutted Spitzer's allegations. 'This lawsuit is a baseless attempt ... to rewrite the rules of the adware business," the company said. "It focuses exclusively on the company's past practices -- practices we and other industry leaders changed long ago -- and says not a word about what we're doing today
'Mislabeling our products as 'spyware' does a disservice not only to our company, but also to the public by creating an atmosphere of hysteria, confusion and inaccuracy.'
Direct Revenue, now represented by the Andrew Celli of the New York law firm Emery Celli Brinckerhoff & Abady LLP, said it tried to settle the lawsuit, but Spitzer refused.
The lawsuit follows an extensive investigation that documented Direct Revenue's practice of installing advertising software on computers without proper notice, Spitzer said. In many cases, the installations were instigated when Direct Revenue or one of its distributors advertised 'free' applications such as games or browser 'enhancement' software, omitting reference to the spyware that would accompany any downloaded application, Spitzer said. Once users downloaded the applications, surreptitious code was placed on their computers by Direct Revenue's own servers, according to Spitzer.
His office also recorded several instances in which Direct Revenue's spyware was installed through silent 'drive-by-downloads,' -- downloads that took place without any notice to consumers from 21 separate Web sites through a practice known as 'bundling." Among the names of the programs that Direct Revenue downloaded this way are 'VX2,' 'Aurora,' and 'OfferOptimizer,' each of which tracks consumers' behaviors on the Web and then delivers sequential pop-up ads to them, Spitzer's office said.
The investigation revealed that Direct Revenue deliberately designed spyware that, once downloaded, was extremely difficult to detect and remove. In many cases, it reinstalled itself after being removed by users.
The suit specifically targets the company's founders and chief officers Joshua Abram, Alan Murray, Daniel Kaufman and Rodney Hook, who have owned a majority of the company's stock since its inception. Numerous e-mails submitted with the lawsuit document their knowledge of and participation in the underlying fraudulent practices, according to the statement.
'The government has been getting quite a bit more active, primarily because this stuff is having such a drag on networks and productivity,' said Rob Enderle, principal analyst at The Enderle Group in San Jose. 'It is reaching a point where there is no reasonable tool that can defend against this stuff; the volume is too overwhelming. Soon we will need a way to reinstall the OS more frequently to get rid of all the malware. So I do expect to see much more of these lawsuits going forward.'
In a statement on its Web site, the Center for Democracy and Technology (CDT) applauded Spitzer's efforts, saying that 'aggressive law enforcement will be essential to curbing the spread of unwanted, potentially damaging programs throughout the Internet.'
Ben Ames, of the IDG News Service, contributed to this report.