Spitzer’s Witchhunt Nails Adware Executive Personally

By Eric Goldman

In response to my post yesterday about adware witchhunts, a reader privately criticized me for analogizing the adware situation with manias where people’s lives were at stake. Ben Edelman made a similar point in his comment to the post. I didn’t mean to suggest (directly or via an analogy) that people would die because of the anti-spyware mania, and I apologize for any statements that suggested or implied otherwise.

However, I was trying to say, and I remain fully convinced, that the anti-spyware mania will extract significant personal tolls on those targeted, even if the legal basis of their targeting is questionable. As if on cue to provide evidence for this point, today Sheriff Spitzer announced his latest trophy: Intermix CEO Brad Greenspan entered into an “Assurance of Discontinuance” which requires him to pay $750,000 for his alleged wrongdoings, which allegedly included

* “Greenspan directed Intermix’s employees to bundle adware programs with other free software programs to avoid informing consumers of their existence by disclosing Intermix’s adware programs only in a linked, inconspicuous, End User License Agreement.”

* “Greenspan directed subordinates to bundle the adware programs to make them difficult to uninstall.”

Now, given that Intermix sold for $580M, Greenspan may be able to afford the $750,000 check. I also suspect that Greenspan had other personal motivations for consenting rather than fighting. For example, perhaps his assurance of discontinuance was a precondition to final approval of the overall Intermix settlement with Spitzer, which in turn might have been a precondition to the close of the Intermix acquisition. I don’t know if this hypothesis is right, but my point is that there may have been behind-the-scenes motivations that explain this settlement.

But what about the law? On what legal basis is an executive individually and personally responsible for decisions taken on behalf of a company?

I’m not an expert in this area, but the default rule is that if a company breaks the law, individual officers, directors and employees aren’t liable personally. There are statutory exceptions to this, and in some cases the corporate organization is so thin that we can’t distinguish between a corporation’s actions and an individual’s actions (such as a company where a single person is sole owner and employee). And in consumer protection actions, it’s not unprecedented that individuals who run small operations to be covered by an enforcement action.

But actions against executives of “real” companies are pretty rare. Further, Greenspan’s decisions were both legally colorable in their propriety and extremely typical of the decisions made by adware executives…and many other software vendors.

The universality of Greenspan’s decisions surely must be the point. Spitzer’s sending the message that no one in the adware business is beyond his reach. Accordingly, I completely reject any argument that the witchhunt won’t significantly affect the lives of the people targeted. Greenspan’s $750,000 check says otherwise.