Revisiting Unlawful Advertisements at Google

Last week, Google’s 10-Q disclosed a $500 million charge "in connection with a potential resolution of an investigation by the US Department of Justice into the use of Google advertising by certain advertisers." Google initially declined to say more, but a Wall Street Journal report revealed that the charge resulted from Google’s sale of advertising to online pharmacies that break US laws.

While Google has certainly profited from selling advertisements to rogue pharmacies, that’s just one of many areas where Google sells unlawful advertisements. Here are six other areas where I’ve also seen widespread unlawful AdWords advertisements:

  • Advertisements charging for something that’s actually free. I’ve documented scores of AdWords advertisements that attempt to trick users into paying for software that’s widely available for free — charging for RealPlayer, Skype, WinZip, and more.
  • Advertisements promising "free" service but actually imposing a charge. I have also flagged dozens of advertisements promising "100% complimentary" "free" "no obligation" service that actually comes with a monthly charge, typically $9.99/month or more. Promising "free" ringtones, these services rarely ask users for their credit card numbers. Instead, they post charges straight onto users’ mobile phone bills — combining carrier-direct billing with deceptive advertising claims in order to strengthen the illusion of "free" service.
  • Copyright infringement – advertisements touting tools for infringing audio and video downloads. For example, in 2007 media companies uncovered Google selling advertisements to various download sites, typically folks charging for Bittorrent clients. These programs helped users download movies without permission from the corresponding rights-holders, which is a double-whammy to copyright holders: Not only did labels, studios, artists, and filmmakers get no share of users’ payments, but users’ payments flowed to those making tools to facilitate infringement.
  • Copyright infringement – advertisements touting counterfeit software. For example, Rosetta Stone in six months notified Google of more than 200 instances in which AdWords advertisers offered counterfeit Rosetta Stone software.
  • Advertisements for programs that bundle spyware/adware. At the peak of the spyware and adware mess a few years ago, distributors of unsavory software used AdWords to distribute their wares. For example, a user searching for "screensavers" would receive a mix of advertisements — some promoting software that worked as advertised; others bundling screensavers with advertising and/or tracking software, with or without disclosure.
  • Mortgage modification offers . Consumers seeking mortgage modifications often receive AdWords advertisements making deceptive claims. A recent Consumer Watchdog study found AdWords advertisers falsely claiming to be affiliated with the US government, requiring consumers to buy credit reports before receiving advice or help (yielding immediate referral fees to the corresponding sites), and even presenting fake certification logos. One prominent AdWords advertiser had previously faced FTC litigation for telemarketing fraud, while another faced FTC litigation for falsely presenting itself as affiliated with the US government. Other advertisers suffer unsatisfactory BBB ratings, and some advertisers falsely claim to have 501(c)(3) non-profit status.

Google’s Revenue from Deceptive Advertisements

Google does not report its revenues for specific sectors, so it is generally difficult to know how much money Google receives from particular categories of unlawful advertisements or from particular unlawful practices. That said, in some instances such information nonetheless becomes available. For example, the Wall Street Journal reported that Google charged $809,000 to one company advertising tools for unauthorized audio and video downloads. In 2006, I estimated that Google charged more than $2 million per year for advertisements distributing spyware and adware shown when users search for the single keyword "screensavers." Scaling up to other keywords pushing spyware and adware, I suggested Google collects $25+ million per year for advertisements distributing spyware and adware.

Importantly, when AdWords advertisements deliver users into unlawful sites, the majority of the profits flow to Google. Consider a keyword for which several advertisers present similar unlawful offers. The advertisers bid against each other in Google’s auction-style advertising sales process — quickly bidding the price to a level where none of them can justify higher payments. If the advertisers are similar, they end up bidding away most of their profits. Indeed, most of these advertisers have low marginal costs, so their profit approaches their revenue, and Google even collects the majority of their revenue. In 2006 I ran an auction simulation to consider bidder behavior with 10 bidders and 20% standard deviation in per-click valuations; I found that in this situation, advertisers on average paid 71% of their revenue to Google. Drawing on litigation documents, the WSJ reports similar values: EasyDownloadCenter and TheDownloadCenter collected $1.1 million from users, but paid $809,000 (74%) to Google for AdWords advertising. Consumer Watchdog’s revenue estimates, drawn from Google’s own traffic estimation tools, reveal that an advertiser would need to pay more than $6 million per year to capture all the clicks from searches for "credit repair" and "bad credit."

The Scope of Google’s Involvement — and Resulting Liability

Multiple sources have revealed Google’s far-reaching involvement in facilitating and supporting deceptive advertisements. For example, Google staff supplied EasyDownloadCenter and TheDownloadCenter with keywords to reach users, including “bootleg movie download,” “pirated,” and “download harry potter movie." Similarly, plaintiffs in Goddard v. Google alleged that not only did Google show deceptive advertisements for "free ringtones" and similar searches, but Google’s own systems affirmatively suggested that advertisers target the phrase "free ringtones" (deceptive, since the advertisers’ service weren’t actually free) when advertisers requested only the word "ringtones." Google’s involvement also extends to financing. For example, the WSJ reports that Google extended credit to EasyDownloadCenter and TheDownloadCenter — letting them expand their advertising effort without needing to pay Google in advance (as most advertisers must). In short, Google knew about these deceptive advertisements, profited from them, and provided assistance to the corresponding advertisers in the selection of keywords, in the provision of credit, and otherwise.

One might naturally expect that Google is liable when its actions cause harm to consumers — especially when Google knows what is occurring and profits from it. But the Communications Decency Act potentially offers Google a remarkable protection: CDA § 230 instructs that a provider of an interactive computer service may not be treated as the publisher of content others provide through that service. Even if a printed publication would face liability for printing the same advertisements Google shows, CDA § 230 is often interpreted to provide that Google may distribute such advertisements online with impunity. Indeed, that’s exactly the conclusion reached in Goddard v. Google, finding that even if Google’s keyword tools suggests "free ringtone" to advertisers and even if Google is aware of fraudulent mobile subscription services, Google is not liable to affected consumers.

The broad application of CDA § 230 immunity has attracted ample criticism. For example, a 2000 DOJ study concluded that “substantive regulation … should, as a rule, apply in the same way to conduct in the cyberworld as it does to conduct in the physical world.” Yet CDA § 230 unapologetically invites Google to show all manner of unlawful advertisements that would create liability if distributed by traditional publishers. And if Google can turn a blind eye to advertisers using its ad platform to defraud or otherwise harm users, advertisers will do so with impunity. For Google to escape liability is all the more puzzling when Google reaps most of the profits from advertisers’ schemes.

CDA § 230 includes several important exceptions. For example, the CDA does not immunize violations of criminal law — and rogue pharmacies implicate various criminal laws, giving rise to the liability for which Google now expects to pay $500 million. But this exception may be broader than critics yet realize. For example, large-scale copyright infringement and distribution of counterfeit goods may also create criminal liability for the underlying advertisers, hence excluding Google from the CDA safe-harbor for the corresponding advertisements.

Ultimately, I stand by my 2006 conclusion: "Google ought to do more to make ads safe." Since then, Google’s revenue and profit have more than doubled, giving Google that much greater resources to evaluate advertisers. But I wouldn’t say Google’s users are twice as safe — quite the contrary, deceptive and unlawful advertisements remain all too widespread. Kudos to the Department of Justice for holding Google accountable for unlawful pharmacy advertisements — but there’s ample more work to be done in light of Google’s other unlawful advertisements.