Claria's Misleading Installation Methods -
Benjamin Edelman - Misleading Installations - Spyware Research, Legislation, and Suits

Claria promotes its software through banner advertisements shown within certain web sites, including web sites largely catering to children. Users need only click on an ad once, then press "Yes" once, in order to receive Claria software. Claria shows a license, but only after its software has become installed on users' PCs.


Related Projects

180solutions & Affiliate Commissions

Advertisers Using WhenU

WhenU Violates Own Privacy Policy

Documentation of Gator Advertisements and Targeting

"Spyware": Research, Testing, Legislation, Suits

Other Research by Ben Edelman

Claria uses a mix of installation practices to get its advertising software onto users' PCs. Some users receive Claria software when they request certain peer-to-peer filesharing programs. (Example and analysis.) Others get Claria via misleading popups as they attempt to browse unrelated web sites. (Example.) This article presents a further way that Claria distributes its software: Confusing banner advertisements embedded within certain web sites.

The reduced intrusiveness of Claria's banner ads makes them appear relatively innocuous. But in my analysis Claria's banner ads are deficient in important respects:

Installation at Sites Targeted at Children, a site targeting children, that nonetheless promotes Claria.Claria's PrecisionTime and DateManager are promoted at, a site that describes itself as offering "free, fun, family games." Ezone's Privacy Statement (archive: web page, screenshot) specifically claims that Ezone "meets the guidelines of TRUSTe's Children's program" -- indicating Ezone's intention to cater to children. Beyond offering games, Ezone's site includes overstated cartoon characters, simple language, and straightforward designs that seem particularly likely to appeal to children.

Ezone is one of many sites that promotes Claria software despite being largely targeted at children. For example, I have also seen and recorded Claria software promoted on sites offering song lyrics and at other sites offering cartoon-style games. (Screenshots.) In my experience, these lyrics and games sites are disproportionately visited by children.

What's the big deal about offering software via web sites that tend to serve children? For one, children generally cannot enter into contracts -- so even if a child clicks the "Yes" button Claria subsequently presents, Claria's license terms may not be binding. Also, children may be less able to assess the merits of a Claria offer -- less able to determine whether Claria software is a good value, less able to realize the privacy and other consequences of installing Claria software, less able to understand Claria's lengthy license agreement.

For Claria to claim that its users "agree to receive advertising," Claria needs the users who accept its software to be consenting adults, not kids. Advertising its software on sites that largely cater to children tends to undermine Claria's claim of receiving meaningful user consent.

Interestingly, even when Claria ultimately shows a license agreement, Claria imposes no requirements as to a user's age, despite requiring that users make numerous other specific representations (e.g. accuracy of the user's time zone setting).

Promotional Methods: Fake Windows Dialog Box

At, Claria shows a banner ad that looks like a Windows message box. Like genuine Windows dialog boxes, Claria's ad features a grey background, a border accentuated with bright lighting (top-left corner), shadows (bottom-right), and a dark blue title bar with bold white lettering. Like genuine Windows dialog boxes, Claria's ad includes a small icon in the upper-left corner, as well as a button with rounded corners, highlighting, shadows, and even the usual centered "OK" label. Finally, like genuine Windows dialog boxes, Claria's ad uses a standard sans serif font.

A Claria ad, as shown within the Ezone site.

But Claria's ad is not a genuine Windows dialog box. If a user clicks anywhere in the ad -- even on the upper-left icon that would ordinarily display a menu to dismiss the ad without taking any action -- the user's web browser opens a new window and begins to attempt to install Claria software. Even if a user merely clicks the "OK" button -- acknowledging the warning but intending to decline to install new software -- Claria nonetheless proceeds with the attempted installation.

Claria's ad admittedly includes some characteristics atypical of standard Windows dialog boxes. The bottom-left corner includes the word "Advertisement" -- but in a smaller font and in grey color (rather than black), therefore less noticeable. Ezone added its own "Ad" label (white text on a blue background) at the upper-left of the ad window, but this label is sufficiently distant from Claria's ad that users may not notice it at all. (This label is also absent from Claria ads as shown elsewhere. Examples.) Finally, Claria's ad vibrates back and forth in a way that tends to draw in the user's eye -- quite effective at getting attention, but also atypical of genuine Windows dialog boxes.

My sense is that Claria designed this advertisement precisely to play on users' confusion as to whether the image is a genuine Windows dialog box. Some users may quickly deduce that the image is merely an ad. Others may ultimately figure it out, even if they are initially confused. But if enough users click on the image before realizing that it is only an ad, then Claria will succeed in its goal of attracting new users.

Users obtained through this type of ad are, to my mind, ill-gotten. Such users were pulled in to Claria's product under the false premise that Claria's pitch came from software users had already installed, or even from Windows itself. Some users may understand that the image is an ad, but others are likely to be confused, especially those who are novice computer users, who don't inspect the ad critically, or who are in a rush. The "OK" button is particularly confusing because users might expect such a button to remove or dismiss a window, or to stop its distracting vibration, rather than to facilitate the installation of new software.

Claria is not alone in finding fake dialog boxes an attractive way to promote its products. In November 2002, Bonzi Software was sued for using similar methods to promote its Bonzi Buddy software. Like Claria, Bonzi styled its ads as Windows message boxes -- complete with matching colors, font, and buttons. Notably, Bonzi's ads lacked the small "advertisement" label present on Claria's ads. After six months of litigation, Bonzi agreed to a settlement under which it not only added "advertisement" labels, but it also removed the confusing "OK" button.

Promotional Methods: Overstated Warnings

The Windows XP dialog box implementing the same feature Claria describes.  Windows 2000 and XP users already have this feature, without accepting any extra pop-up ads from Claria or others.The text of Claria's banner ad reports that a user's "computer clock may be wrong." Taken literally, this is a vacuous statement: The user's clock might be wrong; then again, it might be accurate.

But Claria's "clock may be wrong" is worse than just vacuous: Claria shows this warning even if it has good reason to believe that the user's computer already runs software to keep its clock set correctly. Windows XP includes automatic clock synchronization features to keep users' clocks accurate -- without any extra software from Claria or elsewhere. Furthermore, users' web browsers generally transmit their operating system version with every HTTP request -- making it easy for a web site to see whether a given user is already running an operating system not in need of Claria's time-synchronizing system. See the "User-Agent" header sent by a computer in my lab, running Internet Explorer 6 on Windows XP (identified for this purpose as "Windows NT 5.1").

User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

This User-Agent header is prominently sent to the web server that replies by sending Claria's "clock may be wrong" ad. So Claria is warning users that their clocks "may be" wrong -- even when users have sent specific reason to think their clocks are already accurate.

Another Claria banner ad, again using the style of a Windows message box.Beyond Claria's clock-synchronizing ads, Claria's other ads have similar problems with overstated warning text. For example, Claria's WebSecureAlert ads tell users to "Use protection" and suggest that WebSecureAlert will provide such protection. But the actual protections provided by WebSecureAlert falls far short of, for example, PC Magazine's recent security recommendations.

Bypassing Blocking: The Domain

Claria installer uses a domain name unrelated to Claria's company name or product names.Many system administrators and users take steps to keep Claria software off their networks. For example, the IE-SPYAD registry patch blocks any CAB file from from installing new ActiveX controls. Real-time blocking features of certain anti-spyware programs use similar methods, and perimeter-based spyware blocking systems also often block Claria in this way.

However, these Claria ads bypass ordinary efforts to block installation. The Claria ads at issue do not come from within the domain. Rather, these Claria ads come from a gibberish domain name,, that blocking systems are less likely to recognize.

I see no legitimate business reason for Claria to use an arbitrary domain name (like "belnk") to install its software. A domain like would work fine, and Claria can always create new subdomains (e.g. "installations2") if it needs more addresses. But by changing to an arbitrary domain, Gator can circumvent blocking that specifically intends to keep Gator out -- even when such blocking is put in place by a system administrator or user fully authorized to limit what software can be installed on a particular PC or network.

I don't want to overstate the point -- blockers ultimately come to recognize Claria's new domains, and by now IE-SPYAD and others block just as they have long blocked But it's hard to see why Claria would change domain names except to circumvent blocking.

Installation Disclosures: Misleading Statements and Material Omissions

The Claria installation procedure.  If a user clicks Yes once, Claria software becomes installed.If a user clicks on Claria's initial "clock may be wrong" ad, Claria takes the user to a new web page which opens a popup attempting to install Claria software. If a user presses "Yes" once, then Claria software becomes installed on the user's PC.

In the blue text at right, Claria's popup tells users that Claria will show "GAIN-branded pop-ups and other ads based on websites you view." I consider this disclosure misleading because it omits essential characteristics of Claria software. In particular, the disclosure fails to mention that pressing "Yes" will transmit to Claria (and store on Claria servers) information about which web sites a user visits. (A November 2003 eWeek article reported that Claria's then-12.1 terabyte decision-support database was already the seventh largest in the world -- bigger than Federal Express, and rivaling Amazon and Kmart.)

Claria's "based on websites you view" disclosure does not tell users that Claria will transmit and store information about users' behavior. For example, Claria could show ads based on users' actions without transmitting users' actions to Claria servers and without storing users' actions on Claria servers.

In some installations, Claria installs not just its time-synchronization software and its advertisement display software, but also its "DashBar" web browser toolbar. Claria's initial ad ("your computer clock may be wrong...") says nothing about addition of any web browser toolbar, nor does the blue underlined text make any such statement (unless the word "DashBar" alone suffices to describe a toolbar). Instead, users receive Claria's web browser toolbar without Claria even mentioning the word "toolbar" in any on-screen statement or disclosure. Screenshots.

License Agreement: Time of Display, Substance

A Claria ad, as shown within the Ezone site. User clicks on Claria banner ad.
The Claria installation procedure.  If a user clicks Yes once, Claria software becomes installed. User clicks "Yes" once.
Claria software begins to be installed.
The detailed information shown to users after they accept Claria's installation. Claria shows license agreement.
Installation cannot be cancelled.

Only after a user presses "Yes" to install Claria does Claria show the user a license agreement that describes Claria's effects in detail. The screenshots at right show the sequence of installation steps.

When Claria's license agreement appears, it is already too late for a user to easily change his mind. Claria shows its license in an ordinary web browser. Pressing the "X" in that browser's upper-right corner serves only to close the window, not to cancel the installation of Claria software.

I have previously critiqued Claria's license agreements for provisions that I view as substantively unreasonable. For example, Claria purports to restrict "authorized" removal methods of Claria software. Claria also purports to limit users' right to study what personal information Claria is sending to Claria servers over users' Internet connections.

The text that Claria shows is a total of 7,295 words long, displayed in a four-step wizard-style web interface. The overwhelming majority (6,777 words) is shown within the first step, which stretches to 34 on-screen pages as presented by Claria's license window.

Beyond its long length, Claria's license fails to implement the improvements Claria has previously promised:

Correcting These Deficiencies: Claria's Direct Control

Claria has within its power the ability to correct the shortcomings described above. Claria can modify its advertisements to avoid making overstated claims, enticing users with claims of functionality users already have, and resembling Windows dialog boxes. Claria can revise its installers to affirmatively show each user Claria's license and other important disclosures before installation proceeds, not after. Claria can revise its license in the ways it has previously promised. Claria can disable or cease to use any installation procedures not up-to-date with these corrections; all the content at issue comes from servers within Claria's direct control.


Last Updated: May 10, 2005 - Sign up for notification of major updates and related work.