What’s So Hot About Hotbar? updated May 19, 2005

Last week Sunbelt announced that Hotbar sent Sunbelt a Cease and Desist letter, apparently demanding that Sunbelt stop detecting Hotbar software and offering users an option to remove it. I immediately updated my Threats page. But then I started wondering: How does Hotbar get onto users’ PCs? And what does Hotbar do once installed?

My new Hotbar Installs via Banner Ads at Kids Sites shows a variety of unsavory Hotbar practices: Promoting Hotbar advertising software at sites targeting kids, using banners with smiley faces but without mention of ads. Failing to affirmatively show a license agreement, and burying advertising terms so many screens into the license and below such counterintuitively-labeled section headings that users cannot reasonably find the key provisions. First affirmatively mentioning advertising on a screen that offers no Cancel button for users to decline the installation. And ultimately bombarding users with ads in pop-ups, web browser toolbars, Windows Explorer toolbars, auto-opening sidebars, and even desktop icons.

Meanwhile, Hotbar’s C&D indicates that their software is no longer detected by Microsoft Anti-Spyware, Lavasoft Ad-Aware, or McAfee. Why not? Consider Microsoft’s policy statement: “Windows AntiSpyware (Beta) alerts the user to the presence of any automatic pop-up advertising appearing outside the context of the program they are currently using.” This certainly describes Hotbar’s pop-up ads. Yet somehow Hotbar has caused — convinced? persuaded? threatened? — Microsoft not to detect their program.

Of course Hotbar is not the only party to blame. Hotbar’s ads arrive at kids sites through ads syndicated by Fastclick (NASDAQ: FSTC). As a publicly-traded company, surely Fastclick could find a better business than foisting advertising software onto unsuspecting kids.

I’ve recently received a copy of the Cease and Desist letter (PDF) Hotbar sent to Sunbelt. Sunbelt says they’ll be responding shortly, and I’m looking forward to reading their response. Meanwhile, some inaccuracies in the letter are so egregious that I feel obliged to note them immediately.

Hotbar claims to provide its users with “explicit explanations” of its services, and Hotbar therefore claims that users “provide … full conscious consent to each and every aspect of Hotbar software.” That’s not what I’ve seen when I’ve tested Hotbar. Rather, I have observed Hotbar install without even mentioning the word “ads” until a screen at which users aren’t given a “cancel” button. And nowhere does Hotbar affirmatively show users any mention of its numerous forms of ads (pop-ups, pop-unders, toolbar ads, auto-opening sidebars, and even desktop icons). To say Hotbar users “consent to each and every aspect” is truly a puzzling misstatement of the facts — that’s not what I’ve observed, nor is it what I’ve chronicled in screenshots and videos.

Hotbar then claims that Sunbelt “misrepresent[s]” Hotbar when it calls “Hotbar” adware. I don’t get it. How else is Sunbelt supposed to describe a program that tracks users’ online activities and shows ads, including pop-up ads? If Claria is adware — and even Claria says it is! — then surely Hotbar is properly called adware too. Perhaps reasonable people could disagree about the propriety of calling Hotbar spyware. But “adware”? No.