Back in June, the US Federal Trade Commission announced it was investigating the department store chain Sears for spying on its customers' online activity. It was a sneaky little arrangement where Sears had tracking software in a vehicle called My SHC Community. All consumers had to do was pay $10 for the privilege of getting spied on. The program collected all the details of every internet browsing session that occurred on a participant's compute. Non-web-related details about the computer itself were also collected. The FTC alleged that Sears' software collected not just traffic data, but personal details and bank records as well. "The tracked information included not only information about websites consumers visited and links that they clicked, but also the text of secure pages, such as online banking statements, video rental transactions, library borrowing histories, online drug prescription records, and select header fields that could show the sender, recipient, subject, and size of web-based email messages."

Sears neglected to tell customers what it was doing. "Respondent's failure to disclose these facts, in light of the representations made, was, and is, a deceptive practice," the FTC said.

Despite the tough talk, the FTC did the equivalent of poking Sears with a soft cushion. In its determination, the FTC says Sears has to let customers know what it's doing. "If Sears advertises or disseminates any tracking software in the future, it must clearly and prominently disclose the types of data the software will monitor, record, or transmit. This disclosure must be made prior to installation and separate from any user license agreement. Sears also must disclose whether any data will be used by a third party."

So let's get this straight! Sears was collecting data unlawfully but it instead of being punished, it's just being told to be up front. This is outrageous! Imagine what would have happened if that data was misused.

As the BloggingStocks site says, what if someone had got hold of that data and gone through a customer's bank account, or stolen their identity.

There is nothing stopping Sears misusing that data and nothing here that will stop other companies doing the same.