The Vanishing Click-Fraud Case

Why was a seemingly slam-dunk case against an alleged click-fraudster who attempted to extort Google quietly dismissed?

by Ben Elgin

A detective novelist might call it The Mystery of the Vanishing Click-Fraud Case.

It began on Mar. 10, 2004, when a computer programmer from Oak Park, Calif., named Michael Anthony Bradley arrived at Google's (GOOG) offices for a prearranged meeting with the company's engineers, according to a criminal indictment filed two years ago in the U.S. District Court in San Jose. Bradley, then 32, proceeded to demonstrate new software, dubbed "Google Clique," designed to generate false clicks on Google ads. Bradley claimed his program could force Google to pay millions of dollars on false clicks and threatened to release it to others unless Google paid him approximately $150,000, according to the indictment.

Law enforcement, tipped off earlier, taped the meeting from the room next door and soon arrested Bradley. It appeared Bradley would become the first person criminally prosecuted for charges related to click fraud, the Achilles heel of the Internet-advertising industry, which costs marketers as much as $1 billion a year (see BusinessWeek, 10/2/06, "Click Fraud").

Google Backs Down

But on Nov. 22, the U.S. Attorney's Office quietly dismissed charges against Bradley. The prosecutors, who had announced the arrest and indictment of Bradley in press releases, refused to discuss why they dropped the case. Defense attorney Jay Rorty declined to comment or make his client available. Attempts to reach Bradley weren't successful. A Google spokesman issued a vague statement: "We continue to work closely with law enforcement in many areas, including click fraud. Individual cases may or may not be pursued by law enforcement at their discretion."

Why did a seemingly strong criminal case simply vanish? A key culprit may have been Google's own unwillingness to cooperate with prosecutors, according to people familiar with the case.

There is little about Google's business that is more closely guarded than the issue of click fraud. Company officials say they take the issue seriously and have zero tolerance for fraudsters who generate bogus clicks on ads in order to profit. The search giant says it detects most fraudulent clicks before advertisers are ever billed and that industry concerns are overblown. But Google won't discuss specifically how it detects bad clicks or what percent it deems fraudulent, only that it's "less than 10%," saying such information could be helpful to would-be scam artists.

"A Black Box"

Critics contend that such secrecy is problematic, because Google and its competitors also make money on fraudulent clicks. Here's how it works: Hundreds of thousands of advertisers that market on Google's search engine also let Google distribute their ads to other Web sites. When an ad is clicked on a partner site, both Google and the Web site operator split the revenue and the advertiser is charged. If such a click is bogus, and gets through the search company's filters, Google still profits, at least in the short run—leaving some in the industry suspicious of its efforts to combat fraud. "Google is a black box," says John Linden, chief technology officer at Think Partnership, an interactive advertising agency.

Whatever the reason, the silence makes prosecutors' jobs harder. In order to prove charges stemming from extortion and click fraud, legal experts say Google would have to pull back the curtain on how it quantifies and grapples with the issue. For instance, prosecutors trying to prove click fraud would have to show specifically how and why clicks allegedly generated by Bradley were deemed fraudulent.

Meanwhile, charges for extortion could open the door to closely held data about the size of this issue for Google. Many industry estimates have put the click-fraud rate at 10% to 15% of all clicks. Google has called the estimates inflated, but won't disclose its own figure.