FTC Report
This week, the FTC released a report on Monitoring Software on Your PC: Spyware, Adware, and Other Software
This report is based on information presented in the Commission’s April 2004 workshop on spyware and finds:
- It is difficult to define spyware with any precision. While the following does not include all programs that may be considered sypware, it provides a useful starting point for defining spyware: “software that aids in gathering information about a person or organization without their knowledge and which may send such infromation to another entity without the consumer’s consent, or asserts control over a computer wit the consumer’s knowledge.”
- Spyware is a serious problemthat can impair the operation of computers, create substantial privacy leaks and hamper businesses’ computer usage.
- Spyware is often more difficult to uninstall than other types of software.
- Together, both private sector and governmental actions may ameliorate the spyware problems. Software and operating systems should be designed with security in mind. The industry should develop standards for defining spyware and expand efforts to educate consumers about spyware risks. Government should increase criminal and civil prosecution under existing laws, increase efforts to educate consumers about the risk of spyware, and encourage technological solutions.
- The DOJ and FTC staffers who participated in the spyware workshop were not particularly enthusiastic about anti-spyware legislation. They noted that law enforcement actions against spyware distributors have been hampered not by a lack of federal legislation, but rather “by the inherent difficulties in investigating and prosecuting spyware cases.”
SPY Act
On Wednesday, The House Energy and Commerce Committee passed The Securely Protect Yourself Against Cyber Trespass Act (SPY Act) (H.R. 29) 43-0.
Wired News reports: Revised Spyware Bill Moves Ahead
A key committee in the U.S. House of Representatives unanimously approved anti-spyware legislation Wednesday that includes revisions designed to make the bill more palatable to business interests.
HR29, the Securely Protect Yourself Against Cyber Trespass Act, or Spy Act, is sponsored by Rep. Mary Bono (R-California). It aims to prevent spyware purveyors from hijacking a homepage or tracking users’ keystrokes, requires that spyware programs be easily identifiable and removable, and allows for the collection of personal information only after express consent is given by users.
Spyware installed by P2P Programs
Spyware researcher Ben Edelman released a Comparison of Unwanted Software Installed by P2P Programs: “Although each P2P installer included at least a vague reference to each program to be installed, certain P2P programs’ installation procedures nonetheless present cause for concern. For one, substantive disclosures are generally detailed only in license agreements presented in scroll boxes — often squeezing thousands of words of text into small windows requiring dozens of page-downs to view in full.”