Legislation takes aim at spyware

Greater disclosure of monitoring software's use required by bill

A resolution introduced in Congress last month would force companies to lift the cloak on their use of spyware to collect information secretly from Internet users.

HR 2929, the Safeguard Against Privacy Invasions Act, would require companies to inform surfers and get permission before installing spyware on local hard drives. Spyware can track Internet browsing, examine files on hard drives and even monitor keystrokes, according to analysts and trade groups.

Privacy advocates say spyware can collect passwords and credit card numbers. Disclosure, if any, often comes in the fine print of terms of use agreements, which few casual Internet users read or download.

Federal legislation 'will help prevent such invasions of privacy,' said co-sponsor Rep. Mary Bono (R-Calif.) in a statement. 'Through this bill, users will knowingly agree to the conditions under which spyware operates before it is installed.' Bono sponsored the resolution with Rep. Edolphus Towns (D-N.Y.).

Web sites that use spyware would have to clearly post a notice about the software and how it is to be used, and a separate note if the spyware gathers personally identifiable information. Users would have to grant permission before the software could be installed.

Federal agency sites would be exempt from the rules, an aide to Bono said. The Federal Trade Commission would enforce the law and could levy civil and criminal penalties.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.