Spy Block bill would outlaw hidden spyware

Free software downloaded over the Internet can contain all kinds of unexpected'and unwanted'surprises, including spyware to track your online browsing and deliver pop-up ads.

A bill introduced in the Senate would outlaw these surprises, making it a crime to install software on a computer without the user's knowledge and permission.

The Spy Block Act would require conspicuous notice and affirmative consent from the user before installation, mandate that the software be easily uninstalled, and prohibit the use of red herrings to trick users into giving consent.

The full name of the bill is Software Principles Yielding Better Levels of Consumer Knowledge Act. Senators Conrad Burns (R-Mont.), Ron Wyden (D-Ore.) and Barbara Boxer (D-Calif.) called spyware a privacy issue and said users should have the same expectation of privacy online as they do in their homes.

'Computer users must have some sort of defense against these sneaky programs hiding in the shadows of their machines,' Burns said.

The bill exempts software that is preloaded on a computer before it is bought, as long as the user is notified of it and is given the option of disabling or removing it before it is activated. It also exempts service providers and Web hosts that host the software for a third party.

But there is no exception in the bill for law enforcement software used to track a computer user's activities, sometimes used in so-called 'sneak and peek' searches authorized under the USA Patriot Act.

Spy Block enforcement would primarily be by the Federal Trade Commission as an unfair or deceptive trade practice. Enforcement by other federal regulators also would be allowed within their spheres of authority, and states would be allowed to initiate civil suits in federal court.

The bill has been referred to the Senate Commerce Committee.

Burns and Wyden also are authors of the Can-Spam Act, which went into effect in January to outlaw deceptive commercial e-mail. That law so far has had little impact on the habits of large-scale spammers, but four large service providers on Tuesday filed the first civil lawsuits under the law.

Earthlink Inc. of Atlanta; Microsoft Corp.; Yahoo Inc. of Santa Clara, Calif.; and America Online Inc. filed suits in California, Georgia, Virginia and Washington state against hundreds of marketers accused of hiding their identities in hundreds of millions of e-mail messages.

The lawsuits charge that the marketers falsified return addresses, used proxy computers to hide their origins and included misleading subject lines. The service providers are seeking unspecified damages and penalties.

Although the suits apparently are the first civil actions filed under the law, no federal criminal charges have been filed. FTC also is responsible for enforcing the law.

Burns and Wyden announced they have sent a letter to FTC chairman Timothy Muris, asking that the agency 'move promptly to prepare enforcement cases against high-volume kingpin spammers.'

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • open doors to cloud (Sergey Nivens/Shutterstock.com)

    New vendors join FedRAMP Connect

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group