Slashdot Mirror

← Back to Stories (view on slashdot.org)

Iowa Senate Proposes Making Spyware A Crime

Posted by timothy on from the an-official-crime-that-is dept.

Cooked Chicken writes "Iowa State Senator Keith Kreiman (D) is proposing Senate File 2200, an act making the distribution of Spyware without notice an aggravated misdemeanor, punishable by confinement for no more than two years and a fine of at least $500 but not more than $5,000. The proposed bill also provides victims and county attorneys with the ability to file a civil cause of action for relief from conduct constituting the crime of unauthorized collection and disclosure of personal information by computer."

4 of 26 comments (clear)

  1. I'm all for it. by HotNeedleOfInquiry · · Score: 5, Insightful

    It's illegal to personally use someone's machine without their consent. It doesn't take a huge jump of logic to see that launching a program to use their machine without their consent should be illegal as well.

    --
    "Eve of Destruction", it's not just for old hippies anymore...
  2. Penalties by Bad+Boy+Marty · · Score: 5, Insightful

    In my humble opinion, those penalties are only remotely strict enough if they are assessed per instance installed. Otherwise, even the maximum fine of $5000 is a drop in the bucket for most adware/spyware perpetrators.

    --
    RHCE; are you certified? Karma: ambiguous.
  3. I am skeptical by MobyDisk · · Score: 5, Interesting

    This is a step in the right direction. We need this type of legislation ASAP. However, I should point out:

    This bill establishes a criminal offense of unauthorized collection and disclosure

    The problem is that much spyware explicitly tells the user what it is going to do: in the EULA. But how many users read the EULAs? How many people understand them? As a computer repairman for lots of moms, granny's, and kids, I can tell you that these people won't read the licenses even if I explain to them the importance.

    the crime...by making available or providing access to computer software or an interactive computer service that collects identifying personal information and discloses such identifying personal information to persons other than the user without first giving the user notice.

    Some interesting stuff

    • It's legal if you disclose it in the EULA
    • Making the software available is the crime: So hosting providers better watch out.
    • Malware and adware are still okay
    • "anonymous" usage info is still okay.

    We privacy freaks now understand that "anonymous" usage information tied to "unidentifyable" facts like my sex, birthdate, and zip-code are sufficient to identify me when partnered with other databases.

  4. Is it solving the underlying problem of spyware? by Sangloth · · Score: 5, Insightful

    To paraphrase, the bill defines spyware as programs that send "Identifying personal information" without user knowledge or consent. It has a list of obvious exceptions, what's left is spyware.

    a. "Identifying personal information" means ...
    the following:
    (1) Name.
    (2) Address, including the street name or name of city or town.
    (5) Social security number.
    (8) Any other information identifying an individual.
    (I cut some stuff out, but you get the idea.)

    Do we hate spyware because it sends out this kind of information, or do we hate it because it runs in the background, shows pop-ups, and makes the computer unstable?
    I don't have a problem with the bill, but I don't think it target's the underlying problem of nearly self-installing crap-ware.

    btw, my computer's always 100% spyware free, it's my parents' computer that's beyond redemption.

    Sangloth
    I'd appreciate any comment with a logical basis...it doesn't even have to agree with me.