Top Web Businesses Oppose Utah Spyware Law

theodp writes "According to MediaPost.com: 'Some of the Web's leading content and technology providers have taken action to lobby against Utah's controversial Spyware Control Act, which is awaiting the governor's signature. Web publishers and businesses including AOL, Amazon, Cnet, eBay, Google, Microsoft, and Yahoo! signed a letter to the bill's sponsors arguing that the bill could create serious repercussions for the entire online community. The parties to the letter warned that the bill could interfere with computer security and would also impair the delivery of local, targeted ads'."

I don't think it's a big deal.

[Dr+Reducto]

I dont see a problem:

Under the bill, any software that reports its users' online actions, sends personal data to other companies, or serves pop-up ads without permission is prohibited.

How hard is it to get permission? All you have to say is: "Do you want to be informed of the best deals in your area?", and %90 of people will say: "Sign me up!". Im sure it will be easy to get around this law if a company wants to. And given the profit motive, why wouldn't they?

Re:I don't think it's a big deal.

[pvt_medic]

dont most of these people already do this, they just bunch it somewhere in the ULA and just about everyone clicks ok.

Re:I don't think it's a big deal.

[xkenny13]

%90 of people will say: "Sign me up!"

Actually, it will probably be more like SPAM is today: "You gave permission to one of our 3rd party affiliates to receive this great offer (blah blah blah)".

Will a permission clause really make that big of a difference?

Re:I don't think it's a big deal.

[janbjurstrom]

Without having RTFA (yeah, shocking, isn't it), I'd say /big/ business will fight anything they feel would be the slightest inconvenience to their business-as-usual focus on p.r.o.f.i.t.

"What?! Testing DDT before spraying it EVERYWHERE? What don't you understand: No bugs!! You friggin commie business playa-hata."

"Waddyamean cigarettes might be bad for pregnant women?? What? No, of course we don't need to test it - it's silky-smoooth isn't it?"

"Union? You're fired! Unite that, buster!"

"Our cars burst in flames, you say? For no apparent reason, huh? Well ...how 'bout that.. look, cows!"

Re:I don't think it's a big deal.

[myowntrueself]

Aquateen Hunger Force 'Interfection' episode.

Wwwyzzardd: "You have been signed up to recieve free emails about other emails."

'And the surgery to have the implant inserted in the base of your skull is almost painless'

Politicians and technology, again.

[The+I+Shing]

-- Sigh --

Is this yet another example of technologically illiterate politicians eagerly passing bills without bothering to find out what the law is going to do?

At first, I read the post and thought, why are all these businesses opposed to this law? It must be a good law if a lot of big corporations don't like it.

But after reading the article, I think that the legislators' efforts went off half-cocked, and they let one company write the bill to suit themselves.

I wonder why these big companies waited until after the bill passed to begin lobbying. If the governor signs the bill, isn't it going to be a lot harder to get rid of it?

I'm in favor of laws limiting spyware and adware, but I think it's important to get it right the first time. If the FTC doesn't even have a definition for spyware, it's back to the drawing board.

Re:Politicians and technology, again.

[BrynM]

I wonder why these big companies waited until after the bill passed to begin lobbying. If the governor signs the bill, isn't it going to be a lot harder to get rid of it?

The article mentioned that this thing literally sped through the legislature. The companies had to gather enough resistance to seem coherent and by the time they did, the bill passed. In today's climate of "See I help the little people" politics, this doesn't surprise me at all. Look at how quickly other "comsumer" or "security" bills have been slam dunked in US government. Modern politicians are deperate to seem like they are doing something that the common man and woman can grasp. Whether that something is the right something to do probably doesn't even enter the equasion. The more percieved "good" that a politician can do, the more room he/she has to do what they want and still get re-elected.

Re:Politicians and technology, again.

[bludstone]

"they let one company write the bill to suit themselves."

People dont realize how epidemic this is in American politics. The politicians often don't even write the laws, they _literally_ allow companies to write the laws, and simply sign what they are given into law.

It even got to the point where laws are copyrighted, and one had to pay hundreds of dollars simply for a copy of the law. Someone posted a copy of the law online and was met with copyright complaints.

see here. http://caselaw.lp.findlaw.com/scripts/getcase.pl?n avby=search&case=/data2/circs/5th/9940632cv0.h tml

of course, they eventually found in Veeck's favor, http://www.ca5.uscourts.gov/opinions/pub/99/99-406 32-cv2.htm but it still must be noted.

heres a slashdot article on it:
http://slashdot.org/yro/01/05/13/1921223.shtm l

I could also post a flurry of links regarding American fore-father's worries about the growing strength of "company" and to watch out for its influence on the government, but that would be preaching to the choir.

Re:Politicians and technology, again.

[Buran]

Your link is incorrect. The case is here.

"For the reasons discussed above, we REVERSE the district court's judgment against Peter Veeck, and REMAND with instructions to dismiss SBCCI's claims."

Smoke & Mirrors

[grub]

For example, the parties to the letter warned that the bill could interfere with computer security by preventing information technology and security companies from collecting data to analyze and prevent virus attacks, and would also impair the delivery of local, targeted ads.

If they are that concerned about security they could have AV companies include a [X] "Report viruses to Foo.com AV Central" option to eliminate that minor complaint and be compliant with the new law. As for targetted ads.. well, that's what they're really concerned about. It's a multi-million (billion?) dollar industry. Screaming about how bad the bill is for security is just a smoke and mirrors game.

I only hope that the spyware people don't go after the AdAware or Spybot Search & Destroy folks under the guise of the DMCA.

The way things today are going though..

Re:Smoke & Mirrors

[MushMouth]

The Problem with AdAware and the like is that they do not actually block programs/controls by their own published guidelines. They also do not respond at all to any sort of dialog to inquire why they choose to block the programs that they do, yet not other toolbars which have the exact same functionality, privacy statements, uninstaller, and installer.

Hmm...

I doubt anyone is surprised by Microsoft's, AOL's, etc, complaints, but Google and the like? That seems a bit odd.

Do they believe that later legislation will "restrict" even more things that affect their buisness, or do they sponsor spyware?

If you think that...

[BgJonson79]

your "targeted ads" are going to be discarded because someone thinks they're spyware, maybe the ads should be re-thought?

definition of Spyware

[ssand]

While this could potentially be welcoming, I fail to see it actually enforcable. With many programs that contain spyware, you agree to their terms of services which more than likely includes that 1. they may redirect you. 2. You allow them to update/install what they want ... and so forth. Further more there are programs that may not be spyware, but are milicious, and problematic for users (like RealOne).

Re:definition of Spyware

[DR+SoB]

What are you talking about? I mean, I don't get spam anymore since the gov't stepped in, so why would this fail?

local, targeted ads?

[Gr33nNight]

..local, targeted ads..

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

Re:local, targeted ads?

[mopslik]

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

What about those folks that live in Dildo, Newfoundland?

Never mind the fact that it's located right next to Spread Eagle...

Re:local, targeted ads?

[prockcore]

So, since I live in Wisconsin, I should be seeing tons of ads for cheese and beer..?

No, you should be seeing travel brochures.

Yes, well...

[Tuxedo+Jack]

That's why those of us who give a damn do this:

- Refuse most cookies
- Block malicious servers with HOSTS files
- Mozilla (Block Images from Selected Server)
- Spybot/Ad-Aware (If in Windows)

Althought admittedly, this phrase is interesting:

"Under the bill, any software that reports its users' online actions, sends personal data to other companies, or serves pop-up ads without permission is prohibited. It does contain certain exceptions that some industry analysts have deemed "self-contradictory," such as "cookies" used for personalizing Web pages, and ads served by HTML or JavaScript."

That completely outlaws a crapwad of software there.

However, as a lot of spyware is non-U.S. in origin, it won't curb all of it.

So broad, anti-adware and kid-proofing is spyware!

[LostCluster]

Yep... this is an interesting problem. The bill says (1) A person may not:...
(c) use a context based triggering mechanism to display an advertisement that partially or wholly covers or obscures paid avertising or other content on an Internet website in a way that interferes with a user's ability to view the Internet website.

That could be read to say program that removes any part of the website from the user's view and replaces it with either something else or even plain nothingness is prohibited. So many non-spyware user-friendly uses of technology could get caught in the crossfire...

Kiss your Internet companies goodbye...

[LostCluster]

This is a nice try by a well intentioned legislator, but a state law will have very little effect on the operations of Internet companies not operating from their state. Let's face it, the United States has trouble geting its laws to regulate offshore casinos and offshore-based music download services.

If you don't like the laws of the jurisdiction you're setting up an Internet company, it's far too easy to set up shop in a more friendly jurisdiction. With this law being clearly written by somebody who isn't bothering to carve out a nice safe territory for targeted ads, Utah will basically lose any bit of the Internet content industry it has left to other states.

Utah has done this before

[John+Harrison]

Trying to be leading edge a digital signature law was passed that was basically written by a company that had started up doing what? Digital signatures! Oddly this company was spun off of the bank that the speaker of the house (Marty Stephens) works for.

At least thats how I remember it.

Re:Utah has done this before

[helix400]

This is pretty much how it works. I was listening to the Utah House Legistlative session online (listening for the UTOPIA bill) when I first heard about this anti-spyware bill. I can confirm that many bills are written and submitted by companies with the sole intention of trying to protect their interests and block out competition.

The problem is, there were hundreds of bills that needed to be debated, and so each individual bill gets little debate time. When a technology bill comes up, the attitude they all have is "Well...I really don't know what it means. However, I have to vote on it. If nobody else raises any serious objections, I'll assume its a good bill." This bill didn't have any serious objections, and so it was quickly passed.

On a side note, the anti-UTOPIA bill was written almost solely by Qwest to kill the fiber optic plan. The bill survived the first few legal hurdles before some representatives started to actively question the bill and how it was designed by Qwest solely to kill competition. Then representatives drastically amended the bill for the better.

Oh boo hoo, cry me a river.

[Orion+Blastar]

I do not want to install their malware, nor should I think it should be legal to trick the user to install it either. If the users knew what kind of program it was, they would not install it. But it has to be hidden behind OS updates, Media Players, shareware, helper programs, toolbars, and other things.

Find another way to make money, I am not buying their defense of Spyware/Adware one bit.

My Favorite Part!!

[mustangsal66]

(b) recover the greater of:
(i) actual damages; or
(ii) $10,000 for each separate violation of this chapter.
(3) In an action under Subsection (1), a court may:
(a) increase the damages up to three times the damages allowed by Subsection (2) if the court finds the defendant willfully or knowingly violated this chapter; and
(b) award costs and reasonable attorney fees to a prevailing party.

---
1: Download adware
2: Sue
3: Profit!!!!
---
Bahama vacation here I come!

Let me control my own computer!

[blcamp]

Criminey Sakes already!

* It's my computer, bought and paid for.
* It's my software, bought and paid for (and/or acquired free, legally).
* It's my bandwidth, bought and paid for (on a monthly basis).

Let me decide what to do with it.

If I want to load up my HD with bloatware, spyware, malware or whatever, as long as it harms no one else... who the hell cares?

If, on the other hand, I want to run my system cleanly, block out all malware sources with a HOSTS file, install anti-spyware and anti-virus software and do whatever else I see fit... again... who the hell cares?

It's my choice to run my computer and my software to twiddle my own bits as I damn well see fit.

If the government doesn't know anything about what the hell it is regulating, it out to stay the hell out of trying to do anything with it.

You're not paying attention.

[Moryath]

See, the problem is, Spyware jerks (like Gator) always CLAIM that what they are delivering is (a) with permission, (b) wanted, and (c) delivering some sort of benefit to the consumer.

And it takes a hell of a lot to debunk that.

The BIG one is to get shitholes like Gator to stop using "trickler" apps that reinstall the program if the user tries to remove it.

Re:You're not paying attention.

[s13g3]

Uhm, I dunno about you, but it would take absolutely no effort on my part whatsoever to debunk the above claims. Period, paragraph, end-of-story, I do not want advertising, advertising software, tracking software, special deals/offers, targeted marketing, tracking cookies, malware, spyware or anything other than the app I specifically downloaded or the web-page I specifically viewed. I don't give a d4mn if MS or Yahoo! (whose mail service I use) thinks this has security implications for them, as that's total BS of the pointy-haired boss variety.

If I went to gator.com (or whatever their website is) and downloaded their marketing software, that would be one thing. But I haven't, and never will. My guess is 98% of people wouldn't either. I don't want to be plagued by their crap. If I wanted to be some kind of running marketing/advertising survey participant, there are places I could go to do that (e.g. NPDOR.com) As it is, I don't even plug my satellite IRD or cable receiver (yes, I have both) into the phone line b/c I don't want them reporting my viewing statistics. I am not a guinea-pig for Nielsen, and neither is my PC.

So yah, fsck MS and Yahoo! and the rest. Destroy all spy/mal-ware and tar-ball and feather the spammers! I shouldn't have to run software on my PC to find out if some asshole webmaster or programmer is hunting for my name/email/home address/surfing habits, etc. Spyware, malware and the like are just overblown viruses (and just as malicious in many cases), and should be treated by the authorities as such. If Y! can and wants to denote my viewing habits within their site, that's fine. I subscribe to their service and use their hardware. If I click on an ad link (I won't), they can track that without ever installing software or cookies on my PC. Sure, that takes some horespower from their servers and space in their DBase, but I don't recall signing up for a Y! "Help us cut costs" distributed computing project. If I should provide my real name, address, or zip code to Yahoo! (I haven't, and won't) and they say they reserve the right to use that info, that's also ok, assuming I'm made immediately aware of this in very plain text at the top of the EULA. I even fed them a nearby zip code... I don't mind that there's an ad on my email page; That's how they make their money. I still won't click-thru, but they get paid by the impression, so if they want to send me ads local to Atlanta, that's ok, just so long as they

• keep their grubby paws out of my box!

The Internet may be the next big advertising medium (it's gotta pay for itself somehow), BUT MY PC IS NOT!

Final thought for close. It is permissible for neighborhoods and office parks, etc., to put up signs saying "No Soliciting". This means that you can't just walk onto mine or someone else's private property and harass them to buy something. People have been shot for less. There is a sign outside of my neighborhood that says "No Soliciting". Boy/Girl Scouts are ok in my book. Jehovah's Witnesses and Insurance salesmen offend me, and I don't want them at my door bugging me. The law gives me the recourse, when properly posted, to have these people fined or in some cases arrested. Used to be bulk mailin my Snail-Mail box. That was bad enough but went away with the internet (USPS must miss those days). SPAM in my email box is just as bad. But installing software/cookies without my consent (something no one will *EVER* get legitimately) is no different than a salesman violating my personal privacy and property to come into my home and pitch me stuff I don't want. I almost never watch TV. Never mind the lack of content on the tube ('cept for Stargate, Enterprise CNN/FNN, and Discovery Wings), the advertising is obnoxious... Can't even legally get a filter to tone down the volume of commericals. But I do suscribe for that content. Thank any and all G-d's that ISP's don't operate th

Biased Article

[Percy_Blakeney]

I hope that nobody is using this article as a base for their opinion of this bill. That had to be one of the most biased articles I've read lately. Here's just a few of the problems:

• Googe, Yahoo, cNet, and eBay are involved, but the writer never directly quotes them, favoring to paraphrase their letter.
• There are no opposition quotes.
• The only quoted source is Avi Naider, who is the CEO of an adware company that is hurt by the bill.
• MediaDailyNews is not an unbiased source; it is in their best interest to see this bill fail.

I'm not sure whether this is supposed to be actual "news" or just a PR release. I know nothing about the actual bill, but this article definitely did not help me understand it. Why is Slashdot covering such a biased piece?

You don't have to be braindead to get elected...

[mcmonkey]

But apparently it helps.

Is this yet another example of technologically illiterate politicians eagerly passing bills without bothering to find out what the law is going to do?

H2O mixup creates scare

ALISO VIEJO, Calif. (AP) -- City officials were so concerned about the potentially dangerous properties of dihydrogen monoxide that they considered banning foam cups after they learned the chemical was used in their production.

Then they learned, to their chagrin, that dihydrogen monoxide -- H2O for short -- is the scientific term for water.

"It's embarrassing," said City Manager David J. Norman. "We had a paralegal who did bad research."

I don't fault folks for not knowing what dihydrogen monoxide is, but for charging ahead, guns blazing, completely unburdened by the thought process. Sounds like presidential material to me.

The real issue...

[SmurfButcher+Bob]

... is curtilage.

Nothing about "privacy", it's more simple than that. It all comes down to who owns the machine... who is accountable for what it does, and who has authority of what it does.

Spyware is all about authority, without accountability. Period.

In real life, though you cannot have one without the other. Consider the typical business, or household setup - you have...

a) A hardware device, and Dad (or the sysadmin) owns it. He's the one the feds will arrest, first, when his IP address is linked to a pile of kiddy porn.

b) Software licenses, owned by the licensee. Note that this person is *not* usually the same dude as the hardware owner... consider co-locations, or consider the game that Mom bought, to put on Dad's machine, for little 5 year old Billy to play.

c) Users. These are the people who actually use the software, in concert with the hardware. Note that they own neither.

You can see how authority, and especially accountability, come into play. Little Billy has no accountability, therefore he cannot have any authority. Giving him authority means he can bind Dad into any license agreements that come down the pike; despite that Dad may have explicitly forbidden such agreements.

Likewise, Mom only has authority over the software license. She has no implicit rights to any of the hardware... she cannot loan it to a friend, sell it, lease clock time, or whatever. She can do whatever the hell she wants with the license, however, because it's hers... which includes letting Billy take one of her seats. Billy cannot reassign the seat she's given him, however, unless she agrees. After all, come License Violation Time, it'll be enforced against HER, not Billy.

Same goes for the hardware - when all is said and done, Dad (or whoever owns the hardware) is going to be implicated.

The perfect world respects this setup. In fact, it adds another layer - the Network Guy.

The Network Guy owns all the cables, switches, routers that connect the machines to whatever. In the perfect world, he hates everyone... bandwidth is precious, and every packet is metered and paid for in blood. He has the right, since HE OWNS IT, to demand only certain types of traffic occur, and he has the right to demand that noone may deviate from his plan.

The hardware owner pays the blood to the network guy, and he hates him for it. He also hates the software licencees - they're forever encumbering his machines, and he doesn't do it lightly. In fact, he demands (since HE OWNS THEM) that noone has any right to install anything, nor bind him to nor involve his hardware with any EULAs or whatever, period. CPU and drive assets are precious commodities, and those machines exist exactly to fulfill HIS purpose, and noone else's. He also hates the network guy, since the network guy is forever allowing packets to bounce off his NIC - which the machine reacts to, and causes an unauthorized change in state in the machine. The network guy has no right to cause such changes, unless the hardware owner has specifically agreed that those types of changes are allowed. The hardware guy is only allowed to cause specific changes in state of specific pieces of the network, and the networ guy is only allowed to cause specific changes in state of specific hardware devices.

The software licensee is hated by all, and hates them all back. This person has no home, and has no implicit rights to anything other than, exactly, delegation of the licensed seat(s). This person is free to agree to whatever EULAs, terms restrictions, mortgage payments, or other encumberances... all day long, it matters not. However, they have no right to any of the hardware, nor any of the network - both of those resources must be negotiated for, separately. Both the hardware owner and the network guy will refuse to be bound by any terms in the license, since they have no interest in it, and both refuse to delegate any of their authority to the licensee. After all, she's a Typhoid Mary.

F