Slashdot Mirror

← Back to Stories (view on slashdot.org)

Australian Gov't To Consider Spyware Laws

Posted by Hemos on from the about-time dept.

bernie writes "It seems the US is not the only country with spyware legislation in the works. According to this Computerworld article, a bill outlawing the 'harvesting without consent corporate or personal information via a Web site or with software applications for marketing purposes will be classified as 'spyware'' and is set to go before parliament later this year. In addition to making all 'spyware' opt-in the bill will cover 'malware' such as viruses, trojans, and worms. Interestingly, the article cites lack of 'international cooperation' as a barrier to effective enforcement of cyberlaws. Also included is a statement from the EFF that it 'would like to see a more serious effort made to use existing laws against unfair trade practices, misrepresentation, computer fraud and abuse, before new technology-specific laws are passed'."

15 of 76 comments (clear)

  1. To repeat: by swordboy · · Score: 5, Insightful

    Unless the Australian government has jurisdiction in foreign countries, this has the same affect as spam laws:

    The assholes just relocate to another country.

    --

    Life is the leading cause of death in America.
    1. Re:To repeat: by Techguy666 · · Score: 5, Insightful

      That doesn't mean that governments should just give up and not make these laws. Enough of these laws get passed around the world, those who intentionally wish to violate these laws will have no place to hide.

      After the laws are passed, even if a few second or third world countries allow spyware / spam creators to work in their countries, the countries with spyware/spam laws can form a "coalition of the willing" and blackhole violating countries altogether until they comply and pass similar laws. (Wow, even Bush can serve as an educational example.)

      Regardless of the politics of tossing entire countries into a blackhole filter, the point is that inaction allows spammers and spyware creators to breed.

    2. Re:To repeat: by eggoeater · · Score: 4, Insightful

      Yup. And the people who make this crap (like that stupid monkey tool bar...) will just change the EULA, that all my relatives just click through, giving them permission to harvest info and install more spyware without further notice.

      --
      $7.95/mo, 200 GB disk, 2TBxfer, MySQL, PHP, RoR.
    3. Re:To repeat: by L.+VeGas · · Score: 4, Insightful

      ..even if a few second or third world countries allow spyware / spam creators to work in their countries, the countries with spyware/spam laws can form a "coalition of the willing" and blackhole violating countries

      Hey, it worked to keep out drugs, didn't it?

      Oh, wait..

      --
      Best Windows Freeware
    4. Re:To repeat: by stanmann · · Score: 4, Insightful

      Difference is people want drugs... Drugs are fun... SPAM isn't.

      --
      Food not Bombs is a nice platitude but it breaks down when you notice that the Bombees are usually well fed
  2. Adaware by thedillybar · · Score: 4, Insightful
    Don't think this means you can do without Adaware or some other anti-spyware software. Worms and viruses have been illegal for a long, long time; you still wouldn't let any non-tech-savvy person near a computer without antivirus. It will be a long, long time (probably not in our lifetime) before we can do without anti-virus and anti-spyware stuff.

    If these bills cut the number in half I'd be pleased.

  3. How Does This Work by somethinghollow · · Score: 5, Insightful

    When it says "Click Yes to install if you agree with the EULA." and the user does, what is the problem? People install spyware themselves. It's (at least for the most part) an ID-10T error, not an exploit. Are these governments going to MAKE users read and understand EULAs before installing things? Aren't these people warned in the EULA before they install? Granted, I hate spyware as much as the next, but the worst I've had is DoubleClick cookies that AdAware says is spyware. I just click "No" by default now instead of "Ok" when the "install software" box pops up in IE (at work... never had the problem with Safari at home).

    1. Re:How Does This Work by mikera · · Score: 2, Insightful

      It's a pretty basic principle that in order to have a fair contract, a person must have a full understanding of what they are agreeing to. Free markets require informed consent on every transaction in order to work effectively.

      In general that's not the case. That's a fundamental flaw with EULAs - people simply don't read them.

      On top of that - people make mistakes. Perhaps just *once* you forget to tick the no spyware checkbox. Do you therefore deserve a permanently compromised machine?

      This all makes Spyware look like a deceptive trade practice in my book. Even if people do install it themselves, they've almost cetainly been duped into doing so.

  4. Milk and Cookies? by mratitude · · Score: 4, Insightful

    What is the legal liability within the WWW community of the standard for setting cookies and other session tracking techniques within this law? It's this relationship between web server and web client that leaves the door open for spyware.

    The intent of the law will be to establish the intent of the person using the browser rather than the intent of the web site organization who put up the url. But the web operator doesn't force anyone to click their link and the tools are available to prevent most spyware from loading across the link. Will the legal standing become nothing more than the equivalent of individual intent and unstated permissions?

    It'll be an interesting legal question as to where various digital rights boundaries start and stop.

    --


    Mod me troll, if you must, I can't help it.
  5. Re:Good! by jacksonyee · · Score: 4, Insightful
    Is it really necessary to run both? I've been fine with just Adaware for a while now.

    It's not absolutely necessary to run both, just as it's not absolutely necessary to run a virus scanner if you're relatively sure that your firewall will stop most of the viruses going into your network.

    However, having two separate programs with two separate databases increases the chance that one particular vermin might escape, since there are two levels of checks against it. What was the last program you used that did absolutely every single thing that you wanted it to do? For me, having two separate programs avoids vendor lock-in and encourages improvement. It's still not 100% secure - nothing is. However, it's a little bit more peace of mind when you go to clean your co-workers' computers off because Internet Explorer gave them more bugs than an open can of Mountain Dew in the summertime will attract.

  6. But will this REALLY stop spyware? by caffeineboy · · Score: 5, Insightful
    It seems to me that there are two major categories of spyware:
    • The kind that tries to be "legit" and actually tells the user (somewhere in the EULA) that it is installing. Claria/Gator is this type.
    • The kind that doesn't give a damn and installs through known IE exploits and weaknesses (Cool Web Search and Xupiter are like this)

    The problem that I can see is that type 1, even though it sucks and no sane person wants it on their computer if it were presented honestly, is probably already compliant with these laws because somewhere in the EULA it explains what it is doing. Never mind that even moderately intelligent people just click "OK" as soon as any dialog box pops up on their computer (my fiance still hits "OK" whenever she goes to an encrypted page since she doesn't take the time to read the box and click "don't show this dialog again").

    The problem with the second type is that they don't give a damn now and they're not going to give a damn. I can't belive that using exploits to install software is not already illegal somewhere, and many of these type of companies are already out of jurisdiction...

    To tell the truth, I can't think of a good way that we will get around this. We have to remove the motive - perhaps prosecuting the people that advertise this way?
    --
    +++ ATH0 +++
  7. Legislation=Trojan by Potor · · Score: 4, Insightful
    I bet legislation in this area will do nothing to ease the spyware problem, but instead will only act as a trojan increase governmental control of the web.

    I know: not a new idea, or particularly interesting. However, I do find it funny to see people applauding legistative solutions to problems on the internet, which is usually praised for being an anarchic forum.

  8. Re:Good! by frodo+from+middle+ea · · Score: 3, Insightful

    If the PC was that badly infected. Don't you think a better option would have to format the whole thing. Run some kind of boot sector virus scanner using some boot disk and reinstall every thing.

    --
    for the last time people, I am "frodo from middle eaRTH", not "middle eaST".
  9. Legislation is almost as scary by yintercept · · Score: 3, Insightful
    The more spyware/malware laws we get the better.

    I am staunchly opposed to spyware. I was disappointed with the article however. The article seemed to place dropping a cookie on the same level as using a Trojan to install a program that pop ups ads left and right.

    From the article:

    No program or cookie or any other form of tracking device is to be installed on any computer without the user of that computer being given clear information as to the purpose of the program or tracking device

    Come on! The easiest way to do session management is to drop a cookie. The article in question suddenly classifies the majority of interactive web sites (forums, online stores) as spyware because they drop cookies for session management. To have an online store, you have to be able to track the user as they place things in their shopping cart, then procede to checkout. To keep a shopping cart between sessions or to keep user information available for the next forum discussion...you drop cookies that extend beyond the session.

    Yes, there are privacy concerns with third party cookies from large entities like doubleclick and valueclick. These companies already have privacy statements, and have big legal departments and contribute to PACs to assure whatever they do is legal.

    Laws that get passed from ill informed groups like the one quoted in the article simply create hassles for legitimate firms trying to do legitimate business. It will not affect the large ad firms like doubleclick and valueclick. Nor will they have any affect on the people willing to work on the fringes of society.

    I am all for efforts to define and regulate adware. Such companies actually have code downloaded installed and running on people's computers. Unfortunately, I doubt legislatures will have the tech savvy to make such definitions. Especially in a world where privacy rights advocates are as befuddled by session management with cookies as they are with a trojan that includes code that tries punching holes through firewalls.

  10. Word 2 the wise: Back Up AV/Firewal Inst. Files.. by iamcf13 · · Score: 2, Insightful

    I suspect the Spammers / Crackers are DESPARATE enough now to see about compromising antivirus and firewall programs at the source via a crooked/disgruntled person at the company with access to the software and/or the source code to it (even 'better').

    You have been warned....