Australian Gov't To Consider Spyware Laws

bernie writes "It seems the US is not the only country with spyware legislation in the works. According to this Computerworld article, a bill outlawing the 'harvesting without consent corporate or personal information via a Web site or with software applications for marketing purposes will be classified as 'spyware'' and is set to go before parliament later this year. In addition to making all 'spyware' opt-in the bill will cover 'malware' such as viruses, trojans, and worms. Interestingly, the article cites lack of 'international cooperation' as a barrier to effective enforcement of cyberlaws. Also included is a statement from the EFF that it 'would like to see a more serious effort made to use existing laws against unfair trade practices, misrepresentation, computer fraud and abuse, before new technology-specific laws are passed'."

To repeat:

[swordboy]

Unless the Australian government has jurisdiction in foreign countries, this has the same affect as spam laws:

The assholes just relocate to another country.

Re:To repeat:

[Techguy666]

That doesn't mean that governments should just give up and not make these laws. Enough of these laws get passed around the world, those who intentionally wish to violate these laws will have no place to hide.

After the laws are passed, even if a few second or third world countries allow spyware / spam creators to work in their countries, the countries with spyware/spam laws can form a "coalition of the willing" and blackhole violating countries altogether until they comply and pass similar laws. (Wow, even Bush can serve as an educational example.)

Regardless of the politics of tossing entire countries into a blackhole filter, the point is that inaction allows spammers and spyware creators to breed.

How Does This Work

[somethinghollow]

When it says "Click Yes to install if you agree with the EULA." and the user does, what is the problem? People install spyware themselves. It's (at least for the most part) an ID-10T error, not an exploit. Are these governments going to MAKE users read and understand EULAs before installing things? Aren't these people warned in the EULA before they install? Granted, I hate spyware as much as the next, but the worst I've had is DoubleClick cookies that AdAware says is spyware. I just click "No" by default now instead of "Ok" when the "install software" box pops up in IE (at work... never had the problem with Safari at home).

But will this REALLY stop spyware?

[caffeineboy]

It seems to me that there are two major categories of spyware:

• The kind that tries to be "legit" and actually tells the user (somewhere in the EULA) that it is installing. Claria/Gator is this type.
  
• The kind that doesn't give a damn and installs through known IE exploits and weaknesses (Cool Web Search and Xupiter are like this)
  

The problem that I can see is that type 1, even though it sucks and no sane person wants it on their computer if it were presented honestly, is probably already compliant with these laws because somewhere in the EULA it explains what it is doing. Never mind that even moderately intelligent people just click "OK" as soon as any dialog box pops up on their computer (my fiance still hits "OK" whenever she goes to an encrypted page since she doesn't take the time to read the box and click "don't show this dialog again").

The problem with the second type is that they don't give a damn now and they're not going to give a damn. I can't belive that using exploits to install software is not already illegal somewhere, and many of these type of companies are already out of jurisdiction...

To tell the truth, I can't think of a good way that we will get around this. We have to remove the motive - perhaps prosecuting the people that advertise this way?