Slashdot Mirror

← Back to Stories (view on slashdot.org)

Anti-Spyware Bill up for Vote in Congress

Posted by samzenpus on from the but-I-love-ads dept.

paul_friedman writes "According to Reuters - The U.S. House of Representatives will vote as soon as next week on a measure to crack down on deceptive "spyware" that hides in users' computers and secretly monitors their activities."

41 of 176 comments (clear)

  1. Won't this legalize Spyware? by erick99 · · Score: 5, Insightful
    The bill approved by Barton's committee would require software makers to notify people before loading new programs on their machines that can collect information about them. Violators could face millions of dollars in fines.

    A lot of these programs do tell you that they are going to load Gator or some other piece of sh*tware. However, it is buried in the middle of the EULA which most people "pagedown" through rather than read 10 or 15 screens of fine type legalese. I do read them or at least scan them for the part about giving me even more

    "free productivity"

    software. This legislation like the spam legislation (CanSpam), will simply embolden those who have been hesitant. Now that they can legally load your system up with spyware as long as tell you somewhere, no matter how hard it would be to actually find it, they will do so. I just wonder what these politicians are smoking when they come up with these "solutions."

    -erick

    --
    http://www.busyweather.com/
    1. Re:Won't this legalize Spyware? by Carnildo · · Score: 4, Insightful

      The anti-spyware bill is to spyware as the CAN-SPAM act is to spam.

      In short, it's a bunch of feel-good legislation that legalizes a few shady practices, and add further laws against others. Nobody will bother to enforce it, and in a few years, it will have been forgotten.

      --
      "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
    2. Re:Won't this legalize Spyware? by MindStalker · · Score: 4, Informative

      I think the most important part of this is that it also requires the software to be easily uninstallable. Something that isn't true today. This is the main point that I believe needs to be inforced, as its hard to exactly give a definition of spyware. But any software that installs permanently onto your computer (java apps and such don't nessearly apply) needs to have a simple uninstall.

    3. Re:Won't this legalize Spyware? by MindStalker · · Score: 3, Informative

      Actually I take that back, that is the senate bill. Which is much more comprehinsive. It appears that the house bill is very simple and just disallows installing without notice.

    4. Re:Won't this legalize Spyware? by techno-vampire · · Score: 3, Insightful

      Getting rid of spyware will take time, and may not be possible. Just being able to nail the worst offenders, those that install without notice or any reasonable way to remove, is a start.

      --
      Good, inexpensive web hosting
    5. Re:Won't this legalize Spyware? by gr8_phk · · Score: 4, Insightful
      "It appears that the house bill is very simple and just disallows installing without notice."

      Installing software on someones computer without notice is already a crime - especially if the installed software sends data back to the party who installed it. People go to prison for that type of thing, but apparently it's different if a corporation hacks an individual instead of the other way around.

  2. diebold.. by DraKKon · · Score: 4, Insightful

    I would be prudent to put spyware in diebold's voting machines though.,.

    --
    "It's not like your minds are as open as the source you love..." - Me to the majority of Slashdot.
  3. Oh whatever by screwedcork · · Score: 5, Insightful

    As if the people who write spyware care about the law and doing what's right

  4. Yeah,Sure by rainman_bc · · Score: 5, Insightful

    It's probably going to be as effective as the CANSPAM act.

    How are they going to nail people in Russia and China?

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  5. Poor guys by bigberk · · Score: 4, Interesting

    What will the honest folk at claria (a.k.a. gator), "A Leader in On Line Behavioral Marketing", The do about this?

    1. Re:Poor guys by Obliterous · · Score: 4, Insightful

      Not a damned thing...

      they do tell you that their stuff is being installed. it's in the EULA for whatever program you actually wanted to install, that it hitchiked in with...

      Word to the wise: if there is more than one EULA, then there's probably spyware. if there's only one, read the bloody thing...

  6. politicians and technology do not mix by loose+electron · · Score: 5, Insightful

    More useless laws that can not be enforced.

    Just like attempts to make P2P filesharing illegal, it will be virtually impossible to regulate or control.

    --
    www.effectiveelectrons.com "chips that work" Analog, RF, Mixed Signal
  7. Sweet.... by bizpile · · Score: 3, Insightful

    Nice, more unenforceable legislation. Go Congress!

  8. No doubt... by Anonymous Coward · · Score: 5, Funny

    Corporations contributing to congressional campaigns are exempt, of course.

  9. Isn't this already illegal? by halivar · · Score: 5, Insightful

    Isn't this already illegal? Lately I'm afraid of legislation banning things that are already illegal. Take the DMCA, for instance; copyright violations were already punishable, but all of a sudden a whole slough of other things are, too.

    I say, let's strengthen our ability to enforce laws we already have on fraud and invasion of privacy. It seems new laws, making more things illegal will simply become another "gotcha" for folks using legitimate software.

  10. NO! by BHearsum · · Score: 4, Funny

    80% of what I do at work is cleaning spyware. I would be out of a job if it stopped existing.

    1. Re:NO! by LiquidCoooled · · Score: 5, Funny

      You know times are hard when your own family outsources your technical assistance.

      --
      liqbase :: faster than paper
    2. Re:NO! by Pig+Hogger · · Score: 5, Insightful
      80% of what I do at work is cleaning spyware. I would be out of a job if it stopped existing.
      Then, you are a part of the problem. Vested interests that benefit from the status quo.
  11. Nothing can be done by economan · · Score: 4, Insightful

    There is really nothing that can be done. It is called social engineering. The end user does let them into the computer, not by choice, just by staight ignorance. This is just another set of laws that will mean nothing.

    1. Re:Nothing can be done by frankthechicken · · Score: 5, Interesting

      Exactly the number of people who want to have weatherbug on their PC, the number of people who purposely download and install Claria products is ridiculous.

      People want these things because it gives them cool things, they don't care what happens in the background.

      I personally equate it to smoking, without the risks of using the product being fully known about or appreciated.

      Perhaps the preventative measures taken against such adware products should be similar to smoking. Large, prominent notices being required, detailing the risks of using the software, perhaps higher taxes on companies deemed to be adware firms.

      Unfortunately the ability to label such problematic software is, well, problematic.

  12. Finally! by Jaycatt · · Score: 5, Interesting
    I was just doing a training for my coworkers about what spyware is/does. No one had ever heard of it, and didn't know they should be scanning their PCs. I remember telling them that I hoped it would be the next "big thing" they'd start passing laws about (like they did with viruses and spam). Glad to see that hope may come true!

    It'd really be nice to see this issue talked about in the more mainstream press, so that it gets a negative following like spam has. Might not solve it, but at least people will know it exists.

    --
    "Shared pain is lessened; shared joy is increased. Thus we refute entropy" - Spider Robinson
    1. Re:Finally! by savagedome · · Score: 4, Insightful

      Might not solve it, but at least people will know it exists.

      And there probably lies the difference between 'average person' and 'average /.er'. What is spyware for you and I might not even be spyware for them. There are people who willing install Bonzi Buddy on their systems because its cute but I would not touch it with a ten feet pole.

      And if these legislators were even half serious, their act should have included not the installation but the 'uninstallation' part. A lot of programs/utilities/helpers capture sensitive information (Google Toolbar anyone?) but the difference lies in getting the crap out of somebody's machine. Anybody who ever had to use HijackThis to figure out the fscking process eating up your machine knows what I am talking about.

      Till then, just another stupid law and the life continues as always.

      --


      Free XBox, PS2
    2. Re:Finally! by Anonymous Coward · · Score: 3, Informative
      HijackThis is a great tool for totally destroying a computer. In the hands of someone who knows what to do, it's useful.

      In the hands of the typical "click every 'OK' on every popup that appears", it will delete just about everything in their registry.

      Let them use spybot or ad-aware, at least there if they click and delete everything it finds it won't leave them with an unbootable machine.

    3. Re:Finally! by JohnnyNoSPAM · · Score: 3, Informative

      This in and of itself will not be the end of spyware. However, I believe that this is a starting point from which we can eventually build a system of enforcement which will hunt for spyware and prosecute people who develop and/or utilize it.

      Still, good Internet practices are a good starting point for the rest of us can implement now. This entails doing some research in addition to some common sense. Tools such as Spybot S&D and Ad-Aware are excellent in addition to being freely available and for real. There are a slew of other software claiming to be able to remove spyware when in fact they are spyware themselves! (anyone ever see the web banner ads, "Your computer may be infected with spyware..."?) Believe it or not, Microsoft actually has some good starting information for users of the Windows OS who are interested in what spyware is and how they may take some steps to protect themselves. http://www.microsoft.com/athome/security/spyware/d evioussoftware.mspx

      I recommend that users research as much as they can about what spyware is, the damage that it can do your your computer,your network, and your personal information. From there, one can learn some simple steps to avoid it. My personal recommendation is that if you are looking software, consider open source solutions. SourceForge is a great resource http://sourceforge.net/ Being that the code is openly available, open source is naturally not a desirable form of software for those who wish to do you harm. This does not mean that it is completely impervious to malicious coders, but at least you know that others will be able to see the code and blow the whistle upon the detection of any such inclusion.

      --
      Get some.
  13. Hmm... by queenofthe1ring · · Score: 5, Interesting
    It will be combined with another bill, passed by the Judiciary Committee (news - web sites), that would establish criminal penalties for those who use spyware to commit identity theft or other crimes.

    So now it's going to be a crime to commit a crime?

    --

    ~*~ ~*~ ~*~

    yes, girls read /. too...

  14. What the Gov't NEEDS to do by TheUnFounded · · Score: 4, Insightful

    What really needs to be done: have the gov't put in place a formal pricipal that states THIS. Maybe then they'd actually accomplish something.

  15. Sorry but by needacoolnickname · · Score: 5, Insightful

    I think governments really have more important things to think about than spyware and spam - oh, I don't know... wars, the economy, health care, education, ways to spend the money they make off the tobacco industry for everything possible except for the health issues they are saying they nede the money to pay for...

    If someone installs spyware it is their fault. Nothing is free on a Windows machine. Take some personal responsibility for jebus sake.

    Here's a question. Why are all the spyware programs written for Windows rather than Mac or Linux. There are perfectly good freeware programs for the other OSs and they aren't laden with the crap?

    1. Re:Sorry but by __int64 · · Score: 3, Insightful
      "Why are all the spyware programs written for Windows rather than Mac or Linux."

      B/c first these things work by volume, windows has a farlarger userbase to attack than any of the others. Second, there are alot more, less knowledgeable users on windows than on other platforms. So statistically its far easyer to doop them into installing your garbageware than users of other systems.

  16. Wouldn't it make more sense... by Sentry21 · · Score: 5, Interesting

    Maybe it's just me, but wouldn't it make more sense to create an agency (in the manner of the FCC or CRTC) with the mandate to regulate these types of activities? That one agency, given the ability to pass regulations as the FCC has, would be able to regulate things like SPAM, Spyware, and other interests (viruses perhaps?). They could impose fines for companies that write programs to do this kind of work, publish lists of software banned under the regulations, and so forth.

    Just like the acts that created the CRTC and the FCC, it would be a simple matter for Congress to say 'there is a problem, you guys handle it', rather than having to learn the full issue every time something needs to be done.

    --Dan

  17. yes by killua · · Score: 3, Insightful

    Being the honest, law abiding, trustworthy corps these spyware companies are. I'm sure they will comply! Expecially when the law in question will be virtually uninforcable. We can trust them! Really!

  18. Not that good of a law... by chrispyman · · Score: 3, Insightful

    As many others have pointed out, this will probably be as effective as a law as CAN-SPAM was. What they really need to do is to make it illegal for companies to profit from the selling of the data that these spyware/adware programs collect.

    1. Re:Not that good of a law... by pilgrim23 · · Score: 4, Insightful

      When law is not the answer, yet law is passed to address it. the law, and all laws, looses respect.

      --
      - Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
  19. Hurrah! Congress is on the case! by Anonymous Coward · · Score: 5, Funny

    If you'll excuse me, I have to go upstairs and uninstall SpybotSD and Ad-Aware from my Windows box!

    This is just like when they made spam illegal. Oh, the joy I felt when I removed all the anti-spam measures from my server-- my heart was truly singing!

  20. Re:What I don't understand.... by TykeClone · · Score: 3, Insightful

    They don't care about controlling problems - they just want to look like they're doing something about an issue.

    --
    A fine is a tax you pay for doing wrong and a tax is a fine you pay for doing all right.
  21. How about a bill... by mabu · · Score: 3, Insightful

    that guarantees X amount of money to be put into enforcement/education efforts against existing cybercrime?

    We don't need any more laws. We need law enforcement of existing laws. The current anti-computer tampering laws are effective in most cases.

  22. NO! by AvantLegion · · Score: 4, Funny
    If you outlaw spyware, only outlaws will have spyware!

    Wait....

  23. How about a bill by Anonymous Coward · · Score: 4, Funny

    That requires /. to change to damn theme for IT ... christ, I like my eyes ... why are you tring to blind me ...

  24. They will blow it. by BCW2 · · Score: 3, Insightful

    Just like can-spam. Because they make it too complicated. It is really a case of illegal electronic surveillance, just like an illegal wiretap. You shouldn't be allowed to do it without a court order. The last I heard that was already a felony.

    As usual they would rather pass a new pile of crap than enforce whats already on the books.

    --
    Professional Politicians are not the solution, they ARE the problem.
  25. RTFL: Read the Legislation by jfengel · · Score: 4, Interesting

    The article is actually rather devoid of information. If you want real data, you gotta go to the source: The Library of Congress.

    For example, many articles in this thread have talked about them burying the the notice in the EULA. From the House bill:

    The notice clearly distinguishes such notice from any other information visually presented contemporaneously on the protected computer.

    They call that "clear and conspicuous notice in plain language", and it goes on from there.

    As for enforcement: there's less spyware than spam. Spyware takes time to write, and it takes time to make it useful enough that dumb users install it. Claria is easily tracked down, and if they don't ask "This program will collect and transmit information about you. Do you accept?", they go to jail. Stupid users will click anyway, but "Against stupidity the gods themselves contend in vain" (Frederick Schiller).

    The solution isn't perfect: some malware writers will just move offshore, for example. But I have reason to believe that this legislation will do at least some good.

  26. Spying Politians by Mulletproof · · Score: 4, Interesting

    "The U.S. House of Representatives will vote as soon as next week on a measure to crack down on deceptive "spyware" that hides in users' computers and secretly monitors their activities."

    This one is a slam dunk. I mean, what government offical wants their computer to secretly monitored??? ^_^

    --
    You need a FREE iPod Nano
  27. IAAL who researched spyware.... by omarKhayyam · · Score: 3, Informative

    I researched spyware this past summer with a professor of mine at law school. The main flaw with all the proposed spyware legislation (there are around 10 pieces of it at the state and federal levels) is that it focuses on regulating "spyware" itself, rather than dealing directly with what bothers us about spyware. This is especially problematic because spyware is defined to cover a hopelessly broad array of software. As a result, two different legal issues have been handcuffed together. These two issues are information privacy and trespass.

    Information privacy covers all the collection and use/abuse of personally identifiable information. This concern is not unique to spyware. It also exists in the use of bank records, medical information, etc. The EU has done a better job than us of consolidating information privacy concerns into a coherent body of law. In the US we have a legal patchwork that covers each use of personal information separately.

    Trespass covers the installation, disclosure of functionality, and uninstallation of programs. There is a strong analogy here to real property, where you have some control over who comes onto your property, what they do there, and your right to expel them. One area that is in flux (and it is not unique to computer software) is that burying something in legalese in a license agreement may no longer be viewed as giving someone notice. This view is already being taken by some courts with regard to boilerplate contracts for products like cellphones.

    In the end, this legislation is flawed because the legislators failed to identify the distinct issues of information privacy and trespass and address them separately. Identifying and separating issues is rule #1 when it comes to the understanding the law. I would imagine this mistake was made because this law involves technology, which probably makes legislators think they need to write completely new law. Sometimes this is the case, but often it is better to extend the laws we have developed over hundreds of years.