Slashdot Mirror
Spyware Fines OKed By House
glimmy writes "The US House of Represenatives passed a bill that imposes fines on the use of Spyware by a majority of 399-1. This bill excludes programs used by the FBI or spy agencies, though."
← Back to Stories (view on slashdot.org)
How tight or loss will this definition be??? can any organization apply for it. Or will it be only for government spy agencies? How about foreign ones? The article has this line in it " The House bill approved Tuesday explicitly permits snooping software built by the FBI (news - web sites) or spy agencies secretly collecting information under a court order or other legal permissions affecting federal departments." Ok which courts? US? ones, how about if N. Kora spy agency got court orders to investigate some one in the US (ya right really like this will happen but just for the sake of the question please give me this one) will that be allowed? Now how about company X higher a company in China, that gets a general court order there to do spy ware, and lets say for further argument, lets say this chines corp gets "classified" a spy agency? Is that legal, or is the lay written that only US spy agencies? How about the spy agencies ones from our friends to the North Canada, lets say they are investigating some one that is part of organized crime there, but lives in the US? Or is this just another feel good law, like the can spam law? I would hope this does decrease spyware (but how many of these spyware organizations are just going to move off shore?) I am tired of cleaning it off of friends computers, (one reason I make it a part of my procedure, no mater what I do, I install spywareblaster)
Put on tin foil hats now?
I'm sure that I'll get other benefits as well. Maybe I can get search warrants for my former girlfriends new boyfriend.
It is worth looking into.
The Internet is full. Go Away!!!
Spyware isn't as secretive as they seem to think it was. Much of it is installed with full knowledge of it's existance, but many people ignore the functions of what they download. I really doubt this will do anything at all because people will keep downloading things like WeatherBug, and think that all it's doing is reporting the weather...
How would you like to be the one guy who voted no?
The dangers of knowledge trigger emotional distress in human beings.
Let me guess, microsoft will be the first officially US government sanctioned spy agency?
Osho
Maybe Ron Paul(R-Texas) would like a free web toolbar that will keep his computer clock accurate and inform him of deals on vacations, Viagara, and more...
They reason why Rep. Ron Paul voted against it is that he really sticks to what he believes, and one of the things he believes is that the goverment should stay out of transactions between private citizens.
I am not one way or another if I think he voted correctly on this or any issue in the past, but you have to admire one of the few people in DC that doesn't sell out what they believe.
Nice, but when are they gonna do the same thing for straight up ad-ware? Ad-ware has many virus like qualities and totally screw up your windows box, but if it isn't spyware then this bill won't touch it from what I can tell.
Barton acknowledged that experts had recently found more than 60 varieties of spyware installed on the panel's own computers. He said all the spyware programs had been installed without the permission of computer users.
Wow, I'm glad to see my tax money going to good use . . . funding an "expert" to figure out that spyware had been installed without permission! My tax dollars doing EXCELLENT work there! Hip Hip Hooray for government idiocy!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
I'm not a vegan because I love animals, I'm a vegan because I hate plants!
These companies like Claria (Gator) will just hire lawyers to make sure the agreement you click yes to will protect them from any legal action. I would love to see these companies put out of business, but the bottom line is people agree to installing this software. It sucks for me to remove it from my friends' computers, but that's just the way it is. No matter how much I convince them not to install free windows software or use firefox, they won't change their habits any time soon.
Still, it's a step in the "right direction."
So the state reserves the right to spy, but nobody else can do it. How is this gonna fit in with anti-terrorism laws I wonder?
Also, I wonder how close corps like the RIAA really are with the FBI, CIA etc. I wouldn't be surprised if favours are done...
the FBI exemption is fine by me as long as my 4th ammendment rights remain in place.
because if they have the right to spy on your computer, they also have the right to break down your door and arrest you.
and plus, I don't think that FBI spyware will be infectious or anywhere nearly as intrusive as the spyware most windows users see.
of course, this all doesn't effect me since I use a mac.
I could also avert the whole FBI thing by switching to BeOS or some other obscure platform which the spy thing hasn't been ported to.
really, all I think this is going to do is help catch scammers, spammers, virus writers, and script kiddies.
the ends are worth the means.
-- If you try to fail and succeed, which have you done? - Uli's moose
This bill excludes programs used by the FBI or spy agencies, though.
Because after all, the US Gov must reserve every right to monitor everything about it's citizens. With all those terrorists running around we can't afford to have ANY activity go unnoticed.
Engineering is the art of compromise.
Sounds too good to be true.
The bill's bans against spyware would begin 12 months after it becomes law and would automatically expire after 2009.
Oh, it is.
RTFA.
"The House voted 399-1 to approve the bill. Rep. Ron Paul (news, bio, voting record), R-Texas, who often votes against spending measures, cast the lone dissenting vote Tuesday. "
"In a world without walls and fences, who needs Windows and Gates?"
I'm more interested in the criminal provisions which are hopefully coming later this week. Taking away all the ill gotten money is just a nice bonus in my book, hopefully keeps anyone from thinking its a legitimate revenue stream. That and it should be easier to use against corporations which are generally very difficult to press criminal charges against.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
Well, I take it that one really enjoys his Gator to handle personal information and CoolWebSearch to find his pr0n. Maybe he thinks Intelimail does a better job of sorting his e-mail and Comet Cursor just looks pretty.
I wonder what the exact definition of spyware is according to that bill ?
/. when you read this is spyware, while the gator and 30 browserhijacks/toolbars/etc you volunteerly installed and accepted thru a 30 pages long eula isnt ?
Theoretically the cookie set by
Not to mention various pieces of software that installs on windows machines when you try play a regular audio CD..
Its imho a good thing to ban spyware, but im just really unsure what to ban..
Lifted out the definitions within the bill for those questioning. For the full bill follow this link. http://thomas.loc.gov/cgi-bin/query/D?c108:1:./tem p/~c108Rz52yN::
(3) SPYWARE PROGRAM- The term `spyware program' means any computer program or software that can be used to transmit from a computer, or that has the capability of so transmitting, by means of the Internet and without any action on the part of the user of the computer to initiate such transmission, information regarding the user of the computer, regarding the use of the computer, or that is stored on the computer. In issuing regulations to carry out this paragraph, the Commission shall distinguish spyware programs from other commonly used computer programs used to share information among computers in an organized network of computers.
(4) PAGE- The term `page' means, with respect to the World Wide Web, a location that has a single Uniform Resource Locator or other single location with respect to the Internet, as the Commission may prescribe.
(5) PERSONALLY IDENTIFIABLE INFORMATION- The term `personally identifiable information' does not include any record of aggregate data that does not identify particular persons, particular computers, particular users of computers, or particular email addresses or other locations of computers with respect to the Internet.
I stole this
Sometimes I wish I was a plumber, then I'd know how to deal with other people's shit.
This bill excludes programs used by the FBI or spy agencies, though.
You left this out from the article:
The House bill approved Tuesday explicitly permits snooping software built by the FBI (news - web sites) or spy agencies secretly collecting information under a court order or other legal permissions affecting federal departments. There excluded when they have a court order, issued by a judge for cause. They can't just do it willy nilly for kicks.
You know, cops can also run red lights and speed when they're chasing suspects too. On no! abuse of power!! Sheesh.
SIG:Slashdot: indymedia for nerds.
According to this article at News.com, it was "Rep. Ron Paul, R-Texas, a vocal libertarian who frequently says the federal government should not be policing the Internet, was the lone dissenter."
But why is the rum gone?
As long as the fines are payable to the person who had to deal with them and remove them then I'm fine.
) Human Kind Vs Human Creation
) It'd be interesting to see how many humans would survive to serve us.
Now I can expect popups saying, "Have you considered a carreer in Homeland Security?" And that familiar "Winners don't use drugs" screen from 80's arcade games.
Actually it was none of the above. It was an adherence to principles. Something rare these days.
Don't blame me, I didn't vote for either of them!
cheap labor conservatives - they want to keep you hungry enough to be thankful for minimum wage.
Some interesting questions come out of this:
1. Do corporations who install spyware on employees computers now face penalties? (unless of course the employee signed something consenting to the spying)
2. If I were to run a packet sniffer on a network, does that count as "spyware"?
How about 80 page disclaimer of legalise and jargon, and title it "Terms of use"? As if one would click "NO" after purchasing $1000 computer and then bothering to download whatever software you need for it.
I suggest you read Slashdot
...use spy ware? Huh?
My blog can kick your blog's ass
EULA
"According to this article [...], it was "Rep. Ron Paul, R-Texas."
He sure ain't toeing the official Republican party line on this one, is he? The Hon. Ron needs to change his party affiliation if'n he's gonna use common sense like that.
Make sure we dont forget that our favorite internet bottom-feeder, "GAIN/Gator", is not spyware. So, its immune from this legislation. It is more properly labled LetigiousWare: A reminder: A Gator executive said the suit, filed in U.S. District Court for the Northern District of California, was part of a larger strategy to educate spyware-removers about the company's software--and to put an end to the practice of calling it "spyware." "If we find anyone publicly calling us spyware, we correct it and take action if necessary," said Scott Eagle, Gator's senior vice president of marketing. In addition to going on the offensive against detractors, Gator has spent significant time in court defending its practices against the charges of companies that run Web sites that Gator has targeted with its ads.
The only PT Boat Journal on the web: http://www.PT171.org
That is what it all boils down to. I have accepted that as a computer user, hell even a citizen of todays culture, there are people out there that are eager to abuse and take advantage of me.
My computer is just one of the many ways they can do so. Many users have not come to terms with this. Vigilance is now part of computing and the internet.
The one guy that voted against the others has the right idea. The internet is bigger then America. The recent attempts by the American Government to control this beast are not only offensive to me as a Canadian but also stupid as it is easy for the makers of this software to simply move their operation.
Though I would love a flashing screen that says "Kazaa is installing spyware on your system" I don't see it a a viable option. Users need to be aware and accountable of their actions.
Computers as well as many things have been over-simplified and as a result we are now seeing these problems.
Burn Bright or Fade Away
opt in, not opt out
get Fed to pressure state banking departments to pull licenses of mortgage brokers for spam on first offense, making the mortgage broker as beneficiary, not email sender the violator, thereby negating all the brokers evading can-spam through affiliate programs
Stop fax.com from daily spamming my home fax machine by holding them responsible by following the money instead of trying to figure out forged headers
Nail real estate brokers, and pull their licenses by following the money in the spam, not trying to follow forged headers
get SEC to delist penny and dollar public companies that hire pr companies and pay them in stock and cash to spam my fax machine via fax.com
Over a ten year period, remove ability of banks to write off losses on credit card fraud, thereby lighting a fire under their asses to cooperate with individual victims instead of ignoring them. Instead of sticking the taxpayers with 100% of the losses, they should be limited to 90% next year, and 10% less every year after that, until they get ZERO writeoff, while preserving mandatory consumer protection. This will seriously rearrange their attitude on fraud, instead of passing the buck to the taxpayer, and doing nothing to help consumers.
Follow the money on investigations of spamming. Create Social Security numbers for investigators to use with other created identity info, and get the new cooperation of the banks through their lost deduction above, and get them to participate in follow-the-money spam investigations, sharing seized money and assets to cover bank and investigative agency expenses.
Stop the stupid do not spam list dead in its tracks, an idea a spammer testified in front of Congress as a "target-rich" list he'd like to get his hands on. And don't let Schumer knock you over when he sees the news cameras while killing this stupid, stupid idea. The tip for watching out for Schumer running to get in front of news cameras comes from reporters commenting on his tactics probably more than ten years ago, and watching his hunger for the camera since then. Be careful. And call him on this stupid, stupid idea.
make a web site devoted to outing Congress members who support the direct marketing association and other spammers instead of consumer in boxes. And keep track of who the good guys are, so that voters clearly know where their Congress person has voted on over the years.
Feel free to add, modify, or tear down my ideas. But don't let them die, as following the money and pulling licenses of licensed industry spammers is very effective. It will stop mortgage brokers from buying spamming services and using affiliate programs to skirt the law almost overnight as soon as a few dozen mortgage brokers lose their licenses. This can be done in one investigation in the first year.
And, above is just opinion, hoping to get ideas into someone in a position to make a difference, since I missed the deadline in submitting the comments to the FTC, so hopefully some Congress person's assistant reads this. So add, tear down, keep re-posting similar comments on future stories, just don't mod me down too much as I've been banned after getting modded up to 5, then down to 0 then up a few, then down 1, and then changing my subnet to try and defend a post after getting banned, and getting banned for months for changing my ip to a different one in the same subnet and posting after getting banned. So go easy. I learned my lesson and trying to make my karma (from my ip even though I'm posting anon) a bit better. Thanks for allowing me to vent.
Today I got a call from one of our clients we take care of about spyware problems. Now they have all the latest and greatest in cleaning tools. They all are net savy and don't click every box that pops up. Well some got so bad today they wouldn't function. The woman's in charge was the worst and I know this lady does know how not to screw things up and she was swearing up and down. "I haven't done anything!"
Well 4 hours later for 2 people we get everything cleaned back up. I set the "Tea Timer" on Spybot S&D and set it to show a prompt when it hit something. (setting the prompt is something I have never done before). I fire up IE and the home page is msn.com and BANG "Cannot download file AvenueA, Inc". FROM MSN!!!! Yes folks trying to download in the background from an ad image. Coming from machine name view.atdmt.com and it hiding behind the image trying to sell you msn broadband service!!!
They call this "Trusted Computing"?
Yes friends not only will MS sell you a holey OS but then we will pirate it from you using their own exploits in their browser!
I called MS and of course it wasn't us. (even offer to send them the logs and the captures from the network, but I don't know what I am talking about...) After 3 hours I talked with a supervisor that "acted" like he cared. Well log files don't lie and neither do I.
No this is no joke. I wish it was. At least the problem is solved for our client. We blocked msn at the firewall
A point about this I'm not really a M$ basher hell I've made my living on NT since 3.51. True I perfer Linux but have always siad that M$ was ok and you could TRUST them. Well that ended that today. As I said I don't lie especially to people who are paying me and putting their trust in me so the next time I am asked "Can you trust Microsoft?" the answer will be NO!
If I work for an employer and they monitor me via Spyware, they can be fined!
If I browse an Internet ad that installs Spyware, the host of that ad can be fined for infecting my system.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
So will it make it past the Senate and the White House?
The poster takes a lot of liberties with the defintion of "spy agencies". Here's the limitations, according to the current version of the Bill:
SEC. 5. LIMITATIONS.
(a) Law Enforcement Authority- Sections 2 and 3 of this Act shall not apply to--
(1) any act taken by a law enforcement agent in the performance of official duties; or
(2) the transmission or execution of an information collection program in compliance with a law enforcement, investigatory, national security, or regulatory agency or department of the United States in response to a request or demand made under authority granted to that agency or department, including a warrant issued under the Federal Rules of Criminal Procedure, an equivalent State warrant, a court order, or other lawful process.
(b) Exception Relating to Network Security- Nothing in this Act shall apply to any monitoring of, or interaction with, a subscriber's Internet or other network connection or service by a telecommunications carrier, cable operator, or provider of information service or interactive computer service for network security purposes, diagnostics or repair in connection with a network or service, or detection or prevention of fraudulent activities in connection with a service or user agreement.
(c) Good Samaritan Protection- No provider of computer software or of interactive computer service may be held liable under this Act on account of any action voluntarily taken, or service provided, in good faith to remove or disable a program used to violate section 2 or 3 that is installed on a computer of a customer of such provider, if such provider notifies the customer and obtains the consent of the customer before undertaking such action or providing such service.
I just spent a while this weekend trying to remove dozens of these things from my parents' laptop and I decided the main problem are three things in windows:
1. IE shouldn't be "customizable" by other apps at all, period. Any extra browser bars added on should be able to be seen and removed (permanently) just by going to the "View > Toolbar" menu.
2. There should be one easy way to see for sure what programs are running at startup and decide if you want them to or not. It'd be nice if you didn't have anything in your "startup" folder if nothing started up when windows booted! Somehow, that's not the case. Being able just to stop these things from auto-starting when you do get one would be 99% of cure.
3. Every application should be able to be fully uninstalled from the "add/remove programs" area.
If these three things just worked, spyware would soon be a dim memory of the early 2000s!
Section 1B would seem to me to cover what Verisign did a while back when they were redirected unregistered domain names, or am I mistaken? Any lawyer types care to comment?
Keith D.
I want to know the names of the spyware produced by FBI, CIA, or NSA. Any help would be much appreciated !!
Oh, don't worry. I'm sure that your interest has been noted.
This is an American law affecting American companies, american citizens, and american institutions. Set up shop outside the border and you're immune, sadly.
'Fraid not.
Installing spyware on a computer in the US (even if you do it from outside the US) is an act that has a nexus in the US (the instalation of the spyware). It's the same case as a civillian in Mexico or Canada firing across the border and killing someone in the US. So the US has NO problem in declaring that a crime has been committed in the US and going after someone outside.
If the jurisdiction the bad guy is in also has such a law and an extradition treaty with the US he may just be shipped over here.
Alternatively, he can be captured and brought back extrajudicially (i.e. by a bounty hunter) or grabbed while in US territorial waters, international waters, on a US-flagged ship, on a plane that touches down in a US airport, or a number of other ways. While the snatch might not be legal where he was, that will cut no ice with the courts once he's here.
Or he can be tried in absentia and any assets the US can reached siezed.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
People want to enjoy the benefits of using computers, but don't want to be responsible for what they do with them.
A computer, after all, is a tool that we use. What it does it does on our behalf. It only does what we tell it to.
If I choose to buy a computer with spyware, or whatever, on it, I am choosing to buy a computer with that software on it. If I choose to install a piece of software, I am choosing to install that piece of software. If I choose to make these choices without finding out what these pieces of software actually do, I am making that choice, and am responsible for the consequences.
But hang on. One of the wonderful things about computers, about software, is that we don't need to read the software in order to use it. The computers do that on our behalf. One of the most wonderful things about software is how we can use it without finding out every single thing that it does.
On the one hand, I am responsible for what I have my computer do, I am responsible for what I allow my computer to do. But on the other, one of the greatest benefits - if not the greatest benefit - of software is that I don't need to find out everything about what it actually does in order to use it.
Open Source is itself a solution to this problem. It's really just peer review. It's open, it's transparent, it's democratic, and it works. By choosing open-source software, and by choosing the right open-source software, I am choosing software that has been, and continues to be, thoroughly and publicly peer-reviewed. If I'm not sufficiently satisfied, I can still examine the source code myself, or hire someone to examine it for me. Wonderful!
The point of this is that it is possible to reconcile taking responsibility for software choices with the benefit of being able to use software without having to read all the way through it. This means that there is no excuse for using software, or allowing computers to do 'unintended' things, without taking responsibility for that.
But many users now seem so steeped in a culture of 'blame the computer', 'blame the software providers', and so on, that re-education is what's really required. Of course, it's more than understandable that so many computer users have ended up with this 'I'm not responsible!' attitude - how can they be when the only software available is effectively secret? How can users be responsible for what the software does when they can only go by what the providers of that software tell them?
If I have a choice between a piece of open-source software, and a similar piece of closed-source software, and I choose the closed-source software, I am choosing to use that software even if it does other stuff that I don't even know about. I would have to take responsibility for that, as I could have chosen the open-source, peer-reviewed software instead.
But if there isn't an open-source option available - what then? How are users supposed to know whether or not a piece of software they need isn't going to do something they'd never agree to? Users need to demand open, independently-verifiable software. But for that to happen, users first need to be educated.
The new law in the US is the wrong solution to an unnecessary problem. It further reinforces the idea that we are not responsible for what our computers do on our behalves. It panders to those who want to enjoy their rights, but don't want to be responsible for the consequences of how they exercise those rights. It treats computer users like children who are too young to take responsibility for their own choices.
We need to work to liberate computer users from the shackles of misconception.
Freedom of expression includes the freedom to seek, receive and impart information and ideas expressed in software form.
>They only get installed via user consent.
No.
I spent a couple of years working with laywers and asked them to decode a couple of these spyware EULAs. They really couldn't. The language is purposely bad and misleading and written in a way to play down any privacy violations. If people knew what they were getting into they wouldnt install this stuff.
Spyware by its nature already is illegal in many jurisdictions.
Some "installers" are really just browser exploits.
>You don't outlaw mere annoyances.
Yes you can. At 3am my neighbor can't blast his stereo and keep me up all night. Its illegal to leave dog poop on the street. etc. I live in the real world not in the libertarian magical fairy forest.
Lastly, Ron Paul is richer than you and me and can easily pay someone to clean out his PC every so often. This is not an option for most users. It should be self-evident that "libertarianism" is just a fancy way to say "classism" as those with wealth can get goods, services, peace and quiet, etc that others should have access to.
See also: the cronyistic Ownership Society
(2) Modifying settings related to use of the computer or to the computer's access to or use of the Internet by altering-- (A) the Web page that appears when the owner or authorized user launches an Internet browser or similar program used to access and navigate the Internet; (B) the default provider used to access or search the Internet, or other existing Internet connections settings; Section 2A Microsoft are chargable as MSN Messenger ask you if you want to set your homepage to MSN Today (Box ticked by default) Section 2B Google Labs are chargable beacuse the Google Toolbar asks you if you want to set your search page to Google (Box unticked by default)
Have you metaroderated recently?
Not before time.
Dude, it was a cookie. I've gotten plenty of Spybot warnings about Avenue A as well and every last one of them have been about cookies. What you're seeing is a third party advertiser attempt to set a cookie from their ad in order to track you. I think I'm not alone in saying that I'd prefer not to be tracked, but wouldn't call it Spyware and wouldn't blame Microsoft one bit for allowing a cookie to be set.
Hatch is a Senator. This is a House Bill
The lone holdout was Rep. Ron Paul, a libertarian-leaning Republican Congressman from Texas.
Also have you bother to check on what Avenue A does for a living? They sell data on companies. What to but information from your competitor? Want to find out how he's bidding work. Well they will sell you this info! Now how exactly do they harvest this information. Know how to say "Data Mining".
Spybot didn't give an error when I went to this companies internal site which uses session cookies. Whatever you say thier is more going on here than just cookie's and milk.
A while back, public schools were required to install content filters. These divert the intended porn web page to a web page saying "naughty, naughty". I guess this become both required and banned under Law.