Slashdot Mirror

← Back to Stories (view on slashdot.org)

California Sets Fines for Spyware

Posted by CowboyNeal on from the pay-to-play dept.

aj50 writes "The BBC has the story that California is introducing new laws to help eradicate spyware. The bill bans the installation of software that can be used to take over another computer and allows customers to seek $1000 in damages if they've fallen victim to this kind of malicious software. Can this really help cut down spyware or will it just be another fatally flawed piece of legislation?"

17 of 199 comments (clear)

  1. Yep, bad legistlation... or maybe it's the summary by Rahga · · Score: 4, Funny

    "The bill bans the installation of software that can be used to take over another computer..."

    Goodbye, SSH. I'll miss you.

  2. Re:Yep, bad legistlation... or maybe it's the summ by Anonymous Coward · · Score: 5, Funny
    Goodbye, SSH. I'll miss you.

    Goodbye, Windows.

  3. Watch out for the loophole! by IO+ERROR · · Score: 5, Insightful
    Read the law for yourself. It was signed September 28 and takes effect today (January 1).

    Among other things, this bans unauthorized installation of keyloggers, spam sending/relaying software, zombies, and disabling your anti-virus or anti-spyware software.

    However, and this is a big however, they grant a blanket exception to your ISP or network admins. "Nothing in this section shall apply to any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by a telecommunications carrier, cable operator, computer hardware or software provider, or provider of information service or interactive computer service for network or computer security purposes, diagnostics, technical support, repair, authorized updates of software or system firmware, authorized remote system management, or detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing software proscribed under this chapter."

    You could probably drive a truck through a loophole like that.

    --
    How am I supposed to fit a pithy, relevant quote into 120 characters?
    1. Re:Watch out for the loophole! by krymsin01 · · Score: 4, Insightful

      Yeah, especialy the "provider of information service or interactive computer service for network or computer security purposes" under which all websites, or programs used for accessing p2p networks, fall under.

      Good work people!

      --
      stuff
    2. Re:Watch out for the loophole! by Chess_the_cat · · Score: 4, Interesting

      Or "software provider" which would cover the spyware authors themselves. Surely Claria Corporation is a software provider.

      --
      Support the First Amendment. Read at -1
    3. Re:Watch out for the loophole! by mtrisk · · Score: 4, Interesting

      or detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing software proscribed under this chapter

      I think they just made it explicitly legal for the MPAA, RIAA, or BSA to install spyware on your computer to counter copyright infringment. What a shame, a rotten egg in a perfectly good law.

      --

      Without a proper flamewar, Anonymous was undecided on what shell to run.
    4. Re:Watch out for the loophole! by WolfWithoutAClause · · Score: 4, Interesting

      Yes, but only if it is for "detection or prevention of the unauthorized use or fradulent or other illegal activities in connection with a network". Collecting statistics for advertising purposes doesn't count. They might try for dual use, but the law actually makes the second use illegal.

      --

      -WolfWithoutAClause

      "Gravity is only a theory, not a fact!"
    5. Re:Watch out for the loophole! by generic-man · · Score: 4, Funny

      Can you say MPAA/RIAA?

      I can't. I tried, It came out sounding like "um-pahh, ree-ahh." My family thought I was speaking in tongues.

      --
      For more information, click here.
  4. Money not worth the effort. by mankey+wanker · · Score: 4, Insightful

    The fine is too weenie. They need to do for consumers what they do for the likes of the RIAA and MPAA - give consumers something with which they can beat spyware vendors into submission.

    But that won't happen because they don't really give a shit about "consumers" as long as they continue to consume. When we consume we fulfill our political function.

  5. Well by definitions is where it might fail? by Saven+Marek · · Score: 5, Insightful

    If you define spyware as they say in the article as "the installation of software that takes control of another computer." then it sounds broken already to me

    Spyware does not have to take control of a computer.

    It can be as simple as sending back browsing habits so cookies can, even, be not so far away from some spyware then,

    Or it can just send credit card details or other browsing habits or snoop in places it shouldnt. All without "taking control" of another computer.

    The devil is in the details. I would like to see what kind of software it really is defining as spyware.

    Great Macintosh Support

  6. Yes! by kngthdn · · Score: 5, Interesting

    The RIAA should be fined millions for their infected WMA files.

  7. Huh? by FiReaNGeL · · Score: 4, Insightful

    What's stopping me of 'getting infected' with some adware / spyware / malware and claim the money? Is there some legal procedures to go throught? How are they gonna prove that I didn't install them?

    --
    Eureka Science News - automatically updated
  8. Did they use the right language to be effective? by WidescreenFreak · · Score: 5, Insightful

    The state's Consumer Protection Against Spyware Act bans the installation of software that takes control of another computer.

    I'm really concerned about this type of language. The effectiveness of this really comes down to "How do you define 'takes control'?" Snooping where you go in the Internet is not "taking control". I don't even know that pop-up advertisements can really be called "taking control" since I have ultimate control over the power button as well as the network plug in the back of the computer. Even if there is spyware installed, I have control over installing another browser or installing spyware removal software. VNC, PC Anywhere, and other such tools are meant to truly "take control" of a system, but they're obviously not spyware. I'm also concerned about spyware being used at the threat. I would think that viruses and spambots would me the obvious targets, but do they "take control" or do they just "steal CPU cycles"?

    The article didn't go into great detail on this particular matter. How can one really define "taking control" if something ever goes to court on this? Or is it possible that this was just a bad choice of words on BBC's part?

    --
    The Overrated mod is for reversing inappropriate, positive mods, not for voicing disagreement with a post.
  9. Re:Yep, bad legistlation... or maybe it's the summ by Kjella · · Score: 4, Informative

    (d) Nothing in this section shall apply to any monitoring of, or interaction with, a subscriber's Internet or other network connection or service, or a protected computer, by a telecommunications
    carrier, cable operator, computer hardware or software provider, or provider of information service or interactive computer service for
    network or computer security purposes, diagnostics, technical support, repair, authorized updates of software or system firmware,
    authorized remote system management, or detection or prevention of the unauthorized use of or fraudulent or other illegal activities in
    connection with a network, service, or computer software, including scanning for and removing software proscribed under this chapter.

    I skimmed through the bill text found here, and it seems fairly well worded. However, it doesn't solve the actual problem. An "authorized user" can still be suckered pretty much as before.

    Kjella

    --
    Live today, because you never know what tomorrow brings
  10. Plan for world domination by didjit · · Score: 4, Funny

    1. Setup insecure windows box.
    2. Intentionally get infected with spyware.
    3. Profit!

  11. software that can be used to take over another by frovingslosh · · Score: 4, Interesting
    Yea, I question the wisdom of this wording too. On the one hand my first bad experience with spyware was a piece of software that had Internet supplied advertising in it. I didn't mind the advertising at all and welcomed the chance for the author to earn a few bucks, even occasionally clicked on an ad. But after a lot of users of the software started reporting very strange problems with it I investigated and found that the advertising company was Aureaut, and that the software did a lot more than just display ads. Worse, it contained a "feature" that would let Aureaut download and run any program on your machine. This was supposedly in there so they could update their software, but the potential for abuse was obvious and complete.

    Unfortunately, I don't see how the ban on installation of software that can be used to take over another computer... can be enforced, without completely outlawing any software upgrade service. Maybe the law is better worded than the article, but from experience I have my doubts.

    --
    I'm an American. I love this country and the freedoms that we used to have.
  12. Re:Group Fights Back by njcoder · · Score: 4, Interesting

    $1,000? That's small enough for a small claims court. Things are a bit easier in small claims court. Imagine the impact of a million small claims court cases vs one large class action lawsuit where the only one that wins are the attorneys.

    --
    Open Source Java DAO Generator