Slashdot Mirror
House To Enact Anti-Spyware Law
Stephen Samuel wrote to mention that the U.S. House of Representatives has readied the aptly acronymed Securely Protect Yourself Against Cyber Trespass Act (SPY ACT) for law. MS-BS has an article claiming that the bill allows a loophole for the makers of proprietary software. The issue at hand concerns Section 5, paragraph b, subsection 2, under the heading of limitations. The law does not apply to: "(2) a discrete interaction with a protected computer by a provider of computer software solely to determine whether the user of the computer is authorized to use such software, that occurs upon (A) initialization of the software; or (B) an affirmative request by the owner or authorized user for an update of, addition to, or technical service for, the software." The law, then, would disallow Gator and their ilk but would not hamper Microsoft's Genuine Advantage Program. More complete commentary is available at TechReview and About.com.
What about all those who signed the Gator/Gain network EULA which prohibits the removal of said spyware/adware from PCs?
Sure, some of the "legitimate" US companies pushing this stuff will obey the new law, but it's not going to do a thing to stop people in other jurisdictions or criminals who just don't care what the law says.
Kind of like "Gun Control" I might add.
Ha, ha! Nobody ever says Italy.
Two positive thoughs on this.
One - if written and applied correctly in the US, at least it is a legal tool against some of the spyware, making it more costly for them.
Two - if it's somewhat successful, it may make Congress look back at CAN-SPAM and fix it.
Okay I'm optimistic here.
Spyware is a technical problem. Congress and the public should have learned from the CAN SPAM act, more accurately called "You Can Spam" Act. Spam is at an all-time high.
People don't read click-thru licenses now, what makes anyone think they're going to read them in the future?
The antivirus companies, who already have the technology and infrastructure, need to extend their scanning of executables to include ANY software that collects data and phones home. Make a big list and update it with the AV updates. When anything is installed that hit the list, pop up a big "POTENTIAL SPYWARE - ARE YOU SURE?" box.
Yet another "vote for me, I feel your pain" law isn't going to do anyone any good.
-Charles
Learning HOW to think is more important than learning WHAT to think.
I can't wait for the Congress to protect us from spyware as effectively as they've protected us from spam.
--
make install -not war
I can only hope that this piece of legislation is considerably less effective than the CANSPAM Act. Compliments of the CANSPAM Act, spam is worse. We don't need another cure like that. If the U.S. Congress is our only hope of rescue from spyware, just shoot us now rather than prolong the misery. After all, this crew is the same one that brought us the DMCA and we all know what a resounding success that has been!
Or not. Your mileage may vary.
You must be the change you wish to see in the world - Ghandi
This won't be hard to get around. Every user is by now thoroughly desensitised to seeing click-through EULAs for any software they install. So, after this law, paragraph 135.62.4.3.1 on the EULA for your latest Swimsuit Babes Screensaver package is "Oh yeah, and we're sticking Gator on your PC as well, ok?"
User, as ever, scrolls to bottom of 100 page document in 3 seconds flat, clicks agree, and off we go as before.
If 'technology' patents in the EU end up as silly as those in the US, we could probably stop spyware/adware by patenting
"A program that installs itself without the user's knowledge, possibly by coming bundled in another package, monitors the user's internet activity and then displays (un)targetted advertising"
Could probably stop spam too similarly.
Patent adverts and compulsary user-registration and we wouldn't need the adblock and bugmenot extensions.
Actually, there is no problem with this, and it is not genuine spyware tactics. Sorry if I start a flamewar here, but if you insist on using Windows, then you should be paying for it and they have every right to inspect your machine to see if you are. This is the aggreement you sign up to.
Also, I don't see how this affects programs loke Gator as g. parent suggests. They are playing by the same rules. If their software doesn't comply, they should be able to make changes without significantly altering it.
Anyway, it's not my problem I don'r use Windows. Good luck!!.
Anyway, spyware will probably find a way to evolve with this..
This, like Can Spam and others, will have no effect until it starts putting people in prison for some Mitnick-style hard time. It will be especially effective if it puts people who wear suits to work into prison. Until that happens, it is to laugh.
Some mornings it's hardly worth chewing through the restraints to get out of bed.
So wouldn't this be the SPY ACT Act?
Yes, it should. But it took a pool of congressional interns 1000 man-hours to come up with that name. If you want better names, income taxes will have to be raised by 0.1% to account for more time.
Likewise, if we didn't come up with a cutesy acronym or nickname for every bill through congress, taxes might be lowered by the same amount.
Slashdot Syndrome: the sudden, extreme urge to correct someone in order to validate one's self.
I'd take a long hard look at exactly what goes into this bill.
...how can you call yourself an American? /sarcasm
It seems like lawmakers like trendy acronyms (PATRIOT Act, CAN-SPAM, etc.) that disguise undesirable things behind a hard-to-challenge facade.
Didn't vote for the PATRIOT Act?
Still, I'd be much happier with names like "HR-98-101" or something similar.
The trouble seems to be:
1. That MS (or whoever) gets to search my private property without evidence -- or even probable cause -- even though there's no illegal software on my computer.
2. That if MS can do it, so can any fly-by-night company that is set up purely for the purpose of spying on me through my computer, once I install their software.
Exam 4/C again. Maybe I'll do better this time.
So don't install some fly-by-night company's software.
Le français vous intéresse?
Why, it's those cut ups from the BSA.
step 1. create loophole for self to aggregate information from unsuspecting end lusers.
2. offer spyware removal tool to assist said end luser in hanging self.
They can protect their property. The objection is that I have an equal right to protect MY property from MS intrusion. However, I don't have the means to bribe Congress to give MY rights precedence over MS's. I wonder if Koreaman would applaud a law allowing Ford Corp to randomly break into garages because there have been thefts of Tauruses?
against bill names that form acronyms. Of course the penalty woulf be death, since it is a blatant attempt to destroy the democratic proccess.
-- 'The' Lord and Master Bitman On High, Master Of All
I really don't care what they call it, what's important is if they can enforce it! The CAN-SPAM act has had some results, but it is still a far cry from stopping the majority of spam. The question lies in whether this bill is going to be used to prosecute the people resposible for the spyware, or if it's just been made to make people think that the government is going to address the issue.
- "I reject your reality and substitute it with my own", Adam Savage
The flawed UTICA was the opposite. Like today's EULA, it requires me to consult a lawyer and do hours of review and analysis for a piece of software I may have picked out of the bargain bin at Walmart (if we had one in Chicago) for $20. That is absurd. The UTICA was the lawyer full employment act of 2001.
Other areas have this regulation such as credit cards. Did you ever wonder why all the companies were so nice as to provide a boilerplate section indicating their annual fee in easy to read text?
I believe books once tried this stunt with several pages of "license" at the front which generally forbid resale and lending from libraries. The Supreme Court struct this down creating the "first sale" doctrince, which is on life support today.
Therefore, for cheap software (less that $1000) I motion we standardize the EULA's that are permissible. Perferrably to one with a dozen checkboxes for the reasonable variation among verdor wishes. Does anyone care to draft it?
1.) Gator which is now Claria bought a mailbox in bulgaria so they are technically not a us company anymore even though they reside here. If they are not under US jursidiction the law then could not be applied to them if the software is distributed from an oversea's server.
2.) Gator will claim they are not really tracking your urls or keystrokes but are just checking to make sure you are not pirating their software. The clause in italics mentioned in this article can be used by the spammers and spywhere makers to pretend they are offering you a service and checking your membership.
Many spyware companies also use products like bandwith increaser which also include spyware. Since its a service the company who makes it is immune.
http://saveie6.com/
OK, folks, let's step back a bit and see if we can see the forest instead of just the trees.
Spyware is something relatively new. Recently, it has become epidemic. People are screaming for relief, from both the lawmakers and the software industry.
The industry has responded, somewhat grudgingly, with limited spyware removal products. None are outstanding.
The lawmakers, as usual, are clueless. Of the hundreds of lawmakers at the state and federal level, only a small percentage are technically savvy. And those that are technically savvy are usually junior, and do not have the political equity or clout to bring about real change yet.
But the lawmakers feel like they have to do something to stem the panic on the part of the people. What are they going to do?
Enter Microsoft. Besides being a number one marketing firm (for their own products, of course) they have one of the finest set of lawyers in the business. Now who better than a small team of Microsoft lawyers could assist the lawmakers with laws concerning this brave new world of spyware?
Of course, I would not put it past Microsoft to engineer small backdoors in the law to allow them to continue doing what they do best-- attempting to take over the entire planet.
Remember, these are the people that write bulletproof EULAs-- do you want them helping to make law now?
Or google's never expiring tracking cookie. It aint there just for your "prefs."
Spyware and datamining need to be controlled, or at least made in a way which gives the user an obvious choice. Same with tivo. I didnt appreciate being put into their datamining program by default. These companies needs to change, and if legislation is the only way to do so, then go for it.